All the vulnerabilites related to Adobe - Acrobat Reader
var-201510-0343
Vulnerability from variot
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5586, CVE-2015-6684, CVE-2015-6687, CVE-2015-6688, CVE-2015-6689, CVE-2015-6690, CVE-2015-6691, CVE-2015-7615, CVE-2015-7617, and CVE-2015-7621. This vulnerability CVE-2015-5586 , CVE-2015-6684 , CVE-2015-6687 , CVE-2015-6688 , CVE-2015-6689 , CVE-2015-6690 , CVE-2015-6691 , CVE-2015-7615 , CVE-2015-7617 ,and CVE-2015-7621 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. Adobe Acrobat and Reader are prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A use-after-free vulnerability exists in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0343",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005240"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-196"
},
{
"db": "NVD",
"id": "CVE-2015-6683"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005240"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri of HP Zero Day Initiative, Bill Finlayson of Vectra Networks, bilou working with VeriSign iDefense Labs, James Loureiro of MWR Labs, kdot working with HP\u0027s\u0027s Zero Day Initiative, Wei Lei and Wu Hongjun of Nanyang Technological University w",
"sources": [
{
"db": "BID",
"id": "77064"
}
],
"trust": 0.3
},
"cve": "CVE-2015-6683",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-6683",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-84644",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6683",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-6683",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-196",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-84644",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84644"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005240"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-196"
},
{
"db": "NVD",
"id": "CVE-2015-6683"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5586, CVE-2015-6684, CVE-2015-6687, CVE-2015-6688, CVE-2015-6689, CVE-2015-6690, CVE-2015-6691, CVE-2015-7615, CVE-2015-7617, and CVE-2015-7621. This vulnerability CVE-2015-5586 , CVE-2015-6684 , CVE-2015-6687 , CVE-2015-6688 , CVE-2015-6689 , CVE-2015-6690 , CVE-2015-6691 , CVE-2015-7615 , CVE-2015-7617 ,and CVE-2015-7621 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. Adobe Acrobat and Reader are prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A use-after-free vulnerability exists in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6683"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005240"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "VULHUB",
"id": "VHN-84644"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6683",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005240",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201510-196",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-15-508",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-470",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-493",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-469",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-474",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-492",
"trust": 0.3
},
{
"db": "BID",
"id": "77064",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84644",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84644"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005240"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-196"
},
{
"db": "NVD",
"id": "CVE-2015-6683"
}
]
},
"id": "VAR-201510-0343",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84644"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:37.034000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Remediation measures for reusing vulnerabilities after product release",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58045"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005240"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-196"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84644"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005240"
},
{
"db": "NVD",
"id": "CVE-2015-6683"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "https://www.verisign.com/en_us/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1206"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6683"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6683"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-469/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-470/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-474/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-492/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-493/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-508/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84644"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005240"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-196"
},
{
"db": "NVD",
"id": "CVE-2015-6683"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-84644"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005240"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-196"
},
{
"db": "NVD",
"id": "CVE-2015-6683"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84644"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77064"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005240"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-196"
},
{
"date": "2015-10-14T23:59:04.467000",
"db": "NVD",
"id": "CVE-2015-6683"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-18T00:00:00",
"db": "VULHUB",
"id": "VHN-84644"
},
{
"date": "2015-10-26T17:00:00",
"db": "BID",
"id": "77064"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005240"
},
{
"date": "2020-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-196"
},
{
"date": "2021-09-08T17:19:31.437000",
"db": "NVD",
"id": "CVE-2015-6683"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-196"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005240"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-196"
}
],
"trust": 0.6
}
}
var-201510-0338
Vulnerability from variot
The CBSharedReviewSecurityDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability is CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 This is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be bypassed. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the CBSharedReviewSecurityDialog method. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the CBSharedReviewSecurityDialog method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0338",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-502"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005278"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-234"
},
{
"db": "NVD",
"id": "CVE-2015-6721"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005278"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Matt Molinyawe and Jasiel Spelman of HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-502"
}
],
"trust": 0.7
},
"cve": "CVE-2015-6721",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6721",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.7,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-6721",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84682",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6721",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6721",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-6721",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-234",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-84682",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-502"
},
{
"db": "VULHUB",
"id": "VHN-84682"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005278"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-234"
},
{
"db": "NVD",
"id": "CVE-2015-6721"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The CBSharedReviewSecurityDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability is CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 This is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be bypassed. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the CBSharedReviewSecurityDialog method. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the CBSharedReviewSecurityDialog method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6721"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005278"
},
{
"db": "ZDI",
"id": "ZDI-15-502"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "VULHUB",
"id": "VHN-84682"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6721",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-502",
"trust": 2.4
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005278",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3086",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-234",
"trust": 0.7
},
{
"db": "BID",
"id": "77074",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84682",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-502"
},
{
"db": "VULHUB",
"id": "VHN-84682"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005278"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-234"
},
{
"db": "NVD",
"id": "CVE-2015-6721"
}
]
},
"id": "VAR-201510-0338",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84682"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:32.732000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product Privilege License and Access Control Vulnerability Fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58083"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-502"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005278"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-234"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84682"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005278"
},
{
"db": "NVD",
"id": "CVE-2015-6721"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-502"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6721"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6721"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-502"
},
{
"db": "VULHUB",
"id": "VHN-84682"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005278"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-234"
},
{
"db": "NVD",
"id": "CVE-2015-6721"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-502"
},
{
"db": "VULHUB",
"id": "VHN-84682"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005278"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-234"
},
{
"db": "NVD",
"id": "CVE-2015-6721"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-502"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84682"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005278"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-234"
},
{
"date": "2015-10-14T23:59:42.713000",
"db": "NVD",
"id": "CVE-2015-6721"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-502"
},
{
"date": "2020-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-84682"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005278"
},
{
"date": "2020-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-234"
},
{
"date": "2021-09-08T17:19:32.360000",
"db": "NVD",
"id": "CVE-2015-6721"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-234"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of CBSharedReviewSecurityDialog In the method JavaScript API Vulnerability bypassing execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005278"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-234"
}
],
"trust": 0.6
}
}
var-201510-0374
Vulnerability from variot
The Function bind implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the bind method of Function objects. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. There are security vulnerabilities in the function binding implementation process of multiple Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0374",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-490"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005271"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-227"
},
{
"db": "NVD",
"id": "CVE-2015-6714"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005271"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WanderingGlitch of HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-490"
}
],
"trust": 0.7
},
"cve": "CVE-2015-6714",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6714",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-6714",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-6714",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84675",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6714",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6714",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-6714",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-227",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-84675",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-490"
},
{
"db": "VULHUB",
"id": "VHN-84675"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005271"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-227"
},
{
"db": "NVD",
"id": "CVE-2015-6714"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Function bind implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the bind method of Function objects. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. There are security vulnerabilities in the function binding implementation process of multiple Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6714"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005271"
},
{
"db": "ZDI",
"id": "ZDI-15-490"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "VULHUB",
"id": "VHN-84675"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6714",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-490",
"trust": 2.4
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005271",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3066",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-227",
"trust": 0.7
},
{
"db": "BID",
"id": "77074",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84675",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-490"
},
{
"db": "VULHUB",
"id": "VHN-84675"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005271"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-227"
},
{
"db": "NVD",
"id": "CVE-2015-6714"
}
]
},
"id": "VAR-201510-0374",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84675"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:36.294000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product Privilege License and Access Control Vulnerability Fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58076"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-490"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005271"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-227"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84675"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005271"
},
{
"db": "NVD",
"id": "CVE-2015-6714"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-490"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6714"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6714"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-490"
},
{
"db": "VULHUB",
"id": "VHN-84675"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005271"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-227"
},
{
"db": "NVD",
"id": "CVE-2015-6714"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-490"
},
{
"db": "VULHUB",
"id": "VHN-84675"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005271"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-227"
},
{
"db": "NVD",
"id": "CVE-2015-6714"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-490"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84675"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005271"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-227"
},
{
"date": "2015-10-14T23:59:36.147000",
"db": "NVD",
"id": "CVE-2015-6714"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-490"
},
{
"date": "2020-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-84675"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005271"
},
{
"date": "2020-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-227"
},
{
"date": "2021-09-08T17:19:32.197000",
"db": "NVD",
"id": "CVE-2015-6714"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-227"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of Function bind In the implementation of JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005271"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-227"
}
],
"trust": 0.6
}
}
var-201104-0076
Vulnerability from variot
Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x before 10.0.3 on Mac OS X, and Adobe Acrobat 9.x before 9.4.4 and 10.x before 10.0.3 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content; as demonstrated by a Microsoft Office document with an embedded .swf file that has a size inconsistency in a "group of included constants," object type confusion, ActionScript that adds custom functions to prototypes, and Date objects; and as exploited in the wild in April 2011. Adobe Flash contains a vulnerability that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Failed exploit attempts will likely result in denial-of-service conditions.ogs. Multiple Web browsers are prone to a vulnerability that may allow attackers to spoof a certificate. Successful exploits will allow attackers to impersonate a legitimate site and conduct other attacks. The following browsers are affected: Internet Explorer 6 Internet Explorer 7 Mozilla Firefox 3.6.6 Google Chrome Qt 4.7. Because an object method does not correctly identify the type of object when it is referenced, remote attackers can exploit this vulnerability by enticing users to visit web pages containing malicious SWF files. This vulnerability can be used to execute Trojan attacks, which has a high level of impact and threat level, and requires users to attach great importance to it.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers and Adobe Security Advisories and Bulletins referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-10.3.183.10"
References
[ 1 ] APSA11-01 http://www.adobe.com/support/security/advisories/apsa11-01.html [ 2 ] APSA11-02 http://www.adobe.com/support/security/advisories/apsa11-02.html [ 3 ] APSB11-02 http://www.adobe.com/support/security/bulletins/apsb11-02.html [ 4 ] APSB11-12 http://www.adobe.com/support/security/bulletins/apsb11-12.html [ 5 ] APSB11-13 http://www.adobe.com/support/security/bulletins/apsb11-13.html [ 6 ] APSB11-21 https://www.adobe.com/support/security/bulletins/apsb11-21.html [ 7 ] APSB11-26 https://www.adobe.com/support/security/bulletins/apsb11-26.html [ 8 ] CVE-2011-0558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0558 [ 9 ] CVE-2011-0559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0559 [ 10 ] CVE-2011-0560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0560 [ 11 ] CVE-2011-0561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0561 [ 12 ] CVE-2011-0571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0571 [ 13 ] CVE-2011-0572 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0572 [ 14 ] CVE-2011-0573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0573 [ 15 ] CVE-2011-0574 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0574 [ 16 ] CVE-2011-0575 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0575 [ 17 ] CVE-2011-0577 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0577 [ 18 ] CVE-2011-0578 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0578 [ 19 ] CVE-2011-0579 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0579 [ 20 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 21 ] CVE-2011-0607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0607 [ 22 ] CVE-2011-0608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0608 [ 23 ] CVE-2011-0609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0609 [ 24 ] CVE-2011-0611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0611 [ 25 ] CVE-2011-0618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0618 [ 26 ] CVE-2011-0619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0619 [ 27 ] CVE-2011-0620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0620 [ 28 ] CVE-2011-0621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0621 [ 29 ] CVE-2011-0622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0622 [ 30 ] CVE-2011-0623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0623 [ 31 ] CVE-2011-0624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0624 [ 32 ] CVE-2011-0625 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0625 [ 33 ] CVE-2011-0626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0626 [ 34 ] CVE-2011-0627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0627 [ 35 ] CVE-2011-0628 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0628 [ 36 ] CVE-2011-2107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2107 [ 37 ] CVE-2011-2110 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2110 [ 38 ] CVE-2011-2125 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 39 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 40 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 41 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 42 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 43 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 44 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 45 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 46 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 47 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 48 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 49 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 50 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 51 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 52 ] CVE-2011-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2426 [ 53 ] CVE-2011-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2427 [ 54 ] CVE-2011-2428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2428 [ 55 ] CVE-2011-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2429 [ 56 ] CVE-2011-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2430 [ 57 ] CVE-2011-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2444
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201110-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. ----------------------------------------------------------------------
Q1 Factsheets released:
http://secunia.com/resources/factsheets/2011_vendor/
TITLE: Adobe Reader/Acrobat authplay.dll Code Execution Vulnerability
SECUNIA ADVISORY ID: SA44149
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44149/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44149
RELEASE DATE: 2011-04-13
DISCUSS ADVISORY: http://secunia.com/advisories/44149/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/44149/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=44149
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in Adobe Acrobat/Reader, which can be exploited by malicious people to compromise a user's system.
The vulnerability is reported in version 10.0.2 and earlier 10.x and 9.x versions for Windows and Macintosh.
SOLUTION: Do not open untrusted PDF files.
ORIGINAL ADVISORY: http://www.adobe.com/support/security/advisories/apsa11-02.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201104-0076",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "11"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "chrome",
"scope": "lt",
"trust": 1.0,
"vendor": "google",
"version": "10.0.648.205"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "11.4"
},
{
"model": "flash player",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.2.154.27"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "10"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.2.156.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "11.3"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "11.2"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "air",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "2.6.19140"
},
{
"model": "acrobat reader",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "air",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "2.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adobe",
"version": null
},
{
"model": "adobe flash player",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c9\u30d3",
"version": null
},
{
"model": "red hat enterprise linux workstation supplementary",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"model": "rhel desktop supplementary",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"model": "red hat enterprise linux server supplementary",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"model": "adobe acrobat",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c9\u30d3",
"version": null
},
{
"model": "hp systems insight manager",
"scope": null,
"trust": 0.8,
"vendor": "\u30d2\u30e5\u30fc\u30ec\u30c3\u30c8 \u30d1\u30c3\u30ab\u30fc\u30c9",
"version": null
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": "5 (server)"
},
{
"model": "adobe air",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c9\u30d3",
"version": null
},
{
"model": "adobe reader",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c9\u30d3",
"version": null
},
{
"model": "oracle solaris",
"scope": null,
"trust": 0.8,
"vendor": "\u30aa\u30e9\u30af\u30eb",
"version": null
},
{
"model": "opensolaris build snv 134",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 41",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 104",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 83",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 106",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 131",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 56",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 95",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 38",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 126",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 125",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 133",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 54",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 129",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 93",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 151",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "systems insight manager sp2",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "5.2"
},
{
"model": "systems insight manager",
"scope": "ne",
"trust": 0.6,
"vendor": "hp",
"version": "7.0"
},
{
"model": "opensolaris build snv 35",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 92",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "systems insight manager sp6",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "5.0"
},
{
"model": "opensolaris build snv 134a",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 76",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 130",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 121",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 84",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "6.1"
},
{
"model": "opensolaris build snv 101a",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 105",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 99",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "6.0.0.96"
},
{
"model": "opensolaris build snv 111a",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 87",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 88",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 98",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 117",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 58",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "5.3"
},
{
"model": "systems insight manager sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "4.2"
},
{
"model": "opensolaris build snv 111",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "systems insight manager sp3",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "5.0"
},
{
"model": "opensolaris build snv 113",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 100",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 124",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 118",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "systems insight manager sp2",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "4.2"
},
{
"model": "opensolaris build snv 123",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "systems insight manager sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "5.0"
},
{
"model": "opensolaris build snv 59",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 49",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 57",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 22",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 114",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "4.2"
},
{
"model": "opensolaris build snv 112",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 81",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 119",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 128",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 103",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 85",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 19",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 107",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "5.0"
},
{
"model": "opensolaris build snv 45",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 96",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 110",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 71",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "6.0"
},
{
"model": "opensolaris build snv 78",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 108",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 28",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 13",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 132",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 91",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 36",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 89",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 47",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 39",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 48",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 64",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 137",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "systems insight manager sp2",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "5.0"
},
{
"model": "opensolaris build snv 94",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 37",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "suse",
"version": "11"
},
{
"model": "opensolaris build snv 101",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "6.3"
},
{
"model": "opensolaris build snv 122",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 115",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 90",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 68",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 109",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 74",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 67",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 120",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris svn 126",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "systems insight manager sp5",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "5.0"
},
{
"model": "opensolaris build snv 51",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 50",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 136",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.6,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensolaris build snv 102",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "6.2"
},
{
"model": "systems insight manager sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "5.1"
},
{
"model": "opensolaris build snv 02",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 77",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 61",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 111b",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "systems insight manager update",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "5.31"
},
{
"model": "opensolaris snv 111b",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 116",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 127",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 80",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 82",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 135",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 01",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 86",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 29",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2.0.4"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2.0.3"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2.0.2"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.0"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5.2"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.5.3"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "1.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.12.35"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.152.21"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.157.51"
},
{
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.25"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.95.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.156.12"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.95.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.152.33"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.51.66"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.153.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.27"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "solaris express",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "10"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.24"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat professional extended",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "opensolaris build snv 151a",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.18"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.32.18"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.12.36"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3218"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.53.64"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.159.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.22.87"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.85.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.82.76"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.452"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.15.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10"
},
{
"model": "air",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2.6.19140"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.105.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.42.34"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "flash player release candida",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.92.10"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.106.16"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.6.19120"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.102.65"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.102.64"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.307.6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1004"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "3.0.195.21"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375127"
},
{
"model": "qt",
"scope": "eq",
"trust": 0.3,
"vendor": "qtweb",
"version": "4.7"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1033"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1044"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.28"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.322.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.391.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.14"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.306.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1012"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1039"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "linux enterprise sdk sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1031"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.365.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.335.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.326.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.317.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.3"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.7"
},
{
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.7"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.366.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.307.3"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.348.0"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.11"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1010"
},
{
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.342.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.307.11"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.366.0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.395.0"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.5"
},
{
"model": "solaris express",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "11"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.25"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1051"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1061"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.385.0"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.319.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.366.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.296.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.374.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.275.1"
},
{
"model": "internet explorer sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "6.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.23"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.21"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.342.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1043"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1049"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1057"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.346.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.390.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.382.0"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "3.0.195.27"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.35"
},
{
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.11"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.20"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.12"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.368.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.37"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.307.10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.126"
},
{
"model": "message networking mn",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "internet explorer sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "6.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.393.0"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.362.0"
},
{
"model": "linux enterprise sdk sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.323.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.356.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.370.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.380.0"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.9"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.48"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.361.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1018"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.222.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.278.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1017"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.64"
},
{
"model": "seamonkey beta",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.02"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.302.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.379.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "3.0.195.25"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1062"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.30"
},
{
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1020"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1042"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1058"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.334.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.307.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.55"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1054"
},
{
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.53"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.335.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1030"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.328.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.342.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.27"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.360.3"
},
{
"model": "linux enterprise sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.381.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.15"
},
{
"model": "intuity audix lx sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "enterprise linux desktop version",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.394.0"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "3.0.195.38"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.364.0"
},
{
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.349.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1022"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.6"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.350.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.322.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.2491064"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "3.0.195.37"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.345.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.354.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.325.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1026"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.222.12"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "3.0.195.33"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.335.4"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.369.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.347.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "3.0.195.24"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.34"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1038"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.307.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.55"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.329.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1006"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.315.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.277.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.384.0"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.170.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.350.1"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.26"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.61"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.36"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.9"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.299.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.371.0"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.169.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.272.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.169.0"
},
{
"model": "linux enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.288.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.363.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.294.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.223.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.367.0"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1045"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1016"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.223.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "3.0.195.36"
},
{
"model": "chrome beta",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "3.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.28"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.6"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.337.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.301.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.366.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1032"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.8"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1040"
},
{
"model": "seamonkey rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.314.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.342.6"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.343.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.355.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.327.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1055"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.22"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.335.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.356.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.11"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "esx",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0"
},
{
"model": "internet explorer sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "6.0"
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.29"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.308.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.342.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1019"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.2491036"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.30"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.356.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.341.0"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.46"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.338.0"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.59"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.322.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.36"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.222.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1015"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.398.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "3.0.195.32"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.19"
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.342.7"
},
{
"model": "esx",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375125"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.18"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1024"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.222.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.43"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.276.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.307.8"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1041"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1021"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.336.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.305.0"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.7"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1034"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.38"
},
{
"model": "enterprise linux workstation optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.342.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.317.0"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.6"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.320.0"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.9"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.65"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.31"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.17"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.224.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.366.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.339.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.307.7"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.342.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.335.1"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "opensolaris snv 151a",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1035"
},
{
"model": "seamonkey beta",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.01"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.288.1"
},
{
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.223.8"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.223.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.37599"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.330.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1014"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.212.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1001"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.27"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1056"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.292.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.212.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.37"
},
{
"model": "opensolaris build snv 151a",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1029"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.223.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.223.7"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.378.0"
},
{
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.1"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1037"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.16"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.360.0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1060"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.300.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.387.0"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.290.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.382.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.386.0"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "6.0"
},
{
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "seamonkey alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.03"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.372.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.392.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.221.8"
},
{
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.307.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.302.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1063"
},
{
"model": "messaging storage server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.289.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.304.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.360.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1028"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.6"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.302.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1046"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.303.0"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.2491059"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.332.0"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"model": "solaris express",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "9"
},
{
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.12"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.275.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.340.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1013"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1023"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.373.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.369.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.397.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.353.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.70"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "enterprise linux server optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.2"
},
{
"model": "intuity audix lx r1.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.321.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.357.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.333.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.313.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.2"
},
{
"model": "seamonkey",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.9"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.351.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7.0"
},
{
"model": "intuity audix lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1027"
},
{
"model": "seamonkey rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.396.0"
},
{
"model": "thunderbird",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.309.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.32"
},
{
"model": "intuity audix lx sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.344.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.307.9"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.342.9"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1008"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.13"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1053"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.38"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "3.0.190.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.287.0"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.286.0"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.33"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.302.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.369.2"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.8"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.358.0"
},
{
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.12.6"
},
{
"model": "seamonkey alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.02"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.223.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.360.5"
},
{
"model": "conferencing standard edition",
"scope": "ne",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1007"
},
{
"model": "thunderbird",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.9"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1047"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.14"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1052"
},
{
"model": "enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.8"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.317.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1009"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.314.0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.324.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1048"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1050"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.342.8"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.8"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "seamonkey alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.01"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.31"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "3.0.182.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.354.1"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.316.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.271.0"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "aura conferencing standard",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "intuity audix lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.359.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.383.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.376.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.306.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1025"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.33"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.295.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.37586"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.318.0"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.7"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1011"
},
{
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#230057"
},
{
"db": "BID",
"id": "47314"
},
{
"db": "BID",
"id": "42817"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001464"
},
{
"db": "CNNVD",
"id": "CNNVD-201104-087"
},
{
"db": "NVD",
"id": "CVE-2011-0611"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mila Parkour",
"sources": [
{
"db": "BID",
"id": "47314"
}
],
"trust": 0.3
},
"cve": "CVE-2011-0611",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2011-0611",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-48556",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2011-0611",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2011-0611",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-0611",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2011-0611",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#230057",
"trust": 0.8,
"value": "46.47"
},
{
"author": "NVD",
"id": "CVE-2011-0611",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201104-087",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-48556",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2011-0611",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#230057"
},
{
"db": "VULHUB",
"id": "VHN-48556"
},
{
"db": "VULMON",
"id": "CVE-2011-0611"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001464"
},
{
"db": "CNNVD",
"id": "CNNVD-201104-087"
},
{
"db": "NVD",
"id": "CVE-2011-0611"
},
{
"db": "NVD",
"id": "CVE-2011-0611"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x before 10.0.3 on Mac OS X, and Adobe Acrobat 9.x before 9.4.4 and 10.x before 10.0.3 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content; as demonstrated by a Microsoft Office document with an embedded .swf file that has a size inconsistency in a \"group of included constants,\" object type confusion, ActionScript that adds custom functions to prototypes, and Date objects; and as exploited in the wild in April 2011. Adobe Flash contains a vulnerability that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Failed exploit attempts will likely result in denial-of-service conditions.ogs. Multiple Web browsers are prone to a vulnerability that may allow attackers to spoof a certificate. \nSuccessful exploits will allow attackers to impersonate a legitimate site and conduct other attacks. \nThe following browsers are affected:\nInternet Explorer 6\nInternet Explorer 7\nMozilla Firefox 3.6.6\nGoogle Chrome\nQt 4.7. Because an object method does not correctly identify the type of object when it is referenced, remote attackers can exploit this vulnerability by enticing users to visit web pages containing malicious SWF files. This vulnerability can be used to execute Trojan attacks, which has a high level of impact and threat level, and requires users to attach great importance to it. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers and Adobe Security Advisories and\nBulletins referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-10.3.183.10\"\n\nReferences\n==========\n\n[ 1 ] APSA11-01\n http://www.adobe.com/support/security/advisories/apsa11-01.html\n[ 2 ] APSA11-02\n http://www.adobe.com/support/security/advisories/apsa11-02.html\n[ 3 ] APSB11-02\n http://www.adobe.com/support/security/bulletins/apsb11-02.html\n[ 4 ] APSB11-12\n http://www.adobe.com/support/security/bulletins/apsb11-12.html\n[ 5 ] APSB11-13\n http://www.adobe.com/support/security/bulletins/apsb11-13.html\n[ 6 ] APSB11-21\n https://www.adobe.com/support/security/bulletins/apsb11-21.html\n[ 7 ] APSB11-26\n https://www.adobe.com/support/security/bulletins/apsb11-26.html\n[ 8 ] CVE-2011-0558\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0558\n[ 9 ] CVE-2011-0559\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0559\n[ 10 ] CVE-2011-0560\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0560\n[ 11 ] CVE-2011-0561\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0561\n[ 12 ] CVE-2011-0571\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0571\n[ 13 ] CVE-2011-0572\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0572\n[ 14 ] CVE-2011-0573\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0573\n[ 15 ] CVE-2011-0574\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0574\n[ 16 ] CVE-2011-0575\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0575\n[ 17 ] CVE-2011-0577\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0577\n[ 18 ] CVE-2011-0578\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0578\n[ 19 ] CVE-2011-0579\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0579\n[ 20 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 21 ] CVE-2011-0607\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0607\n[ 22 ] CVE-2011-0608\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0608\n[ 23 ] CVE-2011-0609\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0609\n[ 24 ] CVE-2011-0611\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0611\n[ 25 ] CVE-2011-0618\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0618\n[ 26 ] CVE-2011-0619\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0619\n[ 27 ] CVE-2011-0620\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0620\n[ 28 ] CVE-2011-0621\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0621\n[ 29 ] CVE-2011-0622\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0622\n[ 30 ] CVE-2011-0623\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0623\n[ 31 ] CVE-2011-0624\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0624\n[ 32 ] CVE-2011-0625\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0625\n[ 33 ] CVE-2011-0626\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0626\n[ 34 ] CVE-2011-0627\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0627\n[ 35 ] CVE-2011-0628\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0628\n[ 36 ] CVE-2011-2107\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2107\n[ 37 ] CVE-2011-2110\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2110\n[ 38 ] CVE-2011-2125\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 39 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 40 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 41 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 42 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 43 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 44 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 45 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 46 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 47 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 48 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 49 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 50 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 51 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 52 ] CVE-2011-2426\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2426\n[ 53 ] CVE-2011-2427\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2427\n[ 54 ] CVE-2011-2428\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2428\n[ 55 ] CVE-2011-2429\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2429\n[ 56 ] CVE-2011-2430\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2430\n[ 57 ] CVE-2011-2444\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2444\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201110-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2011 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. ----------------------------------------------------------------------\n\n\nQ1 Factsheets released:\n\nhttp://secunia.com/resources/factsheets/2011_vendor/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader/Acrobat authplay.dll Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA44149\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/44149/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44149\n\nRELEASE DATE:\n2011-04-13\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/44149/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/44149/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44149\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in Adobe Acrobat/Reader, which can\nbe exploited by malicious people to compromise a user\u0027s system. \n\nThe vulnerability is reported in version 10.0.2 and earlier 10.x and\n9.x versions for Windows and Macintosh. \n\nSOLUTION:\nDo not open untrusted PDF files. \n\nORIGINAL ADVISORY:\nhttp://www.adobe.com/support/security/advisories/apsa11-02.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0611"
},
{
"db": "CERT/CC",
"id": "VU#230057"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001464"
},
{
"db": "BID",
"id": "47314"
},
{
"db": "BID",
"id": "42817"
},
{
"db": "VULHUB",
"id": "VHN-48556"
},
{
"db": "VULMON",
"id": "CVE-2011-0611"
},
{
"db": "PACKETSTORM",
"id": "100364"
},
{
"db": "PACKETSTORM",
"id": "100367"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "100366"
}
],
"trust": 3.42
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=17175",
"trust": 0.2,
"type": "exploit"
},
{
"reference": "https://www.scap.org.cn/vuln/vhn-48556",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48556"
},
{
"db": "VULMON",
"id": "CVE-2011-0611"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-0611",
"trust": 4.2
},
{
"db": "CERT/CC",
"id": "VU#230057",
"trust": 3.1
},
{
"db": "SECUNIA",
"id": "44119",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "44149",
"trust": 2.7
},
{
"db": "BID",
"id": "47314",
"trust": 2.3
},
{
"db": "SECTRACK",
"id": "1025325",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1025324",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "44141",
"trust": 1.9
},
{
"db": "EXPLOIT-DB",
"id": "17175",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2011-0923",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2011-0924",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2011-0922",
"trust": 1.2
},
{
"db": "SREASON",
"id": "8292",
"trust": 1.2
},
{
"db": "SREASON",
"id": "8204",
"trust": 1.2
},
{
"db": "BID",
"id": "42817",
"trust": 1.1
},
{
"db": "XF",
"id": "66681",
"trust": 0.8
},
{
"db": "USCERT",
"id": "TA15-119A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001464",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201104-087",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "16716",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "100507",
"trust": 0.2
},
{
"db": "EXPLOIT-DB",
"id": "17473",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-20496",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-20472",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "102748",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-48556",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2011-0611",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "100364",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "100367",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "105802",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "100366",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#230057"
},
{
"db": "VULHUB",
"id": "VHN-48556"
},
{
"db": "VULMON",
"id": "CVE-2011-0611"
},
{
"db": "BID",
"id": "47314"
},
{
"db": "BID",
"id": "42817"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001464"
},
{
"db": "PACKETSTORM",
"id": "100364"
},
{
"db": "PACKETSTORM",
"id": "100367"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "100366"
},
{
"db": "CNNVD",
"id": "CNNVD-201104-087"
},
{
"db": "NVD",
"id": "CVE-2011-0611"
}
]
},
"id": "VAR-201104-0076",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48556"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:27:22.685000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "RHSA-2011",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/advisories/apsa11-02.html"
},
{
"title": "Publicly available PCAP files",
"trust": 0.1,
"url": "https://github.com/thongsia/Public-Pcaps "
},
{
"title": "threat language parser",
"trust": 0.1,
"url": "https://github.com/ministryofpromise/tlp "
},
{
"title": "Known Exploited Vulnerabilities Detector",
"trust": 0.1,
"url": "https://github.com/Ostorlab/KEV "
},
{
"title": "Securelist",
"trust": 0.1,
"url": "https://securelist.com/investigation-report-for-the-september-2014-equation-malware-detection-incident-in-the-us/83210/"
},
{
"title": "Securelist",
"trust": 0.1,
"url": "https://securelist.com/it-threat-evolution-q3-2014/67637/"
},
{
"title": "Securelist",
"trust": 0.1,
"url": "https://securelist.com/ksn-an-analysis-of-web-browsers/57767/"
},
{
"title": "Securelist",
"trust": 0.1,
"url": "https://securelist.com/democratic-party-of-hong-kong-website-compromised-and-serving-spyware/30644/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2011-0611"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001464"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-843",
"trust": 1.0
},
{
"problemtype": "Mistake of type (CWE-843) [NVD evaluation ]",
"trust": 0.8
},
{
"problemtype": "CWE-119",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48556"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001464"
},
{
"db": "NVD",
"id": "CVE-2011-0611"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "http://www.adobe.com/support/security/advisories/apsa11-02.html"
},
{
"trust": 2.6,
"url": "http://secunia.com/advisories/44119"
},
{
"trust": 2.6,
"url": "http://secunia.com/advisories/44149"
},
{
"trust": 2.4,
"url": "http://www.kb.cert.org/vuls/id/230057"
},
{
"trust": 2.3,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-07.html"
},
{
"trust": 2.3,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-08.html"
},
{
"trust": 2.0,
"url": "http://www.securityfocus.com/bid/47314"
},
{
"trust": 2.0,
"url": "http://www.securitytracker.com/id?1025324"
},
{
"trust": 2.0,
"url": "http://www.securitytracker.com/id?1025325"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/44141"
},
{
"trust": 1.3,
"url": "http://contagiodump.blogspot.com/2011/04/apr-8-cve-2011-0611-flash-player-zero.html"
},
{
"trust": 1.2,
"url": "http://googlechromereleases.blogspot.com/2011/04/stable-channel-update.html"
},
{
"trust": 1.2,
"url": "http://www.exploit-db.com/exploits/17175"
},
{
"trust": 1.2,
"url": "http://blogs.technet.com/b/mmpc/archive/2011/04/12/analysis-of-the-cve-2011-0611-adobe-flash-player-vulnerability-exploitation.aspx"
},
{
"trust": 1.2,
"url": "http://bugix-security.blogspot.com/2011/04/cve-2011-0611-adobe-flash-zero-day.html"
},
{
"trust": 1.2,
"url": "http://secunia.com/blog/210/"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14175"
},
{
"trust": 1.2,
"url": "http://www.redhat.com/support/errata/rhsa-2011-0451.html"
},
{
"trust": 1.2,
"url": "http://securityreason.com/securityalert/8204"
},
{
"trust": 1.2,
"url": "http://securityreason.com/securityalert/8292"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00004.html"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2011/0922"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2011/0923"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2011/0924"
},
{
"trust": 1.2,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66681"
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/downloads/en/details.aspx?familyid=c6f0a6ee-05ac-4eb6-acd0-362559fd2f04"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/b/srd/archive/2011/03/17/blocking-exploit-attempts-of-the-recent-flash-0-day.aspx"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu230057"
},
{
"trust": 0.8,
"url": "http://jvn.jp/ta/jvnta99041988/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0611"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2011/at110009.txt"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.8,
"url": "https://www.us-cert.gov/ncas/alerts/ta15-119a"
},
{
"trust": 0.8,
"url": "https://cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20110418-adobe.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/42817"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/66681"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/16716"
},
{
"trust": 0.4,
"url": "http://blogs.adobe.com/psirt/2011/04/security-advisory-for-adobe-flash-player-adobe-reader-and-acrobat-apsa11-02.html"
},
{
"trust": 0.3,
"url": " cve-2011-0611 vulnerability in adobe flash player "
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.cometforums.com/forum-70/announcement-17-new-cometbird-version-3611-has-been-released/"
},
{
"trust": 0.3,
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=578697"
},
{
"trust": 0.3,
"url": "http://blogs.oracle.com/sunsecurity/entry/cve_2010_3170_browser_wildcard"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/windows/ie/default.mspx"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/"
},
{
"trust": 0.3,
"url": "http://www.westpoint.ltd.uk/advisories/wp-10-0001.txt"
},
{
"trust": 0.3,
"url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox"
},
{
"trust": 0.3,
"url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_thunderbird1"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/projects/security/pki/nss/#info"
},
{
"trust": 0.3,
"url": "http://www.trolltech.com/products/qt/"
},
{
"trust": 0.3,
"url": "http://www.vmware.com/security/advisories/vmsa-2011-0013.html"
},
{
"trust": 0.3,
"url": "/archive/1/513396"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100114250"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100120156"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-70.html"
},
{
"trust": 0.3,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.3,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.3,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.3,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.3,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.3,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.3,
"url": "http://secunia.com/resources/factsheets/2011_vendor/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/843.html"
},
{
"trust": 0.1,
"url": "https://packetstormsecurity.com/files/100507/adobe-flash-player-10.2.153.1-swf-memory-corruption-vulnerability.html"
},
{
"trust": 0.1,
"url": "https://github.com/ministryofpromise/tlp"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/17175/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44141"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/44141/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/44141/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/44119/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44119"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/44119/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0579"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0574"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0625"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0575"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0558"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0572"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2444"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0623"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0560"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0620"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0621"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0560"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2107"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2429"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2110"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0628"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0574"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0573"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0575"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0571"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0559"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb11-21.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2426"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0620"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0579"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-13.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0578"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0611"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-12.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0573"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0561"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0572"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0619"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0561"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0558"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0578"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0623"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0621"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0577"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0627"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2428"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0619"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb11-26.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0628"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0607"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2430"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2427"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201110-11.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0559"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0625"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa11-01.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0571"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0611"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0577"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/44149/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/44149/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44149"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#230057"
},
{
"db": "VULHUB",
"id": "VHN-48556"
},
{
"db": "VULMON",
"id": "CVE-2011-0611"
},
{
"db": "BID",
"id": "47314"
},
{
"db": "BID",
"id": "42817"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001464"
},
{
"db": "PACKETSTORM",
"id": "100364"
},
{
"db": "PACKETSTORM",
"id": "100367"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "100366"
},
{
"db": "CNNVD",
"id": "CNNVD-201104-087"
},
{
"db": "NVD",
"id": "CVE-2011-0611"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#230057"
},
{
"db": "VULHUB",
"id": "VHN-48556"
},
{
"db": "VULMON",
"id": "CVE-2011-0611"
},
{
"db": "BID",
"id": "47314"
},
{
"db": "BID",
"id": "42817"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001464"
},
{
"db": "PACKETSTORM",
"id": "100364"
},
{
"db": "PACKETSTORM",
"id": "100367"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "100366"
},
{
"db": "CNNVD",
"id": "CNNVD-201104-087"
},
{
"db": "NVD",
"id": "CVE-2011-0611"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-04-12T00:00:00",
"db": "CERT/CC",
"id": "VU#230057"
},
{
"date": "2011-04-13T00:00:00",
"db": "VULHUB",
"id": "VHN-48556"
},
{
"date": "2011-04-13T00:00:00",
"db": "VULMON",
"id": "CVE-2011-0611"
},
{
"date": "2011-04-11T00:00:00",
"db": "BID",
"id": "47314"
},
{
"date": "2010-08-27T00:00:00",
"db": "BID",
"id": "42817"
},
{
"date": "2011-04-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001464"
},
{
"date": "2011-04-13T06:15:56",
"db": "PACKETSTORM",
"id": "100364"
},
{
"date": "2011-04-13T06:16:04",
"db": "PACKETSTORM",
"id": "100367"
},
{
"date": "2011-10-14T06:16:06",
"db": "PACKETSTORM",
"id": "105802"
},
{
"date": "2011-04-13T06:16:01",
"db": "PACKETSTORM",
"id": "100366"
},
{
"date": "2011-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201104-087"
},
{
"date": "2011-04-13T14:55:01.217000",
"db": "NVD",
"id": "CVE-2011-0611"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-04-21T00:00:00",
"db": "CERT/CC",
"id": "VU#230057"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-48556"
},
{
"date": "2024-02-02T00:00:00",
"db": "VULMON",
"id": "CVE-2011-0611"
},
{
"date": "2013-06-20T09:39:00",
"db": "BID",
"id": "47314"
},
{
"date": "2015-04-13T21:54:00",
"db": "BID",
"id": "42817"
},
{
"date": "2024-02-26T07:30:00",
"db": "JVNDB",
"id": "JVNDB-2011-001464"
},
{
"date": "2011-04-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201104-087"
},
{
"date": "2024-08-13T18:58:42.883000",
"db": "NVD",
"id": "CVE-2011-0611"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "CNNVD",
"id": "CNNVD-201104-087"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player contains unspecified code execution vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#230057"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201104-087"
}
],
"trust": 0.6
}
}
var-201006-1189
Vulnerability from variot
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2209, CVE-2010-2210, CVE-2010-2211, and CVE-2010-2212. Adobe Reader and Acrobat Any code that could be executed or service disruption (DoS) There is a vulnerability that becomes a condition. Adobe Reader and Acrobat versions prior to and including 9.3.2 and 8.2.2 are affected. This BID is being retired. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201009-05
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: September 07, 2010 Bugs: #297385, #306429, #313343, #322857 ID: 201009-05
Synopsis
Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code or other attacks. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.3.4"
References
[ 1 ] APSA10-01 http://www.adobe.com/support/security/advisories/apsa10-01.html [ 2 ] APSB10-02 http://www.adobe.com/support/security/bulletins/apsb10-02.html [ 3 ] APSB10-07 http://www.adobe.com/support/security/bulletins/apsb10-07.html [ 4 ] APSB10-09 http://www.adobe.com/support/security/bulletins/apsb10-09.html [ 5 ] APSB10-14 http://www.adobe.com/support/security/bulletins/apsb10-14.html [ 6 ] APSB10-16 http://www.adobe.com/support/security/bulletins/apsb10-16.html [ 7 ] CVE-2009-3953 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953 [ 8 ] CVE-2009-4324 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324 [ 9 ] CVE-2010-0186 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186 [ 10 ] CVE-2010-0188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188 [ 11 ] CVE-2010-0190 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190 [ 12 ] CVE-2010-0191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191 [ 13 ] CVE-2010-0192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192 [ 14 ] CVE-2010-0193 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193 [ 15 ] CVE-2010-0194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194 [ 16 ] CVE-2010-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195 [ 17 ] CVE-2010-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196 [ 18 ] CVE-2010-0197 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197 [ 19 ] CVE-2010-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198 [ 20 ] CVE-2010-0199 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199 [ 21 ] CVE-2010-0201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201 [ 22 ] CVE-2010-0202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202 [ 23 ] CVE-2010-0203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203 [ 24 ] CVE-2010-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204 [ 25 ] CVE-2010-1241 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241 [ 26 ] CVE-2010-1285 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285 [ 27 ] CVE-2010-1295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295 [ 28 ] CVE-2010-1297 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297 [ 29 ] CVE-2010-2168 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168 [ 30 ] CVE-2010-2201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201 [ 31 ] CVE-2010-2202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202 [ 32 ] CVE-2010-2203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203 [ 33 ] CVE-2010-2204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204 [ 34 ] CVE-2010-2205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205 [ 35 ] CVE-2010-2206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206 [ 36 ] CVE-2010-2207 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207 [ 37 ] CVE-2010-2208 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208 [ 38 ] CVE-2010-2209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209 [ 39 ] CVE-2010-2210 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210 [ 40 ] CVE-2010-2211 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211 [ 41 ] CVE-2010-2212 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201009-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. ----------------------------------------------------------------------
Secunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management
Free webinars
http://secunia.com/vulnerability_scanning/corporate/webinars/
TITLE: Adobe Flash Player Unspecified Code Execution Vulnerability
SECUNIA ADVISORY ID: SA40026
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/40026/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=40026
RELEASE DATE: 2010-06-05
DISCUSS ADVISORY: http://secunia.com/advisories/40026/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/40026/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=40026
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an unspecified error. No more information is currently available.
The vulnerability is reported in version 10.0.45.2 and prior 10.0.x and 9.0.x versions for Windows, Macintosh, Linux, and Solaris.
NOTE: The vulnerability is reportedly being actively exploited.
SOLUTION: Reportedly, the latest version 10.1 Release Candidate is not affected.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day.
ORIGINAL ADVISORY: Adobe: http://www.adobe.com/support/security/advisories/apsa10-01.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA10-159A
Adobe Flash, Reader, and Acrobat Vulnerability
Original release date: June 08, 2010 Last revised: -- Source: US-CERT
Systems Affected
* Adobe Flash Player 10.0.45.2 and earlier 10.x versions
* Adobe Flash Player 9.0.262 and earlier 9.x versions
* Adobe Reader 9.3.2 and earlier 9.x versions
* Adobe Acrobat 9.3.2 and earlier 9.x versions
Other Adobe products that support Flash may also be vulnerable. This
vulnerability affects Flash Player, Reader, Acrobat, and possibly other products that support Flash.
I. It may also affect other products that independently support Flash, such as Photoshop, Photoshop Lightroom, Freehand MX, and Fireworks.
An attacker could exploit this vulnerability by convincing a user to open specially crafted Flash content. Flash content is commonly hosted on a web page, but it can also be embedded in PDF and other documents or provided as a stand-alone file.
II.
III. Solution
Update
Adobe Security Advisory APSA10-01 suggests updating to the release candidate of Flash Player 10.1.
Disable Flash in your web browser
Uninstall Flash or restrict which sites are allowed to run Flash. To the extent possible, only run trusted Flash content on trusted domains. For more information, see Securing Your Web Browser.
Disable Flash in Adobe Reader and Acrobat
Disabling Flash in Adobe Reader will mitigate attacks that rely on Flash content embedded in a PDF file. Disabling 3D & Multimedia support does not directly address the vulnerability, but it does provide additional mitigation and results in a more user-friendly error message instead of a crash. To disable Flash and 3D & Multimedia support in Adobe Reader 9, delete, rename, or remove access to these files:
Microsoft Windows
"%ProgramFiles%\Adobe\Reader 9.0\Reader\authplay.dll"
"%ProgramFiles%\Adobe\Reader 9.0\Reader\rt3d.dll"
Apple Mac OS X
"/Applications/Adobe Reader 9/Adobe
Reader.app/Contents/Frameworks/AuthPlayLib.bundle"
"/Applications/Adobe Reader 9/Adobe
Reader.app/Contents/Frameworks/Adobe3D.framework"
GNU/Linux (locations may vary among distributions)
"/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so"
"/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so"
File locations may be different for Adobe Acrobat or other Adobe products that include Flash and 3D & Multimedia support. Disabling these plugins will reduce functionality and will not protect against Flash content hosted on websites. Depending on the update schedule for products other than Flash Player, consider leaving Flash and 3D & Multimedia support disabled unless they are absolutely required.
Prevent Internet Explorer from automatically opening PDF documents
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7]
"EditFlags"=hex:00,00,00,00
Disable the display of PDF documents in the web browser
Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF documents from automatically being opened in a web browser, do the following:
1.
2. Open the Edit menu.
3. Choose the Preferences option.
4. Choose the Internet section.
5. Uncheck the "Display PDF in browser" checkbox.
Disable JavaScript in Adobe Reader and Acrobat
Disabling JavaScript provides some additional protection against attacks. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Enable DEP in Microsoft Windows
Consider enabling Data Execution Prevention (DEP) in supported versions of Windows. DEP should not be treated as a complete workaround, but it can mitigate the execution of attacker-supplied code in some cases. Microsoft has published detailed technical information about DEP in Security Research & Defense blog posts "Understanding DEP as a mitigation technology" part 1 and part 2. Use of DEP should be considered in conjunction with the application of patches or other mitigations described in this document.
Do not access PDF documents from untrusted sources
Do not open unfamiliar or unexpected PDF documents, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. References
-
Security Advisory for Flash Player, Adobe Reader and Acrobat - http://www.adobe.com/support/security/advisories/apsa10-01.html
-
Adobe Labs - Flash Player 10 pre-release - http://labs.adobe.com/technologies/flashplayer10/
-
US-CERT Vulnerability Note VU#486225 - http://www.kb.cert.org/vuls/id/486225
-
Securing Your Web Browser - http://www.us-cert.gov/reading_room/securing_browser/
-
Understanding DEP as a mitigation technology part 1 - http://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx
-
Understanding DEP as a mitigation technology part 2 - http://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA10-159A.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA10-159A Feedback VU#486225" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
June 08, 2010: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBTA65yT6pPKYJORa3AQLS9wf/fh+7IwRtBvoPgn8pYeOsVheLkbVLWC3W miWUnY1acuPTwZzG5JcAldRHksFkx1j0mMEvp4PhtiTr51JFPi4XgDfrG4cEcVaw nuAqEV+hLAWZkMex/jWxBV+85tZqKN0kiUr3bq5DPsdkhjV7c2MFfS8BSxLXLuPm OFAXPT+XFldq6MJhYUOtWT1CIz6PNPfo68KmZaUThjdqkkBW3HQu90OSRf2c6M/u V6KBQf7QuhpPqYUqAZU6ZUNEfL/7g2BwvuPjUMlgE5N+Z8EYnhyhu0qDtZeLUcXA 2gH31VEr79DUHJqpb9jk61bi5Dm4gjHeLHoTAwu0IrduZzXvWncfIg== =ZPZM -----END PGP SIGNATURE----- .
SOLUTION: Delete, rename, or remove access to authplay.dll to prevent running SWF content in PDF files
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201006-1189",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.4.z (server)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "BID",
"id": "41239"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001713"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-485"
},
{
"db": "NVD",
"id": "CVE-2010-2207"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001713"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tavis Ormandy of the Google Security Team",
"sources": [
{
"db": "BID",
"id": "41239"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-485"
}
],
"trust": 0.9
},
"cve": "CVE-2010-2207",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-2207",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CARNEGIE MELLON",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 9.0,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 7.0,
"exploitability": "PROOF-OF-CONCEPT",
"exploitabilityScore": 8.6,
"id": "VU#486225",
"impactScore": 9.5,
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "OFFICIAL FIX",
"reportConfidence": "CONFIRMED",
"severity": "HIGH",
"targetDistribution": "NOT DEFINED",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-44812",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-2207",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#486225",
"trust": 0.8,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2010-2207",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201006-485",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-44812",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2010-2207",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44812"
},
{
"db": "VULMON",
"id": "CVE-2010-2207"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001713"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-485"
},
{
"db": "NVD",
"id": "CVE-2010-2207"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2209, CVE-2010-2210, CVE-2010-2211, and CVE-2010-2212. Adobe Reader and Acrobat Any code that could be executed or service disruption (DoS) There is a vulnerability that becomes a condition. \nAdobe Reader and Acrobat versions prior to and including 9.3.2 and 8.2.2 are affected. \nThis BID is being retired. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201009-05\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: September 07, 2010\n Bugs: #297385, #306429, #313343, #322857\n ID: 201009-05\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might result in the execution\nof arbitrary code or other attacks. For further\ninformation please consult the CVE entries and the Adobe Security\nBulletins referenced below. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.3.4\"\n\nReferences\n==========\n\n [ 1 ] APSA10-01\n http://www.adobe.com/support/security/advisories/apsa10-01.html\n [ 2 ] APSB10-02\n http://www.adobe.com/support/security/bulletins/apsb10-02.html\n [ 3 ] APSB10-07\n http://www.adobe.com/support/security/bulletins/apsb10-07.html\n [ 4 ] APSB10-09\n http://www.adobe.com/support/security/bulletins/apsb10-09.html\n [ 5 ] APSB10-14\n http://www.adobe.com/support/security/bulletins/apsb10-14.html\n [ 6 ] APSB10-16\n http://www.adobe.com/support/security/bulletins/apsb10-16.html\n [ 7 ] CVE-2009-3953\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953\n [ 8 ] CVE-2009-4324\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324\n [ 9 ] CVE-2010-0186\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186\n [ 10 ] CVE-2010-0188\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188\n [ 11 ] CVE-2010-0190\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190\n [ 12 ] CVE-2010-0191\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191\n [ 13 ] CVE-2010-0192\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192\n [ 14 ] CVE-2010-0193\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193\n [ 15 ] CVE-2010-0194\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194\n [ 16 ] CVE-2010-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195\n [ 17 ] CVE-2010-0196\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196\n [ 18 ] CVE-2010-0197\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197\n [ 19 ] CVE-2010-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198\n [ 20 ] CVE-2010-0199\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199\n [ 21 ] CVE-2010-0201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201\n [ 22 ] CVE-2010-0202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202\n [ 23 ] CVE-2010-0203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203\n [ 24 ] CVE-2010-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204\n [ 25 ] CVE-2010-1241\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241\n [ 26 ] CVE-2010-1285\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285\n [ 27 ] CVE-2010-1295\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295\n [ 28 ] CVE-2010-1297\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297\n [ 29 ] CVE-2010-2168\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168\n [ 30 ] CVE-2010-2201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201\n [ 31 ] CVE-2010-2202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202\n [ 32 ] CVE-2010-2203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203\n [ 33 ] CVE-2010-2204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204\n [ 34 ] CVE-2010-2205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205\n [ 35 ] CVE-2010-2206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206\n [ 36 ] CVE-2010-2207\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207\n [ 37 ] CVE-2010-2208\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208\n [ 38 ] CVE-2010-2209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209\n [ 39 ] CVE-2010-2210\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210\n [ 40 ] CVE-2010-2211\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211\n [ 41 ] CVE-2010-2212\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201009-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. ----------------------------------------------------------------------\n\n\nSecunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management\n\nFree webinars\n\nhttp://secunia.com/vulnerability_scanning/corporate/webinars/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player Unspecified Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA40026\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/40026/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026\n\nRELEASE DATE:\n2010-06-05\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/40026/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/40026/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in Adobe Flash Player, which can be\nexploited by malicious people to compromise a user\u0027s system. \n\nThe vulnerability is caused due to an unspecified error. No more\ninformation is currently available. \n\nThe vulnerability is reported in version 10.0.45.2 and prior 10.0.x\nand 9.0.x versions for Windows, Macintosh, Linux, and Solaris. \n\nNOTE: The vulnerability is reportedly being actively exploited. \n\nSOLUTION:\nReportedly, the latest version 10.1 Release Candidate is not\naffected. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\nReported as a 0-day. \n\nORIGINAL ADVISORY:\nAdobe:\nhttp://www.adobe.com/support/security/advisories/apsa10-01.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n National Cyber Alert System\n\n Technical Cyber Security Alert TA10-159A\n\n\nAdobe Flash, Reader, and Acrobat Vulnerability\n\n Original release date: June 08, 2010\n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n * Adobe Flash Player 10.0.45.2 and earlier 10.x versions\n * Adobe Flash Player 9.0.262 and earlier 9.x versions\n * Adobe Reader 9.3.2 and earlier 9.x versions\n * Adobe Acrobat 9.3.2 and earlier 9.x versions\n\n Other Adobe products that support Flash may also be vulnerable. This\n vulnerability affects Flash Player, Reader, Acrobat, and possibly\n other products that support Flash. \n\n\nI. It may\n also affect other products that independently support Flash, such\n as Photoshop, Photoshop Lightroom, Freehand MX, and Fireworks. \n\n An attacker could exploit this vulnerability by convincing a user\n to open specially crafted Flash content. Flash content is commonly\n hosted on a web page, but it can also be embedded in PDF and other\n documents or provided as a stand-alone file. \n\n\nII. \n\n\nIII. Solution\n\n Update\n\n Adobe Security Advisory APSA10-01 suggests updating to the release\n candidate of Flash Player 10.1. \n\n Disable Flash in your web browser\n\n Uninstall Flash or restrict which sites are allowed to run Flash. \n To the extent possible, only run trusted Flash content on trusted\n domains. For more information, see Securing Your Web Browser. \n\n Disable Flash in Adobe Reader and Acrobat\n\n Disabling Flash in Adobe Reader will mitigate attacks that rely on\n Flash content embedded in a PDF file. Disabling 3D \u0026 Multimedia\n support does not directly address the vulnerability, but it does\n provide additional mitigation and results in a more user-friendly\n error message instead of a crash. To disable Flash and 3D \u0026\n Multimedia support in Adobe Reader 9, delete, rename, or remove\n access to these files:\n\n Microsoft Windows\n\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\authplay.dll\"\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\rt3d.dll\"\n\n Apple Mac OS X\n\n \"/Applications/Adobe Reader 9/Adobe\n Reader.app/Contents/Frameworks/AuthPlayLib.bundle\"\n \"/Applications/Adobe Reader 9/Adobe\n Reader.app/Contents/Frameworks/Adobe3D.framework\"\n\n\n GNU/Linux (locations may vary among distributions)\n\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so\"\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so\"\n\n File locations may be different for Adobe Acrobat or other Adobe\n products that include Flash and 3D \u0026 Multimedia support. Disabling\n these plugins will reduce functionality and will not protect\n against Flash content hosted on websites. Depending on the update\n schedule for products other than Flash Player, consider leaving\n Flash and 3D \u0026 Multimedia support disabled unless they are\n absolutely required. \n\n Prevent Internet Explorer from automatically opening PDF documents\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF documents in the web browser\n\n Preventing PDF documents from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF documents from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. \n\n Disable JavaScript in Adobe Reader and Acrobat\n\n Disabling JavaScript provides some additional protection against\n attacks. Acrobat JavaScript can be disabled using the Preferences\n menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable Acrobat\n JavaScript). \n\n Enable DEP in Microsoft Windows\n\n Consider enabling Data Execution Prevention (DEP) in supported\n versions of Windows. DEP should not be treated as a complete\n workaround, but it can mitigate the execution of attacker-supplied\n code in some cases. Microsoft has published detailed technical\n information about DEP in Security Research \u0026 Defense blog posts\n \"Understanding DEP as a mitigation technology\" part 1 and part 2. \n Use of DEP should be considered in conjunction with the application\n of patches or other mitigations described in this document. \n\n Do not access PDF documents from untrusted sources\n\n Do not open unfamiliar or unexpected PDF documents, particularly\n those hosted on websites or delivered as email attachments. Please\n see Cyber Security Tip ST04-010. \n\n\nIV. References\n\n * Security Advisory for Flash Player, Adobe Reader and Acrobat -\n \u003chttp://www.adobe.com/support/security/advisories/apsa10-01.html\u003e\n\n * Adobe Labs - Flash Player 10 pre-release -\n \u003chttp://labs.adobe.com/technologies/flashplayer10/\u003e\n\n * US-CERT Vulnerability Note VU#486225 -\n \u003chttp://www.kb.cert.org/vuls/id/486225\u003e\n\n * Securing Your Web Browser -\n \u003chttp://www.us-cert.gov/reading_room/securing_browser/\u003e\n\n * Understanding DEP as a mitigation technology part 1 -\n \u003chttp://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx\u003e\n\n * Understanding DEP as a mitigation technology part 2 -\n \u003chttp://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx\u003e\n\n ____________________________________________________________________\n\n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA10-159A.html\u003e\n ____________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-159A Feedback VU#486225\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n June 08, 2010: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBTA65yT6pPKYJORa3AQLS9wf/fh+7IwRtBvoPgn8pYeOsVheLkbVLWC3W\nmiWUnY1acuPTwZzG5JcAldRHksFkx1j0mMEvp4PhtiTr51JFPi4XgDfrG4cEcVaw\nnuAqEV+hLAWZkMex/jWxBV+85tZqKN0kiUr3bq5DPsdkhjV7c2MFfS8BSxLXLuPm\nOFAXPT+XFldq6MJhYUOtWT1CIz6PNPfo68KmZaUThjdqkkBW3HQu90OSRf2c6M/u\nV6KBQf7QuhpPqYUqAZU6ZUNEfL/7g2BwvuPjUMlgE5N+Z8EYnhyhu0qDtZeLUcXA\n2gH31VEr79DUHJqpb9jk61bi5Dm4gjHeLHoTAwu0IrduZzXvWncfIg==\n=ZPZM\n-----END PGP SIGNATURE-----\n. \n\nSOLUTION:\nDelete, rename, or remove access to authplay.dll to prevent running\nSWF content in PDF files",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-2207"
},
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001713"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "BID",
"id": "41239"
},
{
"db": "VULHUB",
"id": "VHN-44812"
},
{
"db": "VULMON",
"id": "CVE-2010-2207"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "90321"
}
],
"trust": 3.42
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.kb.cert.org/vuls/id/486225",
"trust": 0.8,
"type": "poc"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-2207",
"trust": 3.0
},
{
"db": "BID",
"id": "41239",
"trust": 2.3
},
{
"db": "VUPEN",
"id": "ADV-2010-1636",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1024159",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "40026",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#486225",
"trust": 0.9
},
{
"db": "USCERT",
"id": "TA10-159A",
"trust": 0.9
},
{
"db": "USCERT",
"id": "SA10-162A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "TA10-162A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA10-159A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001713",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201006-485",
"trust": 0.7
},
{
"db": "BID",
"id": "41130",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-44812",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2010-2207",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "93607",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90322",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90516",
"trust": 0.1
},
{
"db": "SECUNIA",
"id": "40034",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90321",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44812"
},
{
"db": "VULMON",
"id": "CVE-2010-2207"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "BID",
"id": "41239"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001713"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "90321"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-485"
},
{
"db": "NVD",
"id": "CVE-2010-2207"
}
]
},
"id": "VAR-201006-1189",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-44812"
}
],
"trust": 0.01
},
"last_update_date": "2024-09-09T21:07:15.931000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-15",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"
},
{
"title": "APSB10-15",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-15.html"
},
{
"title": "RHSA-2010:0503",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0503.html"
},
{
"title": "TA10-159A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-159a.html"
},
{
"title": "TA10-162A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-162a.html"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/0xCyberY/CVE-T4PDF "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-2207"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001713"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44812"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001713"
},
{
"db": "NVD",
"id": "CVE-2010-2207"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"
},
{
"trust": 2.1,
"url": "http://www.securityfocus.com/bid/41239"
},
{
"trust": 2.0,
"url": "http://www.vupen.com/english/advisories/2010/1636"
},
{
"trust": 1.8,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a6849"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id?1024159"
},
{
"trust": 0.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2207"
},
{
"trust": 0.8,
"url": "http://www.adobe.com/devnet/actionscript/articles/avm2overview.pdf"
},
{
"trust": 0.8,
"url": "http://labs.adobe.com/technologies/flashplayer10/"
},
{
"trust": 0.8,
"url": "http://blog.zynamics.com/2010/06/09/analyzing-the-currently-exploited-0-day-for-adobe-reader-and-adobe-flash/"
},
{
"trust": 0.8,
"url": "http://www.symantec.com/connect/blogs/analysis-zero-day-exploit-adobe-flash-and-reader"
},
{
"trust": 0.8,
"url": "http://community.websense.com/blogs/securitylabs/archive/2010/06/09/having-fun-with-adobe-0-day-exploits.aspx"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/40026"
},
{
"trust": 0.8,
"url": "http://www.f-secure.com/weblog/archives/00001962.html"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20100611-adobe.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100015.txt"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100017.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-159a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-162a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-16"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2207"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-159a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-162a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-159a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-162a.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://www.adobe.com"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/webinars/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/0xcybery/cve-t4pdf"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2203"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2209"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0188"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0199"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201009-05.xml"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2205"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2211"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1285"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0199"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0190"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2210"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0188"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0198"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-07.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1297"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1241"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1295"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2208"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0190"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0198"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2168"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2201"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-16.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0186"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2212"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40026/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40026/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/486225\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-159a.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx\u003e"
},
{
"trust": 0.1,
"url": "http://labs.adobe.com/technologies/flashplayer10/\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/reading_room/securing_browser/\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx\u003e"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40034/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40034"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40034/#comments"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44812"
},
{
"db": "VULMON",
"id": "CVE-2010-2207"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "BID",
"id": "41239"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001713"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "90321"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-485"
},
{
"db": "NVD",
"id": "CVE-2010-2207"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44812"
},
{
"db": "VULMON",
"id": "CVE-2010-2207"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "BID",
"id": "41239"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001713"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "90321"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-485"
},
{
"db": "NVD",
"id": "CVE-2010-2207"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-06-07T00:00:00",
"db": "CERT/CC",
"id": "VU#486225"
},
{
"date": "2010-06-30T00:00:00",
"db": "VULHUB",
"id": "VHN-44812"
},
{
"date": "2010-06-30T00:00:00",
"db": "VULMON",
"id": "CVE-2010-2207"
},
{
"date": "2010-06-24T00:00:00",
"db": "BID",
"id": "41130"
},
{
"date": "2010-06-29T00:00:00",
"db": "BID",
"id": "41239"
},
{
"date": "2010-07-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001713"
},
{
"date": "2010-09-08T05:23:46",
"db": "PACKETSTORM",
"id": "93607"
},
{
"date": "2010-06-07T11:14:28",
"db": "PACKETSTORM",
"id": "90322"
},
{
"date": "2010-06-12T04:47:27",
"db": "PACKETSTORM",
"id": "90516"
},
{
"date": "2010-06-07T11:14:25",
"db": "PACKETSTORM",
"id": "90321"
},
{
"date": "2010-06-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-485"
},
{
"date": "2010-06-30T18:30:01.693000",
"db": "NVD",
"id": "CVE-2010-2207"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-03-28T00:00:00",
"db": "CERT/CC",
"id": "VU#486225"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-44812"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2010-2207"
},
{
"date": "2010-06-29T22:08:00",
"db": "BID",
"id": "41130"
},
{
"date": "2015-03-19T08:52:00",
"db": "BID",
"id": "41239"
},
{
"date": "2010-07-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001713"
},
{
"date": "2010-07-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-485"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2010-2207"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-485"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash ActionScript AVM2 newfunction vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201006-485"
}
],
"trust": 0.6
}
}
var-201405-0214
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0522, CVE-2014-0524, and CVE-2014-0526. Adobe Acrobat and Reader are prone to an unspecified memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. The following products are affected: Adobe Reader 11.x versions prior to 11.0.07 Adobe Reader 10.x versions prior to 10.1.10 Adobe Acrobat 11.x versions prior to 11.0.07 Adobe Acrobat 10.x versions prior to 10.1.10. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201405-0214",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.07)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.10)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.07)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.10)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "67368"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002483"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-248"
},
{
"db": "NVD",
"id": "CVE-2014-0523"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002483"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wei Lei and Wu Hongjun of Nanyang Technological University working with Verisign iDefense Labs",
"sources": [
{
"db": "BID",
"id": "67368"
}
],
"trust": 0.3
},
"cve": "CVE-2014-0523",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-0523",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-68016",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-0523",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-0523",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201405-248",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-68016",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68016"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002483"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-248"
},
{
"db": "NVD",
"id": "CVE-2014-0523"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0522, CVE-2014-0524, and CVE-2014-0526. Adobe Acrobat and Reader are prone to an unspecified memory-corruption vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. \nThe following products are affected:\nAdobe Reader 11.x versions prior to 11.0.07\nAdobe Reader 10.x versions prior to 10.1.10\nAdobe Acrobat 11.x versions prior to 11.0.07\nAdobe Acrobat 10.x versions prior to 10.1.10. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0523"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002483"
},
{
"db": "BID",
"id": "67368"
},
{
"db": "VULHUB",
"id": "VHN-68016"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0523",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002483",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201405-248",
"trust": 0.7
},
{
"db": "BID",
"id": "67368",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-68016",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68016"
},
{
"db": "BID",
"id": "67368"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002483"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-248"
},
{
"db": "NVD",
"id": "CVE-2014-0523"
}
]
},
"id": "VAR-201405-0214",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-68016"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:57:58.220000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB14-15",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-15.html"
},
{
"title": "APSB14-15",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb14-15.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20140515.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002483"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68016"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002483"
},
{
"db": "NVD",
"id": "CVE-2014-0523"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-15.html"
},
{
"trust": 1.1,
"url": "https://www.verisign.com/en_us/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1074"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0523"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20140514-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140023.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0523"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=13798"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68016"
},
{
"db": "BID",
"id": "67368"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002483"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-248"
},
{
"db": "NVD",
"id": "CVE-2014-0523"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-68016"
},
{
"db": "BID",
"id": "67368"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002483"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-248"
},
{
"db": "NVD",
"id": "CVE-2014-0523"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-05-14T00:00:00",
"db": "VULHUB",
"id": "VHN-68016"
},
{
"date": "2014-05-13T00:00:00",
"db": "BID",
"id": "67368"
},
{
"date": "2014-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002483"
},
{
"date": "2014-05-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-248"
},
{
"date": "2014-05-14T11:13:05.193000",
"db": "NVD",
"id": "CVE-2014-0523"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-08T00:00:00",
"db": "VULHUB",
"id": "VHN-68016"
},
{
"date": "2014-05-13T00:00:00",
"db": "BID",
"id": "67368"
},
{
"date": "2014-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002483"
},
{
"date": "2014-05-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-248"
},
{
"date": "2016-12-08T03:04:23.140000",
"db": "NVD",
"id": "CVE-2014-0523"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201405-248"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002483"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201405-248"
}
],
"trust": 0.6
}
}
var-201505-0416
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3046, CVE-2015-3050, CVE-2015-3051, CVE-2015-3052, CVE-2015-3056, CVE-2015-3057, CVE-2015-3070, and CVE-2015-3076. Adobe Reader and Acrobat are prone to multiple memory-corruption vulnerabilities. Failed exploit attempts will likely result in denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201505-0416",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002627"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-162"
},
{
"db": "NVD",
"id": "CVE-2015-3049"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002627"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "instruder of Alibaba Security Research Team, Mateusz Jurczyk of Google Project Zero, Alex Inf\u00fchr of Cure53.de, Mateusz Jurczyk of Google Project Zero and Gynvael Coldwind of Google Security Team, Wei Lei, as well as Wu Hongjun of Nanyang Technological Uni",
"sources": [
{
"db": "BID",
"id": "74600"
}
],
"trust": 0.3
},
"cve": "CVE-2015-3049",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3049",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-81010",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3049",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-3049",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-162",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-81010",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-3049",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81010"
},
{
"db": "VULMON",
"id": "CVE-2015-3049"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002627"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-162"
},
{
"db": "NVD",
"id": "CVE-2015-3049"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3046, CVE-2015-3050, CVE-2015-3051, CVE-2015-3052, CVE-2015-3056, CVE-2015-3057, CVE-2015-3070, and CVE-2015-3076. Adobe Reader and Acrobat are prone to multiple memory-corruption vulnerabilities. Failed exploit attempts will likely result in denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3049"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002627"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "VULHUB",
"id": "VHN-81010"
},
{
"db": "VULMON",
"id": "CVE-2015-3049"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3049",
"trust": 3.0
},
{
"db": "BID",
"id": "74600",
"trust": 1.5
},
{
"db": "SECTRACK",
"id": "1032284",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002627",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201505-162",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "133166",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-81010",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-3049",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81010"
},
{
"db": "VULMON",
"id": "CVE-2015-3049"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002627"
},
{
"db": "PACKETSTORM",
"id": "133166"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-162"
},
{
"db": "NVD",
"id": "CVE-2015-3049"
}
]
},
"id": "VAR-201505-0416",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81010"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:34:03.390000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb15-10.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150514.html"
},
{
"title": "AdbeRdrUpd10114",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55534"
},
{
"title": "AcrobatUpd10114",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55538"
},
{
"title": "AdbeRdrUpd11011",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55533"
},
{
"title": "AcrobatUpd11011",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55537"
},
{
"title": "AdbeRdrUpd10114",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55532"
},
{
"title": "AcrobatUpd10114",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55536"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002627"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-162"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81010"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002627"
},
{
"db": "NVD",
"id": "CVE-2015-3049"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/74600"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1032284"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3049"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150513-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3049"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=16279"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3049"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81010"
},
{
"db": "VULMON",
"id": "CVE-2015-3049"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002627"
},
{
"db": "PACKETSTORM",
"id": "133166"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-162"
},
{
"db": "NVD",
"id": "CVE-2015-3049"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-81010"
},
{
"db": "VULMON",
"id": "CVE-2015-3049"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002627"
},
{
"db": "PACKETSTORM",
"id": "133166"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-162"
},
{
"db": "NVD",
"id": "CVE-2015-3049"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-81010"
},
{
"date": "2015-05-13T00:00:00",
"db": "VULMON",
"id": "CVE-2015-3049"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74600"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002627"
},
{
"date": "2015-08-21T01:25:38",
"db": "PACKETSTORM",
"id": "133166"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-162"
},
{
"date": "2015-05-13T10:59:45.887000",
"db": "NVD",
"id": "CVE-2015-3049"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-03T00:00:00",
"db": "VULHUB",
"id": "VHN-81010"
},
{
"date": "2017-01-03T00:00:00",
"db": "VULMON",
"id": "CVE-2015-3049"
},
{
"date": "2015-07-15T01:02:00",
"db": "BID",
"id": "74600"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002627"
},
{
"date": "2015-05-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-162"
},
{
"date": "2017-01-03T20:03:19.337000",
"db": "NVD",
"id": "CVE-2015-3049"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-162"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002627"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-162"
}
],
"trust": 0.6
}
}
var-201601-0594
Vulnerability from variot
Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946. This vulnerability CVE-2016-0931 , CVE-2016-0936 , CVE-2016-0938 , CVE-2016-0939 , CVE-2016-0942 , CVE-2016-0944 , CVE-2016-0945 ,and CVE-2016-0946 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Adobe Acrobat and Reader are prone to multiple memory-corruption vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Security flaws exist in several Adobe products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201601-0594",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.14 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30119 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20056 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30119 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20056 (windows/macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.14 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.006.30097"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001035"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-233"
},
{
"db": "NVD",
"id": "CVE-2016-0933"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001035"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Brian Gorenc of HPE\u0027s Zero Day Initiative, Mahinthan Chandramohan, Wei Lei and Liu Yang working with iDefense\u0027s Vulnerability Contributor Program, Jaanus Kp of Clarified Security, working with HPE\u0027s Zero Day Initiative, Chris Navarrete of Fortinet\u0027s FortiG",
"sources": [
{
"db": "BID",
"id": "80361"
}
],
"trust": 0.3
},
"cve": "CVE-2016-0933",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2016-0933",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-88443",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2016-0933",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-0933",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2016-0933",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-233",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-88443",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88443"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001035"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-233"
},
{
"db": "NVD",
"id": "CVE-2016-0933"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946. This vulnerability CVE-2016-0931 , CVE-2016-0936 , CVE-2016-0938 , CVE-2016-0939 , CVE-2016-0942 , CVE-2016-0944 , CVE-2016-0945 ,and CVE-2016-0946 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Adobe Acrobat and Reader are prone to multiple memory-corruption vulnerabilities. \nAttackers can exploit these issues to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Security flaws exist in several Adobe products",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0933"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001035"
},
{
"db": "BID",
"id": "80361"
},
{
"db": "VULHUB",
"id": "VHN-88443"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0933",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1034646",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001035",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201601-233",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-014",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-015",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-009",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-013",
"trust": 0.3
},
{
"db": "BID",
"id": "80361",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-88443",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88443"
},
{
"db": "BID",
"id": "80361"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001035"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-233"
},
{
"db": "NVD",
"id": "CVE-2016-0933"
}
]
},
"id": "VAR-201601-0594",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88443"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:32:58.038000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-02",
"trust": 0.8,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
},
{
"title": "APSB16-02",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb16-02.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160114.html"
},
{
"title": "Multiple Adobe Product Buffer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59580"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001035"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-233"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88443"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001035"
},
{
"db": "NVD",
"id": "CVE-2016-0933"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
},
{
"trust": 1.1,
"url": "https://www.verisign.com/en_us/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1217"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1034646"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0933"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160113-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160003.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0933"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17575"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
},
{
"trust": 0.3,
"url": "https://helpx.adobe.com/security/products/reader/apsb16-02.html"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-009/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-013/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-014/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-015/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88443"
},
{
"db": "BID",
"id": "80361"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001035"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-233"
},
{
"db": "NVD",
"id": "CVE-2016-0933"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-88443"
},
{
"db": "BID",
"id": "80361"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001035"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-233"
},
{
"db": "NVD",
"id": "CVE-2016-0933"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-14T00:00:00",
"db": "VULHUB",
"id": "VHN-88443"
},
{
"date": "2016-01-12T00:00:00",
"db": "BID",
"id": "80361"
},
{
"date": "2016-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001035"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-233"
},
{
"date": "2016-01-14T05:59:02.207000",
"db": "NVD",
"id": "CVE-2016-0933"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-07T00:00:00",
"db": "VULHUB",
"id": "VHN-88443"
},
{
"date": "2016-01-14T23:58:00",
"db": "BID",
"id": "80361"
},
{
"date": "2016-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001035"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-233"
},
{
"date": "2016-12-07T23:41:13.950000",
"db": "NVD",
"id": "CVE-2016-0933"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-233"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001035"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-233"
}
],
"trust": 0.6
}
}
var-201006-1163
Vulnerability from variot
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2202, CVE-2010-2207, CVE-2010-2209, CVE-2010-2210, CVE-2010-2211, and CVE-2010-2212. Adobe Reader and Acrobat Any code that could be executed or service disruption (DoS) There is a vulnerability that becomes a condition. This vulnerability CVE-2010-2202 , CVE-2010-2207 , CVE-2010-2209 , CVE-2010-2210 , CVE- 2010-2211 and CVE-2010-2212 Is a different vulnerability.An attacker could execute arbitrary code. Adobe Reader and Acrobat versions prior to and including 9.3.2 and 8.2.2 are affected. This BID is being retired. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201009-05
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: September 07, 2010 Bugs: #297385, #306429, #313343, #322857 ID: 201009-05
Synopsis
Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code or other attacks. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.3.4"
References
[ 1 ] APSA10-01 http://www.adobe.com/support/security/advisories/apsa10-01.html [ 2 ] APSB10-02 http://www.adobe.com/support/security/bulletins/apsb10-02.html [ 3 ] APSB10-07 http://www.adobe.com/support/security/bulletins/apsb10-07.html [ 4 ] APSB10-09 http://www.adobe.com/support/security/bulletins/apsb10-09.html [ 5 ] APSB10-14 http://www.adobe.com/support/security/bulletins/apsb10-14.html [ 6 ] APSB10-16 http://www.adobe.com/support/security/bulletins/apsb10-16.html [ 7 ] CVE-2009-3953 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953 [ 8 ] CVE-2009-4324 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324 [ 9 ] CVE-2010-0186 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186 [ 10 ] CVE-2010-0188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188 [ 11 ] CVE-2010-0190 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190 [ 12 ] CVE-2010-0191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191 [ 13 ] CVE-2010-0192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192 [ 14 ] CVE-2010-0193 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193 [ 15 ] CVE-2010-0194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194 [ 16 ] CVE-2010-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195 [ 17 ] CVE-2010-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196 [ 18 ] CVE-2010-0197 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197 [ 19 ] CVE-2010-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198 [ 20 ] CVE-2010-0199 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199 [ 21 ] CVE-2010-0201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201 [ 22 ] CVE-2010-0202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202 [ 23 ] CVE-2010-0203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203 [ 24 ] CVE-2010-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204 [ 25 ] CVE-2010-1241 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241 [ 26 ] CVE-2010-1285 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285 [ 27 ] CVE-2010-1295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295 [ 28 ] CVE-2010-1297 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297 [ 29 ] CVE-2010-2168 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168 [ 30 ] CVE-2010-2201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201 [ 31 ] CVE-2010-2202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202 [ 32 ] CVE-2010-2203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203 [ 33 ] CVE-2010-2204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204 [ 34 ] CVE-2010-2205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205 [ 35 ] CVE-2010-2206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206 [ 36 ] CVE-2010-2207 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207 [ 37 ] CVE-2010-2208 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208 [ 38 ] CVE-2010-2209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209 [ 39 ] CVE-2010-2210 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210 [ 40 ] CVE-2010-2211 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211 [ 41 ] CVE-2010-2212 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201009-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. ----------------------------------------------------------------------
Secunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management
Free webinars
http://secunia.com/vulnerability_scanning/corporate/webinars/
TITLE: Adobe Flash Player Unspecified Code Execution Vulnerability
SECUNIA ADVISORY ID: SA40026
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/40026/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=40026
RELEASE DATE: 2010-06-05
DISCUSS ADVISORY: http://secunia.com/advisories/40026/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/40026/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=40026
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an unspecified error. No more information is currently available.
The vulnerability is reported in version 10.0.45.2 and prior 10.0.x and 9.0.x versions for Windows, Macintosh, Linux, and Solaris.
NOTE: The vulnerability is reportedly being actively exploited.
SOLUTION: Reportedly, the latest version 10.1 Release Candidate is not affected.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day.
ORIGINAL ADVISORY: Adobe: http://www.adobe.com/support/security/advisories/apsa10-01.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA10-159A
Adobe Flash, Reader, and Acrobat Vulnerability
Original release date: June 08, 2010 Last revised: -- Source: US-CERT
Systems Affected
* Adobe Flash Player 10.0.45.2 and earlier 10.x versions
* Adobe Flash Player 9.0.262 and earlier 9.x versions
* Adobe Reader 9.3.2 and earlier 9.x versions
* Adobe Acrobat 9.3.2 and earlier 9.x versions
Other Adobe products that support Flash may also be vulnerable. This
vulnerability affects Flash Player, Reader, Acrobat, and possibly other products that support Flash.
I. It may also affect other products that independently support Flash, such as Photoshop, Photoshop Lightroom, Freehand MX, and Fireworks.
An attacker could exploit this vulnerability by convincing a user to open specially crafted Flash content. Flash content is commonly hosted on a web page, but it can also be embedded in PDF and other documents or provided as a stand-alone file.
II.
III. Solution
Update
Adobe Security Advisory APSA10-01 suggests updating to the release candidate of Flash Player 10.1.
Disable Flash in your web browser
Uninstall Flash or restrict which sites are allowed to run Flash. To the extent possible, only run trusted Flash content on trusted domains. For more information, see Securing Your Web Browser.
Disable Flash in Adobe Reader and Acrobat
Disabling Flash in Adobe Reader will mitigate attacks that rely on Flash content embedded in a PDF file. Disabling 3D & Multimedia support does not directly address the vulnerability, but it does provide additional mitigation and results in a more user-friendly error message instead of a crash. To disable Flash and 3D & Multimedia support in Adobe Reader 9, delete, rename, or remove access to these files:
Microsoft Windows
"%ProgramFiles%\Adobe\Reader 9.0\Reader\authplay.dll"
"%ProgramFiles%\Adobe\Reader 9.0\Reader\rt3d.dll"
Apple Mac OS X
"/Applications/Adobe Reader 9/Adobe
Reader.app/Contents/Frameworks/AuthPlayLib.bundle"
"/Applications/Adobe Reader 9/Adobe
Reader.app/Contents/Frameworks/Adobe3D.framework"
GNU/Linux (locations may vary among distributions)
"/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so"
"/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so"
File locations may be different for Adobe Acrobat or other Adobe products that include Flash and 3D & Multimedia support. Disabling these plugins will reduce functionality and will not protect against Flash content hosted on websites. Depending on the update schedule for products other than Flash Player, consider leaving Flash and 3D & Multimedia support disabled unless they are absolutely required.
Prevent Internet Explorer from automatically opening PDF documents
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7]
"EditFlags"=hex:00,00,00,00
Disable the display of PDF documents in the web browser
Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF documents from automatically being opened in a web browser, do the following:
1.
2. Open the Edit menu.
3. Choose the Preferences option.
4. Choose the Internet section.
5. Uncheck the "Display PDF in browser" checkbox.
Disable JavaScript in Adobe Reader and Acrobat
Disabling JavaScript provides some additional protection against attacks. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Enable DEP in Microsoft Windows
Consider enabling Data Execution Prevention (DEP) in supported versions of Windows. DEP should not be treated as a complete workaround, but it can mitigate the execution of attacker-supplied code in some cases. Microsoft has published detailed technical information about DEP in Security Research & Defense blog posts "Understanding DEP as a mitigation technology" part 1 and part 2. Use of DEP should be considered in conjunction with the application of patches or other mitigations described in this document.
Do not access PDF documents from untrusted sources
Do not open unfamiliar or unexpected PDF documents, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. References
-
Security Advisory for Flash Player, Adobe Reader and Acrobat - http://www.adobe.com/support/security/advisories/apsa10-01.html
-
Adobe Labs - Flash Player 10 pre-release - http://labs.adobe.com/technologies/flashplayer10/
-
US-CERT Vulnerability Note VU#486225 - http://www.kb.cert.org/vuls/id/486225
-
Securing Your Web Browser - http://www.us-cert.gov/reading_room/securing_browser/
-
Understanding DEP as a mitigation technology part 1 - http://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx
-
Understanding DEP as a mitigation technology part 2 - http://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA10-159A.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA10-159A Feedback VU#486225" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
June 08, 2010: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBTA65yT6pPKYJORa3AQLS9wf/fh+7IwRtBvoPgn8pYeOsVheLkbVLWC3W miWUnY1acuPTwZzG5JcAldRHksFkx1j0mMEvp4PhtiTr51JFPi4XgDfrG4cEcVaw nuAqEV+hLAWZkMex/jWxBV+85tZqKN0kiUr3bq5DPsdkhjV7c2MFfS8BSxLXLuPm OFAXPT+XFldq6MJhYUOtWT1CIz6PNPfo68KmZaUThjdqkkBW3HQu90OSRf2c6M/u V6KBQf7QuhpPqYUqAZU6ZUNEfL/7g2BwvuPjUMlgE5N+Z8EYnhyhu0qDtZeLUcXA 2gH31VEr79DUHJqpb9jk61bi5Dm4gjHeLHoTAwu0IrduZzXvWncfIg== =ZPZM -----END PGP SIGNATURE----- .
SOLUTION: Delete, rename, or remove access to authplay.dll to prevent running SWF content in PDF files
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201006-1163",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.4.z (server)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "BID",
"id": "41230"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001705"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-475"
},
{
"db": "NVD",
"id": "CVE-2010-1295"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001705"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Microsoft Vulnerability Research (MSVR)",
"sources": [
{
"db": "BID",
"id": "41230"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-475"
}
],
"trust": 0.9
},
"cve": "CVE-2010-1295",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-1295",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CARNEGIE MELLON",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 9.0,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 7.0,
"exploitability": "PROOF-OF-CONCEPT",
"exploitabilityScore": 8.6,
"id": "VU#486225",
"impactScore": 9.5,
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "OFFICIAL FIX",
"reportConfidence": "CONFIRMED",
"severity": "HIGH",
"targetDistribution": "NOT DEFINED",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-43900",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-1295",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#486225",
"trust": 0.8,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2010-1295",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201006-475",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-43900",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2010-1295",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-43900"
},
{
"db": "VULMON",
"id": "CVE-2010-1295"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001705"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-475"
},
{
"db": "NVD",
"id": "CVE-2010-1295"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2202, CVE-2010-2207, CVE-2010-2209, CVE-2010-2210, CVE-2010-2211, and CVE-2010-2212. Adobe Reader and Acrobat Any code that could be executed or service disruption (DoS) There is a vulnerability that becomes a condition. This vulnerability CVE-2010-2202 , CVE-2010-2207 , CVE-2010-2209 , CVE-2010-2210 , CVE- 2010-2211 and CVE-2010-2212 Is a different vulnerability.An attacker could execute arbitrary code. \nAdobe Reader and Acrobat versions prior to and including 9.3.2 and 8.2.2 are affected. \nThis BID is being retired. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201009-05\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: September 07, 2010\n Bugs: #297385, #306429, #313343, #322857\n ID: 201009-05\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might result in the execution\nof arbitrary code or other attacks. For further\ninformation please consult the CVE entries and the Adobe Security\nBulletins referenced below. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.3.4\"\n\nReferences\n==========\n\n [ 1 ] APSA10-01\n http://www.adobe.com/support/security/advisories/apsa10-01.html\n [ 2 ] APSB10-02\n http://www.adobe.com/support/security/bulletins/apsb10-02.html\n [ 3 ] APSB10-07\n http://www.adobe.com/support/security/bulletins/apsb10-07.html\n [ 4 ] APSB10-09\n http://www.adobe.com/support/security/bulletins/apsb10-09.html\n [ 5 ] APSB10-14\n http://www.adobe.com/support/security/bulletins/apsb10-14.html\n [ 6 ] APSB10-16\n http://www.adobe.com/support/security/bulletins/apsb10-16.html\n [ 7 ] CVE-2009-3953\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953\n [ 8 ] CVE-2009-4324\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324\n [ 9 ] CVE-2010-0186\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186\n [ 10 ] CVE-2010-0188\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188\n [ 11 ] CVE-2010-0190\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190\n [ 12 ] CVE-2010-0191\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191\n [ 13 ] CVE-2010-0192\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192\n [ 14 ] CVE-2010-0193\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193\n [ 15 ] CVE-2010-0194\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194\n [ 16 ] CVE-2010-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195\n [ 17 ] CVE-2010-0196\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196\n [ 18 ] CVE-2010-0197\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197\n [ 19 ] CVE-2010-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198\n [ 20 ] CVE-2010-0199\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199\n [ 21 ] CVE-2010-0201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201\n [ 22 ] CVE-2010-0202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202\n [ 23 ] CVE-2010-0203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203\n [ 24 ] CVE-2010-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204\n [ 25 ] CVE-2010-1241\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241\n [ 26 ] CVE-2010-1285\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285\n [ 27 ] CVE-2010-1295\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295\n [ 28 ] CVE-2010-1297\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297\n [ 29 ] CVE-2010-2168\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168\n [ 30 ] CVE-2010-2201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201\n [ 31 ] CVE-2010-2202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202\n [ 32 ] CVE-2010-2203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203\n [ 33 ] CVE-2010-2204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204\n [ 34 ] CVE-2010-2205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205\n [ 35 ] CVE-2010-2206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206\n [ 36 ] CVE-2010-2207\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207\n [ 37 ] CVE-2010-2208\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208\n [ 38 ] CVE-2010-2209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209\n [ 39 ] CVE-2010-2210\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210\n [ 40 ] CVE-2010-2211\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211\n [ 41 ] CVE-2010-2212\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201009-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. ----------------------------------------------------------------------\n\n\nSecunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management\n\nFree webinars\n\nhttp://secunia.com/vulnerability_scanning/corporate/webinars/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player Unspecified Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA40026\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/40026/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026\n\nRELEASE DATE:\n2010-06-05\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/40026/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/40026/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in Adobe Flash Player, which can be\nexploited by malicious people to compromise a user\u0027s system. \n\nThe vulnerability is caused due to an unspecified error. No more\ninformation is currently available. \n\nThe vulnerability is reported in version 10.0.45.2 and prior 10.0.x\nand 9.0.x versions for Windows, Macintosh, Linux, and Solaris. \n\nNOTE: The vulnerability is reportedly being actively exploited. \n\nSOLUTION:\nReportedly, the latest version 10.1 Release Candidate is not\naffected. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\nReported as a 0-day. \n\nORIGINAL ADVISORY:\nAdobe:\nhttp://www.adobe.com/support/security/advisories/apsa10-01.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n National Cyber Alert System\n\n Technical Cyber Security Alert TA10-159A\n\n\nAdobe Flash, Reader, and Acrobat Vulnerability\n\n Original release date: June 08, 2010\n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n * Adobe Flash Player 10.0.45.2 and earlier 10.x versions\n * Adobe Flash Player 9.0.262 and earlier 9.x versions\n * Adobe Reader 9.3.2 and earlier 9.x versions\n * Adobe Acrobat 9.3.2 and earlier 9.x versions\n\n Other Adobe products that support Flash may also be vulnerable. This\n vulnerability affects Flash Player, Reader, Acrobat, and possibly\n other products that support Flash. \n\n\nI. It may\n also affect other products that independently support Flash, such\n as Photoshop, Photoshop Lightroom, Freehand MX, and Fireworks. \n\n An attacker could exploit this vulnerability by convincing a user\n to open specially crafted Flash content. Flash content is commonly\n hosted on a web page, but it can also be embedded in PDF and other\n documents or provided as a stand-alone file. \n\n\nII. \n\n\nIII. Solution\n\n Update\n\n Adobe Security Advisory APSA10-01 suggests updating to the release\n candidate of Flash Player 10.1. \n\n Disable Flash in your web browser\n\n Uninstall Flash or restrict which sites are allowed to run Flash. \n To the extent possible, only run trusted Flash content on trusted\n domains. For more information, see Securing Your Web Browser. \n\n Disable Flash in Adobe Reader and Acrobat\n\n Disabling Flash in Adobe Reader will mitigate attacks that rely on\n Flash content embedded in a PDF file. Disabling 3D \u0026 Multimedia\n support does not directly address the vulnerability, but it does\n provide additional mitigation and results in a more user-friendly\n error message instead of a crash. To disable Flash and 3D \u0026\n Multimedia support in Adobe Reader 9, delete, rename, or remove\n access to these files:\n\n Microsoft Windows\n\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\authplay.dll\"\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\rt3d.dll\"\n\n Apple Mac OS X\n\n \"/Applications/Adobe Reader 9/Adobe\n Reader.app/Contents/Frameworks/AuthPlayLib.bundle\"\n \"/Applications/Adobe Reader 9/Adobe\n Reader.app/Contents/Frameworks/Adobe3D.framework\"\n\n\n GNU/Linux (locations may vary among distributions)\n\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so\"\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so\"\n\n File locations may be different for Adobe Acrobat or other Adobe\n products that include Flash and 3D \u0026 Multimedia support. Disabling\n these plugins will reduce functionality and will not protect\n against Flash content hosted on websites. Depending on the update\n schedule for products other than Flash Player, consider leaving\n Flash and 3D \u0026 Multimedia support disabled unless they are\n absolutely required. \n\n Prevent Internet Explorer from automatically opening PDF documents\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF documents in the web browser\n\n Preventing PDF documents from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF documents from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. \n\n Disable JavaScript in Adobe Reader and Acrobat\n\n Disabling JavaScript provides some additional protection against\n attacks. Acrobat JavaScript can be disabled using the Preferences\n menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable Acrobat\n JavaScript). \n\n Enable DEP in Microsoft Windows\n\n Consider enabling Data Execution Prevention (DEP) in supported\n versions of Windows. DEP should not be treated as a complete\n workaround, but it can mitigate the execution of attacker-supplied\n code in some cases. Microsoft has published detailed technical\n information about DEP in Security Research \u0026 Defense blog posts\n \"Understanding DEP as a mitigation technology\" part 1 and part 2. \n Use of DEP should be considered in conjunction with the application\n of patches or other mitigations described in this document. \n\n Do not access PDF documents from untrusted sources\n\n Do not open unfamiliar or unexpected PDF documents, particularly\n those hosted on websites or delivered as email attachments. Please\n see Cyber Security Tip ST04-010. \n\n\nIV. References\n\n * Security Advisory for Flash Player, Adobe Reader and Acrobat -\n \u003chttp://www.adobe.com/support/security/advisories/apsa10-01.html\u003e\n\n * Adobe Labs - Flash Player 10 pre-release -\n \u003chttp://labs.adobe.com/technologies/flashplayer10/\u003e\n\n * US-CERT Vulnerability Note VU#486225 -\n \u003chttp://www.kb.cert.org/vuls/id/486225\u003e\n\n * Securing Your Web Browser -\n \u003chttp://www.us-cert.gov/reading_room/securing_browser/\u003e\n\n * Understanding DEP as a mitigation technology part 1 -\n \u003chttp://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx\u003e\n\n * Understanding DEP as a mitigation technology part 2 -\n \u003chttp://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx\u003e\n\n ____________________________________________________________________\n\n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA10-159A.html\u003e\n ____________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-159A Feedback VU#486225\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n June 08, 2010: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBTA65yT6pPKYJORa3AQLS9wf/fh+7IwRtBvoPgn8pYeOsVheLkbVLWC3W\nmiWUnY1acuPTwZzG5JcAldRHksFkx1j0mMEvp4PhtiTr51JFPi4XgDfrG4cEcVaw\nnuAqEV+hLAWZkMex/jWxBV+85tZqKN0kiUr3bq5DPsdkhjV7c2MFfS8BSxLXLuPm\nOFAXPT+XFldq6MJhYUOtWT1CIz6PNPfo68KmZaUThjdqkkBW3HQu90OSRf2c6M/u\nV6KBQf7QuhpPqYUqAZU6ZUNEfL/7g2BwvuPjUMlgE5N+Z8EYnhyhu0qDtZeLUcXA\n2gH31VEr79DUHJqpb9jk61bi5Dm4gjHeLHoTAwu0IrduZzXvWncfIg==\n=ZPZM\n-----END PGP SIGNATURE-----\n. \n\nSOLUTION:\nDelete, rename, or remove access to authplay.dll to prevent running\nSWF content in PDF files",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-1295"
},
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001705"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "BID",
"id": "41230"
},
{
"db": "VULHUB",
"id": "VHN-43900"
},
{
"db": "VULMON",
"id": "CVE-2010-1295"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "90321"
}
],
"trust": 3.42
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.kb.cert.org/vuls/id/486225",
"trust": 0.8,
"type": "poc"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-1295",
"trust": 3.0
},
{
"db": "BID",
"id": "41230",
"trust": 2.3
},
{
"db": "VUPEN",
"id": "ADV-2010-1636",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1024159",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "40026",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#486225",
"trust": 0.9
},
{
"db": "USCERT",
"id": "TA10-159A",
"trust": 0.9
},
{
"db": "USCERT",
"id": "SA10-162A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "TA10-162A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA10-159A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001705",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201006-475",
"trust": 0.7
},
{
"db": "BID",
"id": "41130",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-43900",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2010-1295",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "93607",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90322",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90516",
"trust": 0.1
},
{
"db": "SECUNIA",
"id": "40034",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90321",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-43900"
},
{
"db": "VULMON",
"id": "CVE-2010-1295"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "BID",
"id": "41230"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001705"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "90321"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-475"
},
{
"db": "NVD",
"id": "CVE-2010-1295"
}
]
},
"id": "VAR-201006-1163",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-43900"
}
],
"trust": 0.01
},
"last_update_date": "2024-09-09T20:51:04.158000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-15",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"
},
{
"title": "APSB10-15",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-15.html"
},
{
"title": "RHSA-2010:0503",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0503.html"
},
{
"title": "TA10-159A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-159a.html"
},
{
"title": "TA10-162A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-162a.html"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/0xCyberY/CVE-T4PDF "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-1295"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001705"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-43900"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001705"
},
{
"db": "NVD",
"id": "CVE-2010-1295"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"
},
{
"trust": 2.1,
"url": "http://www.securityfocus.com/bid/41230"
},
{
"trust": 2.0,
"url": "http://www.vupen.com/english/advisories/2010/1636"
},
{
"trust": 1.8,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7504"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id?1024159"
},
{
"trust": 0.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1295"
},
{
"trust": 0.8,
"url": "http://www.adobe.com/devnet/actionscript/articles/avm2overview.pdf"
},
{
"trust": 0.8,
"url": "http://labs.adobe.com/technologies/flashplayer10/"
},
{
"trust": 0.8,
"url": "http://blog.zynamics.com/2010/06/09/analyzing-the-currently-exploited-0-day-for-adobe-reader-and-adobe-flash/"
},
{
"trust": 0.8,
"url": "http://www.symantec.com/connect/blogs/analysis-zero-day-exploit-adobe-flash-and-reader"
},
{
"trust": 0.8,
"url": "http://community.websense.com/blogs/securitylabs/archive/2010/06/09/having-fun-with-adobe-0-day-exploits.aspx"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/40026"
},
{
"trust": 0.8,
"url": "http://www.f-secure.com/weblog/archives/00001962.html"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20100611-adobe.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100015.txt"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100017.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-159a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-162a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-16"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1295"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-159a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-162a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-159a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-162a.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://www.adobe.com"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/webinars/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/0xcybery/cve-t4pdf"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2203"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2209"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0188"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0199"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201009-05.xml"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2205"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2211"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1285"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0199"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0190"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2210"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0188"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0198"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-07.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1297"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1241"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2208"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0190"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0198"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2207"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2168"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2201"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-16.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0186"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2212"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40026/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40026/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/486225\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-159a.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx\u003e"
},
{
"trust": 0.1,
"url": "http://labs.adobe.com/technologies/flashplayer10/\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/reading_room/securing_browser/\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx\u003e"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40034/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40034"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40034/#comments"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-43900"
},
{
"db": "VULMON",
"id": "CVE-2010-1295"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "BID",
"id": "41230"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001705"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "90321"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-475"
},
{
"db": "NVD",
"id": "CVE-2010-1295"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-43900"
},
{
"db": "VULMON",
"id": "CVE-2010-1295"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "BID",
"id": "41230"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001705"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "90321"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-475"
},
{
"db": "NVD",
"id": "CVE-2010-1295"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-06-07T00:00:00",
"db": "CERT/CC",
"id": "VU#486225"
},
{
"date": "2010-06-30T00:00:00",
"db": "VULHUB",
"id": "VHN-43900"
},
{
"date": "2010-06-30T00:00:00",
"db": "VULMON",
"id": "CVE-2010-1295"
},
{
"date": "2010-06-24T00:00:00",
"db": "BID",
"id": "41130"
},
{
"date": "2010-06-29T00:00:00",
"db": "BID",
"id": "41230"
},
{
"date": "2010-07-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001705"
},
{
"date": "2010-09-08T05:23:46",
"db": "PACKETSTORM",
"id": "93607"
},
{
"date": "2010-06-07T11:14:28",
"db": "PACKETSTORM",
"id": "90322"
},
{
"date": "2010-06-12T04:47:27",
"db": "PACKETSTORM",
"id": "90516"
},
{
"date": "2010-06-07T11:14:25",
"db": "PACKETSTORM",
"id": "90321"
},
{
"date": "2010-06-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-475"
},
{
"date": "2010-06-30T18:30:01.410000",
"db": "NVD",
"id": "CVE-2010-1295"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-03-28T00:00:00",
"db": "CERT/CC",
"id": "VU#486225"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-43900"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2010-1295"
},
{
"date": "2010-06-29T22:08:00",
"db": "BID",
"id": "41130"
},
{
"date": "2015-03-19T08:10:00",
"db": "BID",
"id": "41230"
},
{
"date": "2010-07-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001705"
},
{
"date": "2010-07-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-475"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2010-1295"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-475"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash ActionScript AVM2 newfunction vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201006-475"
}
],
"trust": 0.6
}
}
var-201208-0430
Vulnerability from variot
Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4147, CVE-2012-4148, CVE-2012-4150, CVE-2012-4151, CVE-2012-4152, CVE-2012-4153, CVE-2012-4154, CVE-2012-4155, CVE-2012-4156, CVE-2012-4157, CVE-2012-4158, CVE-2012-4159, and CVE-2012-4160. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201308-03
http://security.gentoo.org/
Severity: High Title: Adobe Reader: Multiple vulnerabilities Date: August 22, 2013 Bugs: #431732, #451058, #469960 ID: 201308-03
Synopsis
Multiple vulnerabilities have been found in Adobe Reader, including potential remote execution of arbitrary code and local privilege escalation.
Background
Adobe Reader is a closed-source PDF reader.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.5.5 >= 9.5.5
Description
Multiple vulnerabilities have been discovered in Adobe Reader. Please review the CVE identifiers referenced below for details. A local attacker could gain privileges via unspecified vectors.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.5.5"
References
[ 1 ] CVE-2012-1525 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525 [ 2 ] CVE-2012-1530 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530 [ 3 ] CVE-2012-2049 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049 [ 4 ] CVE-2012-2050 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050 [ 5 ] CVE-2012-2051 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051 [ 6 ] CVE-2012-4147 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147 [ 7 ] CVE-2012-4148 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748 [ 8 ] CVE-2012-4149 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149 [ 9 ] CVE-2012-4150 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150 [ 10 ] CVE-2012-4151 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151 [ 11 ] CVE-2012-4152 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152 [ 12 ] CVE-2012-4153 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153 [ 13 ] CVE-2012-4154 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154 [ 14 ] CVE-2012-4155 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155 [ 15 ] CVE-2012-4156 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156 [ 16 ] CVE-2012-4157 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157 [ 17 ] CVE-2012-4158 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158 [ 18 ] CVE-2012-4159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159 [ 19 ] CVE-2012-4160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160 [ 20 ] CVE-2012-4363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363 [ 21 ] CVE-2013-0601 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601 [ 22 ] CVE-2013-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602 [ 23 ] CVE-2013-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603 [ 24 ] CVE-2013-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604 [ 25 ] CVE-2013-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605 [ 26 ] CVE-2013-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606 [ 27 ] CVE-2013-0607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607 [ 28 ] CVE-2013-0608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608 [ 29 ] CVE-2013-0609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609 [ 30 ] CVE-2013-0610 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610 [ 31 ] CVE-2013-0611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611 [ 32 ] CVE-2013-0612 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612 [ 33 ] CVE-2013-0613 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613 [ 34 ] CVE-2013-0614 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614 [ 35 ] CVE-2013-0615 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615 [ 36 ] CVE-2013-0616 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616 [ 37 ] CVE-2013-0617 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617 [ 38 ] CVE-2013-0618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618 [ 39 ] CVE-2013-0619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619 [ 40 ] CVE-2013-0620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620 [ 41 ] CVE-2013-0621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621 [ 42 ] CVE-2013-0622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622 [ 43 ] CVE-2013-0623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623 [ 44 ] CVE-2013-0624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624 [ 45 ] CVE-2013-0626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626 [ 46 ] CVE-2013-0627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627 [ 47 ] CVE-2013-0640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640 [ 48 ] CVE-2013-0641 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641 [ 49 ] CVE-2013-2549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549 [ 50 ] CVE-2013-2550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550 [ 51 ] CVE-2013-2718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718 [ 52 ] CVE-2013-2719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719 [ 53 ] CVE-2013-2720 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720 [ 54 ] CVE-2013-2721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721 [ 55 ] CVE-2013-2722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722 [ 56 ] CVE-2013-2723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723 [ 57 ] CVE-2013-2724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724 [ 58 ] CVE-2013-2725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725 [ 59 ] CVE-2013-2726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726 [ 60 ] CVE-2013-2727 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727 [ 61 ] CVE-2013-2729 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729 [ 62 ] CVE-2013-2730 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730 [ 63 ] CVE-2013-2731 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731 [ 64 ] CVE-2013-2732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732 [ 65 ] CVE-2013-2733 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733 [ 66 ] CVE-2013-2734 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734 [ 67 ] CVE-2013-2735 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735 [ 68 ] CVE-2013-2736 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736 [ 69 ] CVE-2013-2737 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737 [ 70 ] CVE-2013-3337 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337 [ 71 ] CVE-2013-3338 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338 [ 72 ] CVE-2013-3339 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339 [ 73 ] CVE-2013-3340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340 [ 74 ] CVE-2013-3341 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341 [ 75 ] CVE-2013-3342 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201308-03.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . ----------------------------------------------------------------------
The new Secunia CSI 6.0 is now available in beta! Seamless integration with your existing security solutions Sign-up to become a Beta tester: http://secunia.com/csi6beta
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50281
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50281/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
RELEASE DATE: 2012-08-14
DISCUSS ADVISORY: http://secunia.com/advisories/50281/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50281/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.
1) An unspecified error can be exploited to cause a stack-based buffer overflow.
2) An unspecified error can be exploited to cause a buffer overflow.
3) An unspecified error can be exploited to corrupt memory.
4) Another unspecified error can be exploited to corrupt memory.
5) Another unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to cause a heap-based buffer overflow.
7) Multiple unspecified errors can be exploited to corrupt memory.
8) Two unspecified errors can be exploited to corrupt memory.
Note: Vulnerability #8 affects the Macintosh platform only.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
SOLUTION: Apply updates.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1) Pavel Polischouk, TELUS Security Labs 2) An anonymous person via Beyond Security 3) Mateusz Jurczyk, Google Security Team 4, 8) James Quirk 5) John Leitch, Microsoft 6) Nicolas Gr\xe9goire via iDefense 7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team
ORIGINAL ADVISORY: http://www.adobe.com/support/security/bulletins/apsb12-16.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201208-0430",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (windows and macintosh)"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (windows and macintosh)"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
}
],
"sources": [
{
"db": "BID",
"id": "55008"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003637"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-248"
},
{
"db": "NVD",
"id": "CVE-2012-4149"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003637"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mateusz Jurczyk and Gynvael Coldwind, of the Google Security Team",
"sources": [
{
"db": "BID",
"id": "55008"
}
],
"trust": 0.3
},
"cve": "CVE-2012-4149",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2012-4149",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-57430",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-4149",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2012-4149",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201208-248",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-57430",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57430"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003637"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-248"
},
{
"db": "NVD",
"id": "CVE-2012-4149"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4147, CVE-2012-4148, CVE-2012-4150, CVE-2012-4151, CVE-2012-4152, CVE-2012-4153, CVE-2012-4154, CVE-2012-4155, CVE-2012-4156, CVE-2012-4157, CVE-2012-4158, CVE-2012-4159, and CVE-2012-4160. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201308-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Adobe Reader: Multiple vulnerabilities\n Date: August 22, 2013\n Bugs: #431732, #451058, #469960\n ID: 201308-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Adobe Reader, including\npotential remote execution of arbitrary code and local privilege\nescalation. \n\nBackground\n==========\n\nAdobe Reader is a closed-source PDF reader. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/acroread \u003c 9.5.5 \u003e= 9.5.5\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Adobe Reader. Please\nreview the CVE identifiers referenced below for details. A local attacker could gain privileges via\nunspecified vectors. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.5.5\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-1525\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525\n[ 2 ] CVE-2012-1530\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530\n[ 3 ] CVE-2012-2049\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049\n[ 4 ] CVE-2012-2050\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050\n[ 5 ] CVE-2012-2051\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051\n[ 6 ] CVE-2012-4147\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147\n[ 7 ] CVE-2012-4148\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748\n[ 8 ] CVE-2012-4149\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149\n[ 9 ] CVE-2012-4150\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150\n[ 10 ] CVE-2012-4151\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151\n[ 11 ] CVE-2012-4152\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152\n[ 12 ] CVE-2012-4153\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153\n[ 13 ] CVE-2012-4154\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154\n[ 14 ] CVE-2012-4155\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155\n[ 15 ] CVE-2012-4156\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156\n[ 16 ] CVE-2012-4157\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157\n[ 17 ] CVE-2012-4158\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158\n[ 18 ] CVE-2012-4159\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159\n[ 19 ] CVE-2012-4160\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160\n[ 20 ] CVE-2012-4363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363\n[ 21 ] CVE-2013-0601\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601\n[ 22 ] CVE-2013-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602\n[ 23 ] CVE-2013-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603\n[ 24 ] CVE-2013-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604\n[ 25 ] CVE-2013-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605\n[ 26 ] CVE-2013-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606\n[ 27 ] CVE-2013-0607\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607\n[ 28 ] CVE-2013-0608\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608\n[ 29 ] CVE-2013-0609\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609\n[ 30 ] CVE-2013-0610\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610\n[ 31 ] CVE-2013-0611\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611\n[ 32 ] CVE-2013-0612\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612\n[ 33 ] CVE-2013-0613\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613\n[ 34 ] CVE-2013-0614\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614\n[ 35 ] CVE-2013-0615\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615\n[ 36 ] CVE-2013-0616\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616\n[ 37 ] CVE-2013-0617\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617\n[ 38 ] CVE-2013-0618\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618\n[ 39 ] CVE-2013-0619\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619\n[ 40 ] CVE-2013-0620\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620\n[ 41 ] CVE-2013-0621\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621\n[ 42 ] CVE-2013-0622\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622\n[ 43 ] CVE-2013-0623\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623\n[ 44 ] CVE-2013-0624\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624\n[ 45 ] CVE-2013-0626\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626\n[ 46 ] CVE-2013-0627\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627\n[ 47 ] CVE-2013-0640\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640\n[ 48 ] CVE-2013-0641\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641\n[ 49 ] CVE-2013-2549\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549\n[ 50 ] CVE-2013-2550\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550\n[ 51 ] CVE-2013-2718\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718\n[ 52 ] CVE-2013-2719\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719\n[ 53 ] CVE-2013-2720\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720\n[ 54 ] CVE-2013-2721\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721\n[ 55 ] CVE-2013-2722\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722\n[ 56 ] CVE-2013-2723\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723\n[ 57 ] CVE-2013-2724\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724\n[ 58 ] CVE-2013-2725\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725\n[ 59 ] CVE-2013-2726\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726\n[ 60 ] CVE-2013-2727\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727\n[ 61 ] CVE-2013-2729\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729\n[ 62 ] CVE-2013-2730\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730\n[ 63 ] CVE-2013-2731\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731\n[ 64 ] CVE-2013-2732\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732\n[ 65 ] CVE-2013-2733\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733\n[ 66 ] CVE-2013-2734\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734\n[ 67 ] CVE-2013-2735\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735\n[ 68 ] CVE-2013-2736\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736\n[ 69 ] CVE-2013-2737\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737\n[ 70 ] CVE-2013-3337\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337\n[ 71 ] CVE-2013-3338\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338\n[ 72 ] CVE-2013-3339\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339\n[ 73 ] CVE-2013-3340\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340\n[ 74 ] CVE-2013-3341\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341\n[ 75 ] CVE-2013-3342\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201308-03.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ----------------------------------------------------------------------\n\nThe new Secunia CSI 6.0 is now available in beta!\nSeamless integration with your existing security solutions Sign-up to \nbecome a Beta tester: http://secunia.com/csi6beta\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50281\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50281/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nRELEASE DATE:\n2012-08-14\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50281/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50281/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader and Adobe\nAcrobat, which can be exploited by malicious people to compromise a\nuser\u0027s system. \n\n1) An unspecified error can be exploited to cause a stack-based\nbuffer overflow. \n\n2) An unspecified error can be exploited to cause a buffer overflow. \n\n3) An unspecified error can be exploited to corrupt memory. \n\n4) Another unspecified error can be exploited to corrupt memory. \n\n5) Another unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to cause a heap-based buffer\noverflow. \n\n7) Multiple unspecified errors can be exploited to corrupt memory. \n\n8) Two unspecified errors can be exploited to corrupt memory. \n\nNote: Vulnerability #8 affects the Macintosh platform only. \n\nSuccessful exploitation of the vulnerabilities may allow execution of\narbitrary code. \n\nSOLUTION:\nApply updates. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1) Pavel Polischouk, TELUS Security Labs\n2) An anonymous person via Beyond Security\n3) Mateusz Jurczyk, Google Security Team\n4, 8) James Quirk\n5) John Leitch, Microsoft\n6) Nicolas Gr\\xe9goire via iDefense\n7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team\n\nORIGINAL ADVISORY:\nhttp://www.adobe.com/support/security/bulletins/apsb12-16.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4149"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003637"
},
{
"db": "BID",
"id": "55008"
},
{
"db": "VULHUB",
"id": "VHN-57430"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-4149",
"trust": 2.9
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003637",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201208-248",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "50281",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "20326",
"trust": 0.6
},
{
"db": "BID",
"id": "55008",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-57430",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "122930",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "115524",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57430"
},
{
"db": "BID",
"id": "55008"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003637"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-248"
},
{
"db": "NVD",
"id": "CVE-2012-4149"
}
]
},
"id": "VAR-201208-0430",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-57430"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:30:38.405000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"title": "APSB12-16 (cq08100817)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/acrobat/kb/cq08100817.html"
},
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb12-16.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20120816.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003637"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57430"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003637"
},
{
"db": "NVD",
"id": "CVE-2012-4149"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"trust": 1.2,
"url": "http://security.gentoo.org/glsa/glsa-201308-03.xml"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16265"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4149"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2012/at120023.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4149"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50281"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/20326"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3338"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4147"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4155"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4152"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2729"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2718"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0611"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2719"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2722"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4147"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4152"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0620"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2725"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2721"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1525"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4153"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0607"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0617"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4151"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0615"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0601"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1525"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2735"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2726"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2737"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2549"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4154"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2727"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0608"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4157"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1530"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2734"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4157"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4153"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4150"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3342"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0641"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0610"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2731"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0623"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2049"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2733"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2736"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3337"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2050"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2720"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0614"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1530"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2730"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0616"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4151"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0619"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4150"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4154"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3341"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2550"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0640"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4155"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2049"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2732"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2724"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0612"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0613"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2723"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2050"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0621"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0601"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/"
},
{
"trust": 0.1,
"url": "http://secunia.com/csi6beta"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57430"
},
{
"db": "BID",
"id": "55008"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003637"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-248"
},
{
"db": "NVD",
"id": "CVE-2012-4149"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-57430"
},
{
"db": "BID",
"id": "55008"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003637"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-248"
},
{
"db": "NVD",
"id": "CVE-2012-4149"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-15T00:00:00",
"db": "VULHUB",
"id": "VHN-57430"
},
{
"date": "2012-08-14T00:00:00",
"db": "BID",
"id": "55008"
},
{
"date": "2012-08-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003637"
},
{
"date": "2013-08-23T06:29:02",
"db": "PACKETSTORM",
"id": "122930"
},
{
"date": "2012-08-14T04:36:45",
"db": "PACKETSTORM",
"id": "115524"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-248"
},
{
"date": "2012-08-15T10:31:41.257000",
"db": "NVD",
"id": "CVE-2012-4149"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-57430"
},
{
"date": "2013-08-26T00:16:00",
"db": "BID",
"id": "55008"
},
{
"date": "2012-08-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003637"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-248"
},
{
"date": "2017-09-19T01:35:16.497000",
"db": "NVD",
"id": "CVE-2012-4149"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-248"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X upper Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003637"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-248"
}
],
"trust": 0.6
}
}
var-201405-0215
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0522, CVE-2014-0523, and CVE-2014-0526. Adobe Acrobat and Reader are prone to an unspecified memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. The following products are affected: Adobe Reader 11.x versions prior to 11.0.07 Adobe Reader 10.x versions prior to 10.1.10 Adobe Acrobat 11.x versions prior to 11.0.07 Adobe Acrobat 10.x versions prior to 10.1.10. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201405-0215",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.07)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.10)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.07)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.10)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "67369"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002484"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-249"
},
{
"db": "NVD",
"id": "CVE-2014-0524"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002484"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wei Lei and Wu Hongjun of Nanyang Technological University",
"sources": [
{
"db": "BID",
"id": "67369"
}
],
"trust": 0.3
},
"cve": "CVE-2014-0524",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-0524",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-68017",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-0524",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-0524",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201405-249",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-68017",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68017"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002484"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-249"
},
{
"db": "NVD",
"id": "CVE-2014-0524"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0522, CVE-2014-0523, and CVE-2014-0526. Adobe Acrobat and Reader are prone to an unspecified memory-corruption vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. \nThe following products are affected:\nAdobe Reader 11.x versions prior to 11.0.07\nAdobe Reader 10.x versions prior to 10.1.10\nAdobe Acrobat 11.x versions prior to 11.0.07\nAdobe Acrobat 10.x versions prior to 10.1.10. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0524"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002484"
},
{
"db": "BID",
"id": "67369"
},
{
"db": "VULHUB",
"id": "VHN-68017"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0524",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002484",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201405-249",
"trust": 0.7
},
{
"db": "BID",
"id": "67369",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-68017",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68017"
},
{
"db": "BID",
"id": "67369"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002484"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-249"
},
{
"db": "NVD",
"id": "CVE-2014-0524"
}
]
},
"id": "VAR-201405-0215",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-68017"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T14:06:34.151000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB14-15",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-15.html"
},
{
"title": "APSB14-15",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb14-15.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20140515.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002484"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68017"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002484"
},
{
"db": "NVD",
"id": "CVE-2014-0524"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-15.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0524"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20140514-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140023.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0524"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=13798"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68017"
},
{
"db": "BID",
"id": "67369"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002484"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-249"
},
{
"db": "NVD",
"id": "CVE-2014-0524"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-68017"
},
{
"db": "BID",
"id": "67369"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002484"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-249"
},
{
"db": "NVD",
"id": "CVE-2014-0524"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-05-14T00:00:00",
"db": "VULHUB",
"id": "VHN-68017"
},
{
"date": "2014-05-13T00:00:00",
"db": "BID",
"id": "67369"
},
{
"date": "2014-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002484"
},
{
"date": "2014-05-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-249"
},
{
"date": "2014-05-14T11:13:05.257000",
"db": "NVD",
"id": "CVE-2014-0524"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-05-14T00:00:00",
"db": "VULHUB",
"id": "VHN-68017"
},
{
"date": "2014-05-14T00:42:00",
"db": "BID",
"id": "67369"
},
{
"date": "2014-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002484"
},
{
"date": "2014-05-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-249"
},
{
"date": "2014-05-14T14:40:44.913000",
"db": "NVD",
"id": "CVE-2014-0524"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201405-249"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002484"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201405-249"
}
],
"trust": 0.6
}
}
var-201309-0153
Vulnerability from variot
Buffer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-3356. This vulnerability CVE-2013-3356 Is a different vulnerability.An attacker could execute arbitrary code. Adobe Acrobat and Reader are prone to an unspecified buffer-overflow vulnerability. Limited information is currently available regarding this issue. We will update this BID as more information emerges. Failed attacks may cause a denial-of-service condition. Note: This issue was previously discussed in BID 62293 (Adobe Acrobat and Reader APSB13-22 Multiple Remote Code Execution Vulnerabilities), but has been moved to its own record for better documentation. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201309-0153",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.04)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.8)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.04)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.8)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "x10.1.8"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "x10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "x11.0.3"
},
{
"model": "reader xi",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat xi",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
}
],
"sources": [
{
"db": "BID",
"id": "62428"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004078"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-148"
},
{
"db": "NVD",
"id": "CVE-2013-3353"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004078"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mateusz Jurczyk and Gynvael Coldwind of the Google Security Team",
"sources": [
{
"db": "BID",
"id": "62428"
}
],
"trust": 0.3
},
"cve": "CVE-2013-3353",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2013-3353",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-63355",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-3353",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2013-3353",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201309-148",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-63355",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63355"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004078"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-148"
},
{
"db": "NVD",
"id": "CVE-2013-3353"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-3356. This vulnerability CVE-2013-3356 Is a different vulnerability.An attacker could execute arbitrary code. Adobe Acrobat and Reader are prone to an unspecified buffer-overflow vulnerability. \nLimited information is currently available regarding this issue. We will update this BID as more information emerges. Failed attacks may cause a denial-of-service condition. \nNote: This issue was previously discussed in BID 62293 (Adobe Acrobat and Reader APSB13-22 Multiple Remote Code Execution Vulnerabilities), but has been moved to its own record for better documentation. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3353"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004078"
},
{
"db": "BID",
"id": "62428"
},
{
"db": "VULHUB",
"id": "VHN-63355"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-3353",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004078",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201309-148",
"trust": 0.7
},
{
"db": "BID",
"id": "62428",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-63355",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63355"
},
{
"db": "BID",
"id": "62428"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004078"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-148"
},
{
"db": "NVD",
"id": "CVE-2013-3353"
}
]
},
"id": "VAR-201309-0153",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-63355"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T15:08:53.239000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB13-22",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-22.html"
},
{
"title": "APSB13-22 (cq09051858)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/acrobat/kb/cq09051858.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20130912.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004078"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.1
},
{
"problemtype": "CWE-94",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63355"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004078"
},
{
"db": "NVD",
"id": "CVE-2013-3353"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-22.html"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a18369"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3353"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20130911-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2013/at130039.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3353"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=12255"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63355"
},
{
"db": "BID",
"id": "62428"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004078"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-148"
},
{
"db": "NVD",
"id": "CVE-2013-3353"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-63355"
},
{
"db": "BID",
"id": "62428"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004078"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-148"
},
{
"db": "NVD",
"id": "CVE-2013-3353"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-09-12T00:00:00",
"db": "VULHUB",
"id": "VHN-63355"
},
{
"date": "2013-09-10T00:00:00",
"db": "BID",
"id": "62428"
},
{
"date": "2013-09-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004078"
},
{
"date": "2013-09-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201309-148"
},
{
"date": "2013-09-12T13:28:24.490000",
"db": "NVD",
"id": "CVE-2013-3353"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-63355"
},
{
"date": "2013-09-10T00:00:00",
"db": "BID",
"id": "62428"
},
{
"date": "2013-09-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004078"
},
{
"date": "2013-09-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201309-148"
},
{
"date": "2017-09-19T01:36:40.483000",
"db": "NVD",
"id": "CVE-2013-3353"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201309-148"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004078"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201309-148"
}
],
"trust": 0.6
}
}
var-201510-0342
Vulnerability from variot
The ANSendForSharedReview method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the ANSendForSharedReview method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the ANSendForSharedReview method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0342",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-505"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005282"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-238"
},
{
"db": "NVD",
"id": "CVE-2015-6725"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005282"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Matt Molinyawe and Jasiel Spelman of HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-505"
}
],
"trust": 0.7
},
"cve": "CVE-2015-6725",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6725",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.7,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-6725",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84686",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6725",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6725",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-6725",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-238",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-84686",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-505"
},
{
"db": "VULHUB",
"id": "VHN-84686"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005282"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-238"
},
{
"db": "NVD",
"id": "CVE-2015-6725"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The ANSendForSharedReview method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the ANSendForSharedReview method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the ANSendForSharedReview method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6725"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005282"
},
{
"db": "ZDI",
"id": "ZDI-15-505"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "VULHUB",
"id": "VHN-84686"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6725",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-505",
"trust": 2.4
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005282",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3089",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-238",
"trust": 0.7
},
{
"db": "BID",
"id": "77074",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84686",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-505"
},
{
"db": "VULHUB",
"id": "VHN-84686"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005282"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-238"
},
{
"db": "NVD",
"id": "CVE-2015-6725"
}
]
},
"id": "VAR-201510-0342",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84686"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:36.751000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product Privilege License and Access Control Vulnerability Fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58087"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-505"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005282"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-238"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84686"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005282"
},
{
"db": "NVD",
"id": "CVE-2015-6725"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-505"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6725"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6725"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-505"
},
{
"db": "VULHUB",
"id": "VHN-84686"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005282"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-238"
},
{
"db": "NVD",
"id": "CVE-2015-6725"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-505"
},
{
"db": "VULHUB",
"id": "VHN-84686"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005282"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-238"
},
{
"db": "NVD",
"id": "CVE-2015-6725"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-505"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84686"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005282"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-238"
},
{
"date": "2015-10-14T23:59:46.993000",
"db": "NVD",
"id": "CVE-2015-6725"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-505"
},
{
"date": "2020-05-18T00:00:00",
"db": "VULHUB",
"id": "VHN-84686"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005282"
},
{
"date": "2020-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-238"
},
{
"date": "2021-09-08T17:19:32.453000",
"db": "NVD",
"id": "CVE-2015-6725"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-238"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of ANSendForSharedReview In the method JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005282"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-238"
}
],
"trust": 0.6
}
}
var-201510-0044
Vulnerability from variot
The ANShareFile2 method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the ANShareFile2 method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the ANShareFile2 method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0044",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-500"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005297"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-244"
},
{
"db": "NVD",
"id": "CVE-2015-7619"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005297"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Matt Molinyawe and Jasiel Spelman of HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-500"
}
],
"trust": 0.7
},
"cve": "CVE-2015-7619",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-7619",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.7,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-7619",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-85580",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-7619",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-7619",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-7619",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-244",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-85580",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-500"
},
{
"db": "VULHUB",
"id": "VHN-85580"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005297"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-244"
},
{
"db": "NVD",
"id": "CVE-2015-7619"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The ANShareFile2 method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the ANShareFile2 method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the ANShareFile2 method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7619"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005297"
},
{
"db": "ZDI",
"id": "ZDI-15-500"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "VULHUB",
"id": "VHN-85580"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-7619",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-500",
"trust": 2.4
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005297",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3084",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-244",
"trust": 0.7
},
{
"db": "BID",
"id": "77074",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-85580",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-500"
},
{
"db": "VULHUB",
"id": "VHN-85580"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005297"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-244"
},
{
"db": "NVD",
"id": "CVE-2015-7619"
}
]
},
"id": "VAR-201510-0044",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-85580"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:31.743000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58093"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-500"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005297"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-244"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85580"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005297"
},
{
"db": "NVD",
"id": "CVE-2015-7619"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-500"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7619"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7619"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-500"
},
{
"db": "VULHUB",
"id": "VHN-85580"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005297"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-244"
},
{
"db": "NVD",
"id": "CVE-2015-7619"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-500"
},
{
"db": "VULHUB",
"id": "VHN-85580"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005297"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-244"
},
{
"db": "NVD",
"id": "CVE-2015-7619"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-500"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-85580"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005297"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-244"
},
{
"date": "2015-10-14T23:59:52.917000",
"db": "NVD",
"id": "CVE-2015-7619"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-500"
},
{
"date": "2020-05-18T00:00:00",
"db": "VULHUB",
"id": "VHN-85580"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005297"
},
{
"date": "2020-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-244"
},
{
"date": "2021-09-08T17:19:32.593000",
"db": "NVD",
"id": "CVE-2015-7619"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-244"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of ANShareFile2 In the method JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005297"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-244"
}
],
"trust": 0.6
}
}
var-201010-0410
Vulnerability from variot
Adobe Reader and Acrobat 8.x before 8.2.5 and 9.x before 9.4 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. Adobe Acrobat and Reader are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Adobe Reader and Acrobat versions prior to and including 9.3.4 and 8.2.4 are affected.
I.
An attacker could exploit these vulnerabilities by convincing a user to open a specially crafted PDF file. The Adobe Reader browser plug-in, which can automatically open PDF documents hosted on a website, is available for multiple web browsers and operating systems.
Additional information is available in US-CERT Vulnerability Note VU#491991.
II. Impact
These vulnerabilities could allow a remote attacker to execute arbitrary code, write arbitrary files or folders to the file system, escalate local privileges, or cause a denial of service on an affected system as the result of a user opening a malicious PDF file.
III. Solution
Update
Adobe has released updates to address this issue.
Disable JavaScript in Adobe Reader and Acrobat
Disabling JavaScript may prevent some exploits from resulting in code execution. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Adobe provides a framework to blacklist specific JavaScipt APIs. If JavaScript must be enabled, this feature may be useful when specific APIs are known to be vulnerable or used in attacks.
Prevent Internet Explorer from automatically opening PDF files
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7] "EditFlags"=hex:00,00,00,00
Disable the display of PDF files in the web browser
Preventing PDF files from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF files from automatically being opened in a web browser, do the following:
- Open the Edit menu.
- Choose the Preferences option.
- Choose the Internet section.
- Uncheck the "Display PDF in browser" checkbox.
Do not access PDF files from untrusted sources
Do not open unfamiliar or unexpected PDF files, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. References
-
Security update available for Adobe Reader and Acrobat - http://www.adobe.com/support/security/bulletins/apsb10-21.html
-
US-CERT Vulnerability Note VU#491991 - http://www.kb.cert.org/vuls/id/491991
-
Adobe Reader and Acrobat JavaScript Blacklist Framework - http://kb2.adobe.com/cps/504/cpsid_50431.html
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA10-279A.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA10-279A Feedback VU#491991" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
October 06, 2010: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBTKxxvD6pPKYJORa3AQIL3wgAp2tynQw73VA+B70fuEl+os17BeVaP8zn 5aoWS6QBRx+Q8Ijw1wnKT1sF4IWaDWTWqPo0yt6MLx8WwO2ei8WaB+aMOwy9ZBo3 BbCOPSM63/3jBrJuCDs4x2PhZDzg2GJf4Zw8NN2oCSOXMxYGhx16QQzo2lY35CBJ cvCSiLtNQuqpnvNMi2DJhArwxStK9Un2fli7IqwXzC6+RIgrk1l/EAM/6CO2+AwJ Se0bDWBjwR5YverLEXoLuBbF0lHvQ0+V/vT5Q/zBDYUwcWkBL2n7NwdbKI9pYZxL 8Te7YapqAnMNgI1/PnYI/W369Vq3U6QoQVVR9ZoyLGw8x0A57cpU2g== =Rc0h -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201010-0410",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "opensuse",
"scope": "ne",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "linux enterprise sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "opensuse",
"scope": "ne",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "linux enterprise desktop",
"scope": "ne",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "linux enterprise desktop sp3",
"scope": "ne",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "moblin",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "2.1"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "linux enterprise sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "linux enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "opensuse",
"scope": "ne",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "moblin",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "2.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "linux enterprise desktop sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
}
],
"sources": [
{
"db": "BID",
"id": "43731"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002154"
},
{
"db": "CNNVD",
"id": "CNNVD-201010-050"
},
{
"db": "NVD",
"id": "CVE-2010-3623"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-002154"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "James Quirk",
"sources": [
{
"db": "BID",
"id": "43731"
},
{
"db": "CNNVD",
"id": "CNNVD-201010-050"
}
],
"trust": 0.9
},
"cve": "CVE-2010-3623",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-3623",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-46228",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-3623",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2010-3623",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201010-050",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-46228",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-46228"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002154"
},
{
"db": "CNNVD",
"id": "CNNVD-201010-050"
},
{
"db": "NVD",
"id": "CVE-2010-3623"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 8.x before 8.2.5 and 9.x before 9.4 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. Adobe Acrobat and Reader are prone to a remote memory-corruption vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. \nAdobe Reader and Acrobat versions prior to and including 9.3.4 and 8.2.4 are affected. \n\n\nI. \n\n An attacker could exploit these vulnerabilities by convincing a\n user to open a specially crafted PDF file. The Adobe Reader browser\n plug-in, which can automatically open PDF documents hosted on a\n website, is available for multiple web browsers and operating\n systems. \n\n Additional information is available in US-CERT Vulnerability Note\n VU#491991. \n\n\nII. Impact\n\n These vulnerabilities could allow a remote attacker to execute\n arbitrary code, write arbitrary files or folders to the file\n system, escalate local privileges, or cause a denial of service on\n an affected system as the result of a user opening a malicious PDF\n file. \n\n\nIII. Solution\n\n Update\n\n Adobe has released updates to address this issue. \n\n Disable JavaScript in Adobe Reader and Acrobat\n\n Disabling JavaScript may prevent some exploits from resulting in\n code execution. Acrobat JavaScript can be disabled using the\n Preferences menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable\n Acrobat JavaScript). \n\n Adobe provides a framework to blacklist specific JavaScipt APIs. If\n JavaScript must be enabled, this feature may be useful when\n specific APIs are known to be vulnerable or used in attacks. \n\n Prevent Internet Explorer from automatically opening PDF files\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF files in the web browser\n\n Preventing PDF files from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF files from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. \n\n Do not access PDF files from untrusted sources\n\n Do not open unfamiliar or unexpected PDF files, particularly those\n hosted on websites or delivered as email attachments. Please see\n Cyber Security Tip ST04-010. \n\n\nIV. References\n\n * Security update available for Adobe Reader and Acrobat -\n \u003chttp://www.adobe.com/support/security/bulletins/apsb10-21.html\u003e\n\n * US-CERT Vulnerability Note VU#491991 -\n \u003chttp://www.kb.cert.org/vuls/id/491991\u003e\n\n * Adobe Reader and Acrobat JavaScript Blacklist Framework -\n \u003chttp://kb2.adobe.com/cps/504/cpsid_50431.html\u003e\n\n ____________________________________________________________________\n\n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA10-279A.html\u003e\n ____________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-279A Feedback VU#491991\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n October 06, 2010: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBTKxxvD6pPKYJORa3AQIL3wgAp2tynQw73VA+B70fuEl+os17BeVaP8zn\n5aoWS6QBRx+Q8Ijw1wnKT1sF4IWaDWTWqPo0yt6MLx8WwO2ei8WaB+aMOwy9ZBo3\nBbCOPSM63/3jBrJuCDs4x2PhZDzg2GJf4Zw8NN2oCSOXMxYGhx16QQzo2lY35CBJ\ncvCSiLtNQuqpnvNMi2DJhArwxStK9Un2fli7IqwXzC6+RIgrk1l/EAM/6CO2+AwJ\nSe0bDWBjwR5YverLEXoLuBbF0lHvQ0+V/vT5Q/zBDYUwcWkBL2n7NwdbKI9pYZxL\n8Te7YapqAnMNgI1/PnYI/W369Vq3U6QoQVVR9ZoyLGw8x0A57cpU2g==\n=Rc0h\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-3623"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002154"
},
{
"db": "BID",
"id": "43731"
},
{
"db": "VULHUB",
"id": "VHN-46228"
},
{
"db": "PACKETSTORM",
"id": "94535"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-3623",
"trust": 2.8
},
{
"db": "USCERT",
"id": "TA10-279A",
"trust": 2.0
},
{
"db": "BID",
"id": "43731",
"trust": 1.2
},
{
"db": "USCERT",
"id": "SA10-279A",
"trust": 0.8
},
{
"db": "VUPEN",
"id": "ADV-2010-2573",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002154",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201010-050",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-46228",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#491991",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "94535",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-46228"
},
{
"db": "BID",
"id": "43731"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002154"
},
{
"db": "PACKETSTORM",
"id": "94535"
},
{
"db": "CNNVD",
"id": "CNNVD-201010-050"
},
{
"db": "NVD",
"id": "CVE-2010-3623"
}
]
},
"id": "VAR-201010-0410",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-46228"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:47:58.124000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-21",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-21.html"
},
{
"title": "APSB10-21",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-21.html"
},
{
"title": "TA10-279A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-279a.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-002154"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-46228"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002154"
},
{
"db": "NVD",
"id": "CVE-2010-3623"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-21.html"
},
{
"trust": 1.9,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-279a.html"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14129"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3623"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20101006-adobe.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2010/at100026.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-279a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-3623"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/43731"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-279a.html"
},
{
"trust": 0.8,
"url": "http://www.vupen.com/english/advisories/2010/2573"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/491991\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-279a.html\u003e"
},
{
"trust": 0.1,
"url": "http://kb2.adobe.com/cps/504/cpsid_50431.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-21.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-46228"
},
{
"db": "BID",
"id": "43731"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002154"
},
{
"db": "PACKETSTORM",
"id": "94535"
},
{
"db": "CNNVD",
"id": "CNNVD-201010-050"
},
{
"db": "NVD",
"id": "CVE-2010-3623"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-46228"
},
{
"db": "BID",
"id": "43731"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002154"
},
{
"db": "PACKETSTORM",
"id": "94535"
},
{
"db": "CNNVD",
"id": "CNNVD-201010-050"
},
{
"db": "NVD",
"id": "CVE-2010-3623"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-10-06T00:00:00",
"db": "VULHUB",
"id": "VHN-46228"
},
{
"date": "2010-10-05T00:00:00",
"db": "BID",
"id": "43731"
},
{
"date": "2010-10-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-002154"
},
{
"date": "2010-10-06T21:20:41",
"db": "PACKETSTORM",
"id": "94535"
},
{
"date": "2010-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201010-050"
},
{
"date": "2010-10-06T17:00:16.453000",
"db": "NVD",
"id": "CVE-2010-3623"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-46228"
},
{
"date": "2015-03-19T09:14:00",
"db": "BID",
"id": "43731"
},
{
"date": "2010-10-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-002154"
},
{
"date": "2010-10-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201010-050"
},
{
"date": "2017-09-19T01:31:28.597000",
"db": "NVD",
"id": "CVE-2010-3623"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201010-050"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-002154"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201010-050"
}
],
"trust": 0.6
}
}
var-201510-0362
Vulnerability from variot
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5586, CVE-2015-6683, CVE-2015-6684, CVE-2015-6687, CVE-2015-6688, CVE-2015-6689, CVE-2015-6690, CVE-2015-7615, CVE-2015-7617, and CVE-2015-7621. This vulnerability CVE-2015-5586 , CVE-2015-6683 , CVE-2015-6684 , CVE-2015-6687 , CVE-2015-6688 , CVE-2015-6689 , CVE-2015-6690 , CVE-2015-7615 , CVE-2015-7617 ,and CVE-2015-7621 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. Adobe Acrobat and Reader are prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A use-after-free vulnerability exists in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0362",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005248"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-204"
},
{
"db": "NVD",
"id": "CVE-2015-6691"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005248"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri of HP Zero Day Initiative, Bill Finlayson of Vectra Networks, bilou working with VeriSign iDefense Labs, James Loureiro of MWR Labs, kdot working with HP\u0027s\u0027s Zero Day Initiative, Wei Lei and Wu Hongjun of Nanyang Technological University w",
"sources": [
{
"db": "BID",
"id": "77064"
}
],
"trust": 0.3
},
"cve": "CVE-2015-6691",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-6691",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-84652",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6691",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-6691",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-204",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-84652",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84652"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005248"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-204"
},
{
"db": "NVD",
"id": "CVE-2015-6691"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5586, CVE-2015-6683, CVE-2015-6684, CVE-2015-6687, CVE-2015-6688, CVE-2015-6689, CVE-2015-6690, CVE-2015-7615, CVE-2015-7617, and CVE-2015-7621. This vulnerability CVE-2015-5586 , CVE-2015-6683 , CVE-2015-6684 , CVE-2015-6687 , CVE-2015-6688 , CVE-2015-6689 , CVE-2015-6690 , CVE-2015-7615 , CVE-2015-7617 ,and CVE-2015-7621 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. Adobe Acrobat and Reader are prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A use-after-free vulnerability exists in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6691"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005248"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "VULHUB",
"id": "VHN-84652"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6691",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005248",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201510-204",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-15-508",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-470",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-493",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-469",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-474",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-492",
"trust": 0.3
},
{
"db": "BID",
"id": "77064",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84652",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84652"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005248"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-204"
},
{
"db": "NVD",
"id": "CVE-2015-6691"
}
]
},
"id": "VAR-201510-0362",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84652"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:32.381000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Remediation measures for reusing vulnerabilities after product release",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58053"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005248"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-204"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84652"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005248"
},
{
"db": "NVD",
"id": "CVE-2015-6691"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6691"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6691"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-469/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-470/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-474/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-492/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-493/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-508/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84652"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005248"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-204"
},
{
"db": "NVD",
"id": "CVE-2015-6691"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-84652"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005248"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-204"
},
{
"db": "NVD",
"id": "CVE-2015-6691"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84652"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77064"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005248"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-204"
},
{
"date": "2015-10-14T23:59:13.080000",
"db": "NVD",
"id": "CVE-2015-6691"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-84652"
},
{
"date": "2015-10-26T17:00:00",
"db": "BID",
"id": "77064"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005248"
},
{
"date": "2020-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-204"
},
{
"date": "2021-09-08T17:19:31.643000",
"db": "NVD",
"id": "CVE-2015-6691"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-204"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005248"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-204"
}
],
"trust": 0.6
}
}
var-201006-1205
Vulnerability from variot
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2209, CVE-2010-2210, and CVE-2010-2212. Adobe Reader and Acrobat Any code that could be executed or service disruption (DoS) There is a vulnerability that becomes a condition. Adobe Reader and Acrobat versions prior to and including 9.3.2 and 8.2.2 are affected. This BID is being retired. ring). - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201009-05
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: September 07, 2010 Bugs: #297385, #306429, #313343, #322857 ID: 201009-05
Synopsis
Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code or other attacks. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.3.4"
References
[ 1 ] APSA10-01 http://www.adobe.com/support/security/advisories/apsa10-01.html [ 2 ] APSB10-02 http://www.adobe.com/support/security/bulletins/apsb10-02.html [ 3 ] APSB10-07 http://www.adobe.com/support/security/bulletins/apsb10-07.html [ 4 ] APSB10-09 http://www.adobe.com/support/security/bulletins/apsb10-09.html [ 5 ] APSB10-14 http://www.adobe.com/support/security/bulletins/apsb10-14.html [ 6 ] APSB10-16 http://www.adobe.com/support/security/bulletins/apsb10-16.html [ 7 ] CVE-2009-3953 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953 [ 8 ] CVE-2009-4324 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324 [ 9 ] CVE-2010-0186 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186 [ 10 ] CVE-2010-0188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188 [ 11 ] CVE-2010-0190 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190 [ 12 ] CVE-2010-0191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191 [ 13 ] CVE-2010-0192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192 [ 14 ] CVE-2010-0193 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193 [ 15 ] CVE-2010-0194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194 [ 16 ] CVE-2010-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195 [ 17 ] CVE-2010-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196 [ 18 ] CVE-2010-0197 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197 [ 19 ] CVE-2010-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198 [ 20 ] CVE-2010-0199 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199 [ 21 ] CVE-2010-0201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201 [ 22 ] CVE-2010-0202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202 [ 23 ] CVE-2010-0203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203 [ 24 ] CVE-2010-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204 [ 25 ] CVE-2010-1241 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241 [ 26 ] CVE-2010-1285 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285 [ 27 ] CVE-2010-1295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295 [ 28 ] CVE-2010-1297 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297 [ 29 ] CVE-2010-2168 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168 [ 30 ] CVE-2010-2201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201 [ 31 ] CVE-2010-2202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202 [ 32 ] CVE-2010-2203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203 [ 33 ] CVE-2010-2204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204 [ 34 ] CVE-2010-2205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205 [ 35 ] CVE-2010-2206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206 [ 36 ] CVE-2010-2207 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207 [ 37 ] CVE-2010-2208 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208 [ 38 ] CVE-2010-2209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209 [ 39 ] CVE-2010-2210 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210 [ 40 ] CVE-2010-2211 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211 [ 41 ] CVE-2010-2212 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201009-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. ----------------------------------------------------------------------
Secunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management
Free webinars
http://secunia.com/vulnerability_scanning/corporate/webinars/
TITLE: Adobe Flash Player Unspecified Code Execution Vulnerability
SECUNIA ADVISORY ID: SA40026
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/40026/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=40026
RELEASE DATE: 2010-06-05
DISCUSS ADVISORY: http://secunia.com/advisories/40026/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/40026/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=40026
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an unspecified error. No more information is currently available.
The vulnerability is reported in version 10.0.45.2 and prior 10.0.x and 9.0.x versions for Windows, Macintosh, Linux, and Solaris.
NOTE: The vulnerability is reportedly being actively exploited.
SOLUTION: Reportedly, the latest version 10.1 Release Candidate is not affected.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day.
ORIGINAL ADVISORY: Adobe: http://www.adobe.com/support/security/advisories/apsa10-01.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA10-159A
Adobe Flash, Reader, and Acrobat Vulnerability
Original release date: June 08, 2010 Last revised: -- Source: US-CERT
Systems Affected
* Adobe Flash Player 10.0.45.2 and earlier 10.x versions
* Adobe Flash Player 9.0.262 and earlier 9.x versions
* Adobe Reader 9.3.2 and earlier 9.x versions
* Adobe Acrobat 9.3.2 and earlier 9.x versions
Other Adobe products that support Flash may also be vulnerable. This
vulnerability affects Flash Player, Reader, Acrobat, and possibly other products that support Flash.
I. It may also affect other products that independently support Flash, such as Photoshop, Photoshop Lightroom, Freehand MX, and Fireworks.
An attacker could exploit this vulnerability by convincing a user to open specially crafted Flash content. Flash content is commonly hosted on a web page, but it can also be embedded in PDF and other documents or provided as a stand-alone file.
II.
III. Solution
Update
Adobe Security Advisory APSA10-01 suggests updating to the release candidate of Flash Player 10.1.
Disable Flash in your web browser
Uninstall Flash or restrict which sites are allowed to run Flash. To the extent possible, only run trusted Flash content on trusted domains. For more information, see Securing Your Web Browser.
Disable Flash in Adobe Reader and Acrobat
Disabling Flash in Adobe Reader will mitigate attacks that rely on Flash content embedded in a PDF file. Disabling 3D & Multimedia support does not directly address the vulnerability, but it does provide additional mitigation and results in a more user-friendly error message instead of a crash. To disable Flash and 3D & Multimedia support in Adobe Reader 9, delete, rename, or remove access to these files:
Microsoft Windows
"%ProgramFiles%\Adobe\Reader 9.0\Reader\authplay.dll"
"%ProgramFiles%\Adobe\Reader 9.0\Reader\rt3d.dll"
Apple Mac OS X
"/Applications/Adobe Reader 9/Adobe
Reader.app/Contents/Frameworks/AuthPlayLib.bundle"
"/Applications/Adobe Reader 9/Adobe
Reader.app/Contents/Frameworks/Adobe3D.framework"
GNU/Linux (locations may vary among distributions)
"/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so"
"/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so"
File locations may be different for Adobe Acrobat or other Adobe products that include Flash and 3D & Multimedia support. Disabling these plugins will reduce functionality and will not protect against Flash content hosted on websites. Depending on the update schedule for products other than Flash Player, consider leaving Flash and 3D & Multimedia support disabled unless they are absolutely required.
Prevent Internet Explorer from automatically opening PDF documents
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7]
"EditFlags"=hex:00,00,00,00
Disable the display of PDF documents in the web browser
Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF documents from automatically being opened in a web browser, do the following:
1.
2. Open the Edit menu.
3. Choose the Preferences option.
4. Choose the Internet section.
5. Uncheck the "Display PDF in browser" checkbox.
Disable JavaScript in Adobe Reader and Acrobat
Disabling JavaScript provides some additional protection against attacks. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Enable DEP in Microsoft Windows
Consider enabling Data Execution Prevention (DEP) in supported versions of Windows. DEP should not be treated as a complete workaround, but it can mitigate the execution of attacker-supplied code in some cases. Microsoft has published detailed technical information about DEP in Security Research & Defense blog posts "Understanding DEP as a mitigation technology" part 1 and part 2. Use of DEP should be considered in conjunction with the application of patches or other mitigations described in this document.
Do not access PDF documents from untrusted sources
Do not open unfamiliar or unexpected PDF documents, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. References
-
Security Advisory for Flash Player, Adobe Reader and Acrobat - http://www.adobe.com/support/security/advisories/apsa10-01.html
-
Adobe Labs - Flash Player 10 pre-release - http://labs.adobe.com/technologies/flashplayer10/
-
US-CERT Vulnerability Note VU#486225 - http://www.kb.cert.org/vuls/id/486225
-
Securing Your Web Browser - http://www.us-cert.gov/reading_room/securing_browser/
-
Understanding DEP as a mitigation technology part 1 - http://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx
-
Understanding DEP as a mitigation technology part 2 - http://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA10-159A.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA10-159A Feedback VU#486225" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
June 08, 2010: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBTA65yT6pPKYJORa3AQLS9wf/fh+7IwRtBvoPgn8pYeOsVheLkbVLWC3W miWUnY1acuPTwZzG5JcAldRHksFkx1j0mMEvp4PhtiTr51JFPi4XgDfrG4cEcVaw nuAqEV+hLAWZkMex/jWxBV+85tZqKN0kiUr3bq5DPsdkhjV7c2MFfS8BSxLXLuPm OFAXPT+XFldq6MJhYUOtWT1CIz6PNPfo68KmZaUThjdqkkBW3HQu90OSRf2c6M/u V6KBQf7QuhpPqYUqAZU6ZUNEfL/7g2BwvuPjUMlgE5N+Z8EYnhyhu0qDtZeLUcXA 2gH31VEr79DUHJqpb9jk61bi5Dm4gjHeLHoTAwu0IrduZzXvWncfIg== =ZPZM -----END PGP SIGNATURE----- .
SOLUTION: Delete, rename, or remove access to authplay.dll to prevent running SWF content in PDF files
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201006-1205",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.4.z (server)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "BID",
"id": "41243"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001717"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-489"
},
{
"db": "NVD",
"id": "CVE-2010-2211"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001717"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tavis Ormandy of the Google Security Team",
"sources": [
{
"db": "BID",
"id": "41243"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-489"
}
],
"trust": 0.9
},
"cve": "CVE-2010-2211",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-2211",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CARNEGIE MELLON",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 9.0,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 7.0,
"exploitability": "PROOF-OF-CONCEPT",
"exploitabilityScore": 8.6,
"id": "VU#486225",
"impactScore": 9.5,
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "OFFICIAL FIX",
"reportConfidence": "CONFIRMED",
"severity": "HIGH",
"targetDistribution": "NOT DEFINED",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-44816",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-2211",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#486225",
"trust": 0.8,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2010-2211",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201006-489",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-44816",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2010-2211",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44816"
},
{
"db": "VULMON",
"id": "CVE-2010-2211"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001717"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-489"
},
{
"db": "NVD",
"id": "CVE-2010-2211"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2209, CVE-2010-2210, and CVE-2010-2212. Adobe Reader and Acrobat Any code that could be executed or service disruption (DoS) There is a vulnerability that becomes a condition. \nAdobe Reader and Acrobat versions prior to and including 9.3.2 and 8.2.2 are affected. \nThis BID is being retired. ring). - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201009-05\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: September 07, 2010\n Bugs: #297385, #306429, #313343, #322857\n ID: 201009-05\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might result in the execution\nof arbitrary code or other attacks. For further\ninformation please consult the CVE entries and the Adobe Security\nBulletins referenced below. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.3.4\"\n\nReferences\n==========\n\n [ 1 ] APSA10-01\n http://www.adobe.com/support/security/advisories/apsa10-01.html\n [ 2 ] APSB10-02\n http://www.adobe.com/support/security/bulletins/apsb10-02.html\n [ 3 ] APSB10-07\n http://www.adobe.com/support/security/bulletins/apsb10-07.html\n [ 4 ] APSB10-09\n http://www.adobe.com/support/security/bulletins/apsb10-09.html\n [ 5 ] APSB10-14\n http://www.adobe.com/support/security/bulletins/apsb10-14.html\n [ 6 ] APSB10-16\n http://www.adobe.com/support/security/bulletins/apsb10-16.html\n [ 7 ] CVE-2009-3953\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953\n [ 8 ] CVE-2009-4324\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324\n [ 9 ] CVE-2010-0186\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186\n [ 10 ] CVE-2010-0188\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188\n [ 11 ] CVE-2010-0190\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190\n [ 12 ] CVE-2010-0191\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191\n [ 13 ] CVE-2010-0192\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192\n [ 14 ] CVE-2010-0193\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193\n [ 15 ] CVE-2010-0194\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194\n [ 16 ] CVE-2010-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195\n [ 17 ] CVE-2010-0196\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196\n [ 18 ] CVE-2010-0197\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197\n [ 19 ] CVE-2010-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198\n [ 20 ] CVE-2010-0199\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199\n [ 21 ] CVE-2010-0201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201\n [ 22 ] CVE-2010-0202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202\n [ 23 ] CVE-2010-0203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203\n [ 24 ] CVE-2010-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204\n [ 25 ] CVE-2010-1241\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241\n [ 26 ] CVE-2010-1285\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285\n [ 27 ] CVE-2010-1295\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295\n [ 28 ] CVE-2010-1297\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297\n [ 29 ] CVE-2010-2168\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168\n [ 30 ] CVE-2010-2201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201\n [ 31 ] CVE-2010-2202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202\n [ 32 ] CVE-2010-2203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203\n [ 33 ] CVE-2010-2204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204\n [ 34 ] CVE-2010-2205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205\n [ 35 ] CVE-2010-2206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206\n [ 36 ] CVE-2010-2207\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207\n [ 37 ] CVE-2010-2208\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208\n [ 38 ] CVE-2010-2209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209\n [ 39 ] CVE-2010-2210\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210\n [ 40 ] CVE-2010-2211\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211\n [ 41 ] CVE-2010-2212\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201009-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. ----------------------------------------------------------------------\n\n\nSecunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management\n\nFree webinars\n\nhttp://secunia.com/vulnerability_scanning/corporate/webinars/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player Unspecified Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA40026\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/40026/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026\n\nRELEASE DATE:\n2010-06-05\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/40026/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/40026/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in Adobe Flash Player, which can be\nexploited by malicious people to compromise a user\u0027s system. \n\nThe vulnerability is caused due to an unspecified error. No more\ninformation is currently available. \n\nThe vulnerability is reported in version 10.0.45.2 and prior 10.0.x\nand 9.0.x versions for Windows, Macintosh, Linux, and Solaris. \n\nNOTE: The vulnerability is reportedly being actively exploited. \n\nSOLUTION:\nReportedly, the latest version 10.1 Release Candidate is not\naffected. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\nReported as a 0-day. \n\nORIGINAL ADVISORY:\nAdobe:\nhttp://www.adobe.com/support/security/advisories/apsa10-01.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n National Cyber Alert System\n\n Technical Cyber Security Alert TA10-159A\n\n\nAdobe Flash, Reader, and Acrobat Vulnerability\n\n Original release date: June 08, 2010\n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n * Adobe Flash Player 10.0.45.2 and earlier 10.x versions\n * Adobe Flash Player 9.0.262 and earlier 9.x versions\n * Adobe Reader 9.3.2 and earlier 9.x versions\n * Adobe Acrobat 9.3.2 and earlier 9.x versions\n\n Other Adobe products that support Flash may also be vulnerable. This\n vulnerability affects Flash Player, Reader, Acrobat, and possibly\n other products that support Flash. \n\n\nI. It may\n also affect other products that independently support Flash, such\n as Photoshop, Photoshop Lightroom, Freehand MX, and Fireworks. \n\n An attacker could exploit this vulnerability by convincing a user\n to open specially crafted Flash content. Flash content is commonly\n hosted on a web page, but it can also be embedded in PDF and other\n documents or provided as a stand-alone file. \n\n\nII. \n\n\nIII. Solution\n\n Update\n\n Adobe Security Advisory APSA10-01 suggests updating to the release\n candidate of Flash Player 10.1. \n\n Disable Flash in your web browser\n\n Uninstall Flash or restrict which sites are allowed to run Flash. \n To the extent possible, only run trusted Flash content on trusted\n domains. For more information, see Securing Your Web Browser. \n\n Disable Flash in Adobe Reader and Acrobat\n\n Disabling Flash in Adobe Reader will mitigate attacks that rely on\n Flash content embedded in a PDF file. Disabling 3D \u0026 Multimedia\n support does not directly address the vulnerability, but it does\n provide additional mitigation and results in a more user-friendly\n error message instead of a crash. To disable Flash and 3D \u0026\n Multimedia support in Adobe Reader 9, delete, rename, or remove\n access to these files:\n\n Microsoft Windows\n\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\authplay.dll\"\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\rt3d.dll\"\n\n Apple Mac OS X\n\n \"/Applications/Adobe Reader 9/Adobe\n Reader.app/Contents/Frameworks/AuthPlayLib.bundle\"\n \"/Applications/Adobe Reader 9/Adobe\n Reader.app/Contents/Frameworks/Adobe3D.framework\"\n\n\n GNU/Linux (locations may vary among distributions)\n\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so\"\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so\"\n\n File locations may be different for Adobe Acrobat or other Adobe\n products that include Flash and 3D \u0026 Multimedia support. Disabling\n these plugins will reduce functionality and will not protect\n against Flash content hosted on websites. Depending on the update\n schedule for products other than Flash Player, consider leaving\n Flash and 3D \u0026 Multimedia support disabled unless they are\n absolutely required. \n\n Prevent Internet Explorer from automatically opening PDF documents\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF documents in the web browser\n\n Preventing PDF documents from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF documents from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. \n\n Disable JavaScript in Adobe Reader and Acrobat\n\n Disabling JavaScript provides some additional protection against\n attacks. Acrobat JavaScript can be disabled using the Preferences\n menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable Acrobat\n JavaScript). \n\n Enable DEP in Microsoft Windows\n\n Consider enabling Data Execution Prevention (DEP) in supported\n versions of Windows. DEP should not be treated as a complete\n workaround, but it can mitigate the execution of attacker-supplied\n code in some cases. Microsoft has published detailed technical\n information about DEP in Security Research \u0026 Defense blog posts\n \"Understanding DEP as a mitigation technology\" part 1 and part 2. \n Use of DEP should be considered in conjunction with the application\n of patches or other mitigations described in this document. \n\n Do not access PDF documents from untrusted sources\n\n Do not open unfamiliar or unexpected PDF documents, particularly\n those hosted on websites or delivered as email attachments. Please\n see Cyber Security Tip ST04-010. \n\n\nIV. References\n\n * Security Advisory for Flash Player, Adobe Reader and Acrobat -\n \u003chttp://www.adobe.com/support/security/advisories/apsa10-01.html\u003e\n\n * Adobe Labs - Flash Player 10 pre-release -\n \u003chttp://labs.adobe.com/technologies/flashplayer10/\u003e\n\n * US-CERT Vulnerability Note VU#486225 -\n \u003chttp://www.kb.cert.org/vuls/id/486225\u003e\n\n * Securing Your Web Browser -\n \u003chttp://www.us-cert.gov/reading_room/securing_browser/\u003e\n\n * Understanding DEP as a mitigation technology part 1 -\n \u003chttp://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx\u003e\n\n * Understanding DEP as a mitigation technology part 2 -\n \u003chttp://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx\u003e\n\n ____________________________________________________________________\n\n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA10-159A.html\u003e\n ____________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-159A Feedback VU#486225\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n June 08, 2010: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBTA65yT6pPKYJORa3AQLS9wf/fh+7IwRtBvoPgn8pYeOsVheLkbVLWC3W\nmiWUnY1acuPTwZzG5JcAldRHksFkx1j0mMEvp4PhtiTr51JFPi4XgDfrG4cEcVaw\nnuAqEV+hLAWZkMex/jWxBV+85tZqKN0kiUr3bq5DPsdkhjV7c2MFfS8BSxLXLuPm\nOFAXPT+XFldq6MJhYUOtWT1CIz6PNPfo68KmZaUThjdqkkBW3HQu90OSRf2c6M/u\nV6KBQf7QuhpPqYUqAZU6ZUNEfL/7g2BwvuPjUMlgE5N+Z8EYnhyhu0qDtZeLUcXA\n2gH31VEr79DUHJqpb9jk61bi5Dm4gjHeLHoTAwu0IrduZzXvWncfIg==\n=ZPZM\n-----END PGP SIGNATURE-----\n. \n\nSOLUTION:\nDelete, rename, or remove access to authplay.dll to prevent running\nSWF content in PDF files",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-2211"
},
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001717"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "BID",
"id": "41243"
},
{
"db": "VULHUB",
"id": "VHN-44816"
},
{
"db": "VULMON",
"id": "CVE-2010-2211"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "90321"
}
],
"trust": 3.42
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.kb.cert.org/vuls/id/486225",
"trust": 0.8,
"type": "poc"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-2211",
"trust": 3.0
},
{
"db": "BID",
"id": "41243",
"trust": 2.3
},
{
"db": "VUPEN",
"id": "ADV-2010-1636",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1024159",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "40026",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#486225",
"trust": 0.9
},
{
"db": "USCERT",
"id": "TA10-159A",
"trust": 0.9
},
{
"db": "USCERT",
"id": "SA10-162A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "TA10-162A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA10-159A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001717",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201006-489",
"trust": 0.7
},
{
"db": "BID",
"id": "41130",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-44816",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2010-2211",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "93607",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90322",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90516",
"trust": 0.1
},
{
"db": "SECUNIA",
"id": "40034",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90321",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44816"
},
{
"db": "VULMON",
"id": "CVE-2010-2211"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "BID",
"id": "41243"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001717"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "90321"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-489"
},
{
"db": "NVD",
"id": "CVE-2010-2211"
}
]
},
"id": "VAR-201006-1205",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-44816"
}
],
"trust": 0.01
},
"last_update_date": "2024-09-09T20:40:04.135000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-15",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"
},
{
"title": "APSB10-15",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-15.html"
},
{
"title": "RHSA-2010:0503",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0503.html"
},
{
"title": "TA10-159A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-159a.html"
},
{
"title": "TA10-162A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-162a.html"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/0xCyberY/CVE-T4PDF "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-2211"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001717"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44816"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001717"
},
{
"db": "NVD",
"id": "CVE-2010-2211"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"
},
{
"trust": 2.1,
"url": "http://www.securityfocus.com/bid/41243"
},
{
"trust": 2.0,
"url": "http://www.vupen.com/english/advisories/2010/1636"
},
{
"trust": 1.8,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a6930"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id?1024159"
},
{
"trust": 0.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2211"
},
{
"trust": 0.8,
"url": "http://www.adobe.com/devnet/actionscript/articles/avm2overview.pdf"
},
{
"trust": 0.8,
"url": "http://labs.adobe.com/technologies/flashplayer10/"
},
{
"trust": 0.8,
"url": "http://blog.zynamics.com/2010/06/09/analyzing-the-currently-exploited-0-day-for-adobe-reader-and-adobe-flash/"
},
{
"trust": 0.8,
"url": "http://www.symantec.com/connect/blogs/analysis-zero-day-exploit-adobe-flash-and-reader"
},
{
"trust": 0.8,
"url": "http://community.websense.com/blogs/securitylabs/archive/2010/06/09/having-fun-with-adobe-0-day-exploits.aspx"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/40026"
},
{
"trust": 0.8,
"url": "http://www.f-secure.com/weblog/archives/00001962.html"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20100611-adobe.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100015.txt"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100017.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-159a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-162a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-16"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2211"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-159a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-162a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-159a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-162a.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://www.adobe.com"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/webinars/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/0xcybery/cve-t4pdf"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2203"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2209"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0188"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0199"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201009-05.xml"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2205"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1285"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0199"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0190"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2210"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0188"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0198"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-07.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1297"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1241"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1295"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2208"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0190"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0198"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2207"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2168"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2201"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-16.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0186"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2212"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40026/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40026/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/486225\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-159a.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx\u003e"
},
{
"trust": 0.1,
"url": "http://labs.adobe.com/technologies/flashplayer10/\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/reading_room/securing_browser/\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx\u003e"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40034/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40034"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40034/#comments"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44816"
},
{
"db": "VULMON",
"id": "CVE-2010-2211"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "BID",
"id": "41243"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001717"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "90321"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-489"
},
{
"db": "NVD",
"id": "CVE-2010-2211"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44816"
},
{
"db": "VULMON",
"id": "CVE-2010-2211"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "BID",
"id": "41243"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001717"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "90321"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-489"
},
{
"db": "NVD",
"id": "CVE-2010-2211"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-06-07T00:00:00",
"db": "CERT/CC",
"id": "VU#486225"
},
{
"date": "2010-06-30T00:00:00",
"db": "VULHUB",
"id": "VHN-44816"
},
{
"date": "2010-06-30T00:00:00",
"db": "VULMON",
"id": "CVE-2010-2211"
},
{
"date": "2010-06-24T00:00:00",
"db": "BID",
"id": "41130"
},
{
"date": "2010-06-29T00:00:00",
"db": "BID",
"id": "41243"
},
{
"date": "2010-07-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001717"
},
{
"date": "2010-09-08T05:23:46",
"db": "PACKETSTORM",
"id": "93607"
},
{
"date": "2010-06-07T11:14:28",
"db": "PACKETSTORM",
"id": "90322"
},
{
"date": "2010-06-12T04:47:27",
"db": "PACKETSTORM",
"id": "90516"
},
{
"date": "2010-06-07T11:14:25",
"db": "PACKETSTORM",
"id": "90321"
},
{
"date": "2010-06-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-489"
},
{
"date": "2010-06-30T18:30:01.800000",
"db": "NVD",
"id": "CVE-2010-2211"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-03-28T00:00:00",
"db": "CERT/CC",
"id": "VU#486225"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-44816"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2010-2211"
},
{
"date": "2010-06-29T22:08:00",
"db": "BID",
"id": "41130"
},
{
"date": "2010-09-07T21:52:00",
"db": "BID",
"id": "41243"
},
{
"date": "2010-07-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001717"
},
{
"date": "2010-07-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-489"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2010-2211"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-489"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash ActionScript AVM2 newfunction vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201006-489"
}
],
"trust": 0.6
}
}
var-201112-0167
Vulnerability from variot
Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011. ( Memory corruption ) A state vulnerability exists.Arbitrary code execution or denial of service by a third party ( Memory corruption ) It may be in a state. Adobe Acrobat and Reader are prone to a remote memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. Acrobat is a series of products aimed at enterprises, technicians and creative professionals launched in 1993, making the transmission and collaboration of intelligent documents more flexible, reliable and secure. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: acroread security update Advisory ID: RHSA-2012:0011-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-0011.html Issue date: 2012-01-10 CVE Names: CVE-2011-2462 CVE-2011-4369 =====================================================================
- Summary:
Updated acroread packages that fix two security issues are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Relevant releases/architectures:
Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
Adobe Reader allows users to view and print documents in Portable Document Format (PDF). These flaws are detailed on the Adobe security page APSB11-30, listed in the References section. Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259
- Package List:
Red Hat Enterprise Linux AS version 4 Extras:
i386: acroread-9.4.7-1.el4.i386.rpm acroread-plugin-9.4.7-1.el4.i386.rpm
x86_64: acroread-9.4.7-1.el4.i386.rpm
Red Hat Desktop version 4 Extras:
i386: acroread-9.4.7-1.el4.i386.rpm acroread-plugin-9.4.7-1.el4.i386.rpm
x86_64: acroread-9.4.7-1.el4.i386.rpm
Red Hat Enterprise Linux ES version 4 Extras:
i386: acroread-9.4.7-1.el4.i386.rpm acroread-plugin-9.4.7-1.el4.i386.rpm
x86_64: acroread-9.4.7-1.el4.i386.rpm
Red Hat Enterprise Linux WS version 4 Extras:
i386: acroread-9.4.7-1.el4.i386.rpm acroread-plugin-9.4.7-1.el4.i386.rpm
x86_64: acroread-9.4.7-1.el4.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: acroread-9.4.7-1.el5.i386.rpm acroread-plugin-9.4.7-1.el5.i386.rpm
x86_64: acroread-9.4.7-1.el5.i386.rpm acroread-plugin-9.4.7-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: acroread-9.4.7-1.el5.i386.rpm acroread-plugin-9.4.7-1.el5.i386.rpm
x86_64: acroread-9.4.7-1.el5.i386.rpm acroread-plugin-9.4.7-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: acroread-9.4.7-1.el6.i686.rpm acroread-plugin-9.4.7-1.el6.i686.rpm
x86_64: acroread-9.4.7-1.el6.i686.rpm acroread-plugin-9.4.7-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: acroread-9.4.7-1.el6.i686.rpm acroread-plugin-9.4.7-1.el6.i686.rpm
x86_64: acroread-9.4.7-1.el6.i686.rpm acroread-plugin-9.4.7-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: acroread-9.4.7-1.el6.i686.rpm acroread-plugin-9.4.7-1.el6.i686.rpm
x86_64: acroread-9.4.7-1.el6.i686.rpm acroread-plugin-9.4.7-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2011-2462.html https://www.redhat.com/security/data/cve/CVE-2011-4369.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb11-30.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.7"
References
[ 1 ] CVE-2010-4091 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091 [ 2 ] CVE-2011-0562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562 [ 3 ] CVE-2011-0563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563 [ 4 ] CVE-2011-0565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565 [ 5 ] CVE-2011-0566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566 [ 6 ] CVE-2011-0567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567 [ 7 ] CVE-2011-0570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570 [ 8 ] CVE-2011-0585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585 [ 9 ] CVE-2011-0586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586 [ 10 ] CVE-2011-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587 [ 11 ] CVE-2011-0588 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588 [ 12 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 13 ] CVE-2011-0590 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590 [ 14 ] CVE-2011-0591 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591 [ 15 ] CVE-2011-0592 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592 [ 16 ] CVE-2011-0593 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593 [ 17 ] CVE-2011-0594 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594 [ 18 ] CVE-2011-0595 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595 [ 19 ] CVE-2011-0596 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596 [ 20 ] CVE-2011-0598 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598 [ 21 ] CVE-2011-0599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599 [ 22 ] CVE-2011-0600 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600 [ 23 ] CVE-2011-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602 [ 24 ] CVE-2011-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603 [ 25 ] CVE-2011-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604 [ 26 ] CVE-2011-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605 [ 27 ] CVE-2011-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606 [ 28 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 29 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 30 ] CVE-2011-2135 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 31 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 32 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 33 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 34 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 35 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 36 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 37 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 38 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 39 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 40 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 41 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 42 ] CVE-2011-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431 [ 43 ] CVE-2011-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432 [ 44 ] CVE-2011-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433 [ 45 ] CVE-2011-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434 [ 46 ] CVE-2011-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435 [ 47 ] CVE-2011-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436 [ 48 ] CVE-2011-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437 [ 49 ] CVE-2011-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438 [ 50 ] CVE-2011-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439 [ 51 ] CVE-2011-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440 [ 52 ] CVE-2011-2441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441 [ 53 ] CVE-2011-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442 [ 54 ] CVE-2011-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462 [ 55 ] CVE-2011-4369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201201-19.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 .
I. Description
Adobe Security Bulletin APSB11-30 and Adobe Security Advisory APSA11-04 describe a number of vulnerabilities affecting Adobe Reader and Acrobat. These vulnerabilities affect Reader and Acrobat 9.4.6 and earlier 9.x versions. These vulnerabilities also affect Reader X and Acrobat X 10.1.1 and earlier 10.x versions.
An attacker could exploit these vulnerabilities by convincing a user to open a specially crafted PDF file. The Adobe Reader browser plug-in, which can automatically open PDF documents hosted on a website, is available for multiple web browsers and operating systems.
Adobe Reader X and Adobe Acrobat X will be patched in the next quarterly update scheduled for January 10, 2012.
II. Impact
These vulnerabilities could allow a remote attacker to execute arbitrary code, write arbitrary files or folders to the file system, escalate local privileges, or cause a denial of service on an affected system as the result of a user opening a malicious PDF file.
III. Solution
Update Reader
Adobe has released updates to address this issue. Users are encouraged to read Adobe Security Bulletin APSB11-30 and update vulnerable versions of Adobe Reader and Acrobat.
In addition to updating, please consider the following mitigations.
Disable Flash in Adobe Reader and Acrobat
Disabling Flash in Adobe Reader will mitigate attacks that rely on Flash content embedded in a PDF file. Disabling 3D & Multimedia support does not directly address the vulnerability, but it does provide additional mitigation and results in a more user-friendly error message instead of a crash. To disable Flash and 3D & Multimedia support in Adobe Reader 9, delete, rename, or remove access to these files:
Microsoft Windows "%ProgramFiles%\Adobe\Reader 9.0\Reader\authplay.dll" "%ProgramFiles%\Adobe\Reader 9.0\Reader\rt3d.dll"
Apple Mac OS X "/Applications/Adobe Reader 9/Adobe Reader.app/Contents/Frameworks/AuthPlayLib.bundle" "/Applications/Adobe Reader 9/Adobe Reader.app/Contents/Frameworks/Adobe3D.framework"
GNU/Linux (locations may vary among distributions) "/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so" "/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so"
File locations may be different for Adobe Acrobat or other Adobe products that include Flash and 3D & Multimedia support. Disabling these plugins will reduce functionality and will not protect against Flash content that is hosted on websites. Depending on the update schedule for products other than Flash Player, consider leaving Flash and 3D & Multimedia support disabled unless they are absolutely required. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Adobe provides a framework to blacklist specific JavaScipt APIs. If JavaScript must be enabled, this framework may be useful when specific APIs are known to be vulnerable or used in attacks.
Prevent Internet Explorer from automatically opening PDF files
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7] "EditFlags"=hex:00,00,00,00
Disable the display of PDF files in the web browser
Preventing PDF files from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF files from automatically being opened in a web browser, do the following:
- Open the Edit menu.
- Choose the Preferences option.
- Choose the Internet section.
- Uncheck the "Display PDF in browser" checkbox. PDF documents that use the PRC format for 3D content will continue to function on Windows and Linux platforms.
To disable U3D support in Adobe Reader 9 on Microsoft Windows, delete or rename this file:
"%ProgramFiles%\Adobe\Reader 9.0\Reader\plug_ins3d\3difr.x3d"
For Apple Mac OS X, delete or rename this directory:
"/Applications/Adobe Reader 9/Adobe Reader.app/Contents/Frameworks/Adobe3D.framework"
For GNU/Linux, delete or rename this file (locations may vary among distributions):
"/opt/Adobe/Reader9/Reader/intellinux/plug_ins3d/3difr.x3d"
File locations may be different for Adobe Acrobat or other Adobe products or versions.
Do not access PDF files from untrusted sources
Do not open unfamiliar or unexpected PDF files, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. Please send email to cert@cert.org with "TA11-350A Feedback VU#759307" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2011 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
December 16, 2011: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBTuuZnz/GkGVXE7GMAQIN8ggAjjQO8LOasl98uasGZW2J5SHfkKr675Mf ymRzBagFqO9QuId2RvFG2b9nuq5zdqETsrcG1t668wtYLUhBaoLmFXPe/KsDQ9n+ /p9PctVJFmJpV92S3kAHw+u4t1n/Aa/4IdK0oXNBDhkyXrp41F27LY+aQ8FWWuxZ lL4jXSUQ/gLgb6hOhLjRCsQtEhAcPbX/mPNxl6bACXZaOVZT88fz9M7JXryDiJWO uuFi3O2GT0Bd3fEsL57U/TSbq8SynadObMSj4/+Q1HmOHcD0L5gzd9/N4M3D1Emg y7aeUpgycY5eFefY3LVVkb7JkTUbEZHbuNHydFKIJDRlaXBAo+D0QQ== =rKM4 -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201112-0167",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "9.2"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adobe",
"version": null
},
{
"model": "adobe reader",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30a2\u30c9\u30d3",
"version": "x (10.1.1) earlier 10.x for windows macintosh"
},
{
"model": "adobe reader",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30a2\u30c9\u30d3",
"version": "9.4.6 9.x previous s for macintosh"
},
{
"model": "adobe reader",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30a2\u30c9\u30d3",
"version": "9.4.7 9.x previous s for windows"
},
{
"model": "adobe acrobat",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c9\u30d3",
"version": null
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#759307"
},
{
"db": "BID",
"id": "50922"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003287"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-061"
},
{
"db": "NVD",
"id": "CVE-2011-2462"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Lockheed Martin CIRT and MITRE",
"sources": [
{
"db": "BID",
"id": "50922"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-061"
}
],
"trust": 0.9
},
"cve": "CVE-2011-2462",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2011-2462",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-50407",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2011-2462",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2011-2462",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-2462",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#759307",
"trust": 0.8,
"value": "52.51"
},
{
"author": "NVD",
"id": "CVE-2011-2462",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201112-061",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-50407",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2011-2462",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#759307"
},
{
"db": "VULHUB",
"id": "VHN-50407"
},
{
"db": "VULMON",
"id": "CVE-2011-2462"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003287"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-061"
},
{
"db": "NVD",
"id": "CVE-2011-2462"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011. ( Memory corruption ) A state vulnerability exists.Arbitrary code execution or denial of service by a third party ( Memory corruption ) It may be in a state. Adobe Acrobat and Reader are prone to a remote memory corruption vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. Acrobat is a series of products aimed at enterprises, technicians and creative professionals launched in 1993, making the transmission and collaboration of intelligent documents more flexible, reliable and secure. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: acroread security update\nAdvisory ID: RHSA-2012:0011-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2012-0011.html\nIssue date: 2012-01-10\nCVE Names: CVE-2011-2462 CVE-2011-4369 \n=====================================================================\n\n1. Summary:\n\nUpdated acroread packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 and 6\nSupplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. Relevant releases/architectures:\n\nRed Hat Desktop version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux AS version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux ES version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux WS version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nAdobe Reader allows users to view and print documents in Portable Document\nFormat (PDF). These flaws are\ndetailed on the Adobe security page APSB11-30, listed in the References\nsection. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\n5. Package List:\n\nRed Hat Enterprise Linux AS version 4 Extras:\n\ni386:\nacroread-9.4.7-1.el4.i386.rpm\nacroread-plugin-9.4.7-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.7-1.el4.i386.rpm\n\nRed Hat Desktop version 4 Extras:\n\ni386:\nacroread-9.4.7-1.el4.i386.rpm\nacroread-plugin-9.4.7-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.7-1.el4.i386.rpm\n\nRed Hat Enterprise Linux ES version 4 Extras:\n\ni386:\nacroread-9.4.7-1.el4.i386.rpm\nacroread-plugin-9.4.7-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.7-1.el4.i386.rpm\n\nRed Hat Enterprise Linux WS version 4 Extras:\n\ni386:\nacroread-9.4.7-1.el4.i386.rpm\nacroread-plugin-9.4.7-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.7-1.el4.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nacroread-9.4.7-1.el5.i386.rpm\nacroread-plugin-9.4.7-1.el5.i386.rpm\n\nx86_64:\nacroread-9.4.7-1.el5.i386.rpm\nacroread-plugin-9.4.7-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nacroread-9.4.7-1.el5.i386.rpm\nacroread-plugin-9.4.7-1.el5.i386.rpm\n\nx86_64:\nacroread-9.4.7-1.el5.i386.rpm\nacroread-plugin-9.4.7-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nacroread-9.4.7-1.el6.i686.rpm\nacroread-plugin-9.4.7-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.7-1.el6.i686.rpm\nacroread-plugin-9.4.7-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nacroread-9.4.7-1.el6.i686.rpm\nacroread-plugin-9.4.7-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.7-1.el6.i686.rpm\nacroread-plugin-9.4.7-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nacroread-9.4.7-1.el6.i686.rpm\nacroread-plugin-9.4.7-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.7-1.el6.i686.rpm\nacroread-plugin-9.4.7-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and \ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2011-2462.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-4369.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb11-30.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2012 Red Hat, Inc. Please\nreview the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.4.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-4091\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091\n[ 2 ] CVE-2011-0562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562\n[ 3 ] CVE-2011-0563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563\n[ 4 ] CVE-2011-0565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565\n[ 5 ] CVE-2011-0566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566\n[ 6 ] CVE-2011-0567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567\n[ 7 ] CVE-2011-0570\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570\n[ 8 ] CVE-2011-0585\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585\n[ 9 ] CVE-2011-0586\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586\n[ 10 ] CVE-2011-0587\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587\n[ 11 ] CVE-2011-0588\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588\n[ 12 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 13 ] CVE-2011-0590\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590\n[ 14 ] CVE-2011-0591\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591\n[ 15 ] CVE-2011-0592\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592\n[ 16 ] CVE-2011-0593\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593\n[ 17 ] CVE-2011-0594\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594\n[ 18 ] CVE-2011-0595\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595\n[ 19 ] CVE-2011-0596\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596\n[ 20 ] CVE-2011-0598\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598\n[ 21 ] CVE-2011-0599\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599\n[ 22 ] CVE-2011-0600\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600\n[ 23 ] CVE-2011-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602\n[ 24 ] CVE-2011-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603\n[ 25 ] CVE-2011-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604\n[ 26 ] CVE-2011-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605\n[ 27 ] CVE-2011-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606\n[ 28 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 29 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 30 ] CVE-2011-2135\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 31 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 32 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 33 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 34 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 35 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 36 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 37 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 38 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 39 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 40 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 41 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 42 ] CVE-2011-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431\n[ 43 ] CVE-2011-2432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432\n[ 44 ] CVE-2011-2433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433\n[ 45 ] CVE-2011-2434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434\n[ 46 ] CVE-2011-2435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435\n[ 47 ] CVE-2011-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436\n[ 48 ] CVE-2011-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437\n[ 49 ] CVE-2011-2438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438\n[ 50 ] CVE-2011-2439\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439\n[ 51 ] CVE-2011-2440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440\n[ 52 ] CVE-2011-2441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441\n[ 53 ] CVE-2011-2442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442\n[ 54 ] CVE-2011-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462\n[ 55 ] CVE-2011-4369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201201-19.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. \n\n\nI. Description\n\n Adobe Security Bulletin APSB11-30 and Adobe Security Advisory\n APSA11-04 describe a number of vulnerabilities affecting Adobe\n Reader and Acrobat. These vulnerabilities affect Reader and Acrobat\n 9.4.6 and earlier 9.x versions. These vulnerabilities also affect\n Reader X and Acrobat X 10.1.1 and earlier 10.x versions. \n\n An attacker could exploit these vulnerabilities by convincing a\n user to open a specially crafted PDF file. The Adobe Reader browser\n plug-in, which can automatically open PDF documents hosted on a\n website, is available for multiple web browsers and operating\n systems. \n\n Adobe Reader X and Adobe Acrobat X will be patched in the next\n quarterly update scheduled for January 10, 2012. \n\n\nII. Impact\n\n These vulnerabilities could allow a remote attacker to execute\n arbitrary code, write arbitrary files or folders to the file\n system, escalate local privileges, or cause a denial of service on\n an affected system as the result of a user opening a malicious PDF\n file. \n\n\nIII. Solution\n\n Update Reader\n\n Adobe has released updates to address this issue. Users are\n encouraged to read Adobe Security Bulletin APSB11-30 and update\n vulnerable versions of Adobe Reader and Acrobat. \n\n In addition to updating, please consider the following mitigations. \n\n Disable Flash in Adobe Reader and Acrobat\n\n Disabling Flash in Adobe Reader will mitigate attacks that rely on\n Flash content embedded in a PDF file. Disabling 3D \u0026 Multimedia\n support does not directly address the vulnerability, but it does\n provide additional mitigation and results in a more user-friendly\n error message instead of a crash. To disable Flash and 3D \u0026\n Multimedia support in Adobe Reader 9, delete, rename, or remove\n access to these files:\n\n Microsoft Windows\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\authplay.dll\"\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\rt3d.dll\"\n\n Apple Mac OS X\n \"/Applications/Adobe Reader 9/Adobe\n Reader.app/Contents/Frameworks/AuthPlayLib.bundle\"\n \"/Applications/Adobe Reader 9/Adobe\n Reader.app/Contents/Frameworks/Adobe3D.framework\"\n\n GNU/Linux (locations may vary among distributions)\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so\"\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so\"\n\n File locations may be different for Adobe Acrobat or other Adobe\n products that include Flash and 3D \u0026 Multimedia support. Disabling\n these plugins will reduce functionality and will not protect\n against Flash content that is hosted on websites. Depending on the\n update schedule for products other than Flash Player, consider\n leaving Flash and 3D \u0026 Multimedia support disabled unless they are\n absolutely required. Acrobat JavaScript can be disabled using the\n Preferences menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable\n Acrobat JavaScript). \n\n Adobe provides a framework to blacklist specific JavaScipt APIs. If\n JavaScript must be enabled, this framework may be useful when\n specific APIs are known to be vulnerable or used in attacks. \n\n Prevent Internet Explorer from automatically opening PDF files\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF files in the web browser\n\n Preventing PDF files from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF files from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. PDF documents that use the PRC format\n for 3D content will continue to function on Windows and Linux\n platforms. \n\n To disable U3D support in Adobe Reader 9 on Microsoft Windows,\n delete or rename this file:\n\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\plug_ins3d\\3difr.x3d\"\n\n For Apple Mac OS X, delete or rename this directory:\n\n \"/Applications/Adobe Reader 9/Adobe\n Reader.app/Contents/Frameworks/Adobe3D.framework\"\n\n For GNU/Linux, delete or rename this file (locations may vary among\n distributions):\n\n \"/opt/Adobe/Reader9/Reader/intellinux/plug_ins3d/3difr.x3d\"\n\n File locations may be different for Adobe Acrobat or other Adobe\n products or versions. \n\n Do not access PDF files from untrusted sources\n\n Do not open unfamiliar or unexpected PDF files, particularly those\n hosted on websites or delivered as email attachments. Please see\n Cyber Security Tip ST04-010. \n\n\nIV. Please send\n email to \u003ccert@cert.org\u003e with \"TA11-350A Feedback VU#759307\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2011 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n December 16, 2011: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBTuuZnz/GkGVXE7GMAQIN8ggAjjQO8LOasl98uasGZW2J5SHfkKr675Mf\nymRzBagFqO9QuId2RvFG2b9nuq5zdqETsrcG1t668wtYLUhBaoLmFXPe/KsDQ9n+\n/p9PctVJFmJpV92S3kAHw+u4t1n/Aa/4IdK0oXNBDhkyXrp41F27LY+aQ8FWWuxZ\nlL4jXSUQ/gLgb6hOhLjRCsQtEhAcPbX/mPNxl6bACXZaOVZT88fz9M7JXryDiJWO\nuuFi3O2GT0Bd3fEsL57U/TSbq8SynadObMSj4/+Q1HmOHcD0L5gzd9/N4M3D1Emg\ny7aeUpgycY5eFefY3LVVkb7JkTUbEZHbuNHydFKIJDRlaXBAo+D0QQ==\n=rKM4\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2462"
},
{
"db": "CERT/CC",
"id": "VU#759307"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003287"
},
{
"db": "BID",
"id": "50922"
},
{
"db": "VULHUB",
"id": "VHN-50407"
},
{
"db": "VULMON",
"id": "CVE-2011-2462"
},
{
"db": "PACKETSTORM",
"id": "108558"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "107960"
}
],
"trust": 3.06
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-50407",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=18366",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50407"
},
{
"db": "VULMON",
"id": "CVE-2011-2462"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-2462",
"trust": 4.7
},
{
"db": "USCERT",
"id": "TA11-350A",
"trust": 2.1
},
{
"db": "CERT/CC",
"id": "VU#759307",
"trust": 1.8
},
{
"db": "BID",
"id": "50922",
"trust": 1.0
},
{
"db": "USCERT",
"id": "TA15-119A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003287",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201112-061",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "18277",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "108558",
"trust": 0.2
},
{
"db": "EXPLOIT-DB",
"id": "18366",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "108359",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-72491",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-50407",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2011-2462",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109194",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "107960",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#759307"
},
{
"db": "VULHUB",
"id": "VHN-50407"
},
{
"db": "VULMON",
"id": "CVE-2011-2462"
},
{
"db": "BID",
"id": "50922"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003287"
},
{
"db": "PACKETSTORM",
"id": "108558"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "107960"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-061"
},
{
"db": "NVD",
"id": "CVE-2011-2462"
}
]
},
"id": "VAR-201112-0167",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-50407"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:10:30.605000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSA11-04 Fujitsu Fujitsu \u00a0 Security information",
"trust": 0.8,
"url": "http://blogs.adobe.com/asset/2011/12/background-on-cve-2011-2462.html"
},
{
"title": "Red Hat: Critical: acroread security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20120011 - Security Advisory"
},
{
"title": "ExploitAnalysis",
"trust": 0.1,
"url": "https://github.com/quanyang/ExploitAnalysis "
},
{
"title": "pdf",
"trust": 0.1,
"url": "https://github.com/billytion/pdf "
},
{
"title": "peepdf",
"trust": 0.1,
"url": "https://github.com/jesparza/peepdf "
},
{
"title": "rop-collection",
"trust": 0.1,
"url": "https://github.com/season-lab/rop-collection "
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2013/02/22/apt1_report_used_spear_phishing/"
},
{
"title": "Securelist",
"trust": 0.1,
"url": "https://securelist.com/kaspersky-security-bulletin-malware-evolution-2011/36494/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/attackers-reused-adobe-reader-exploit-code-2009-extremely-targeted-hacks-011112/76088/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/adobe-plans-critical-security-updates-reader-acrobat-next-week-010612/76071/"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2011/12/17/adobe_reader_critical_update/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/adobe-warns-critical-zero-day-flaw-reader-and-acrobat-120611/75965/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2011-2462"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003287"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "Out-of-bounds writing (CWE-787) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-003287"
},
{
"db": "NVD",
"id": "CVE-2011-2462"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://www.adobe.com/support/security/advisories/apsa11-04.html"
},
{
"trust": 2.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta11-350a.html"
},
{
"trust": 1.6,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-30.html"
},
{
"trust": 1.5,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-01.html"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14562"
},
{
"trust": 1.2,
"url": "http://www.redhat.com/support/errata/rhsa-2012-0011.html"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00019.html"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00020.html"
},
{
"trust": 0.9,
"url": "http://www.kb.cert.org/vuls/id/759307"
},
{
"trust": 0.8,
"url": "http://blogs.adobe.com/asset/2011/12/background-on-cve-2011-2462.html"
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/download/en/details.aspx?id=1677"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/b/srd/archive/2010/12/08/on-the-effectiveness-of-dep-and-aslr.aspx"
},
{
"trust": 0.8,
"url": "http://technet.microsoft.com/en-us/security/advisory/2639658"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu759307/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta11-350a/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/ta/jvnta99041988/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2462"
},
{
"trust": 0.8,
"url": "https://www.us-cert.gov/ncas/alerts/ta15-119a"
},
{
"trust": 0.8,
"url": "https://cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20111208-adobe.html"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/50922"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/18277"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2012:0011"
},
{
"trust": 0.1,
"url": "https://github.com/quanyang/exploitanalysis"
},
{
"trust": 0.1,
"url": "https://github.com/jesparza/peepdf"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/18366/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/kb/docs/doc-11259"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-4369.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2462"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2012-0011.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2462.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb11-30.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta11-350a.html\u003e"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/advisories/apsa11-04.html\u003e"
},
{
"trust": 0.1,
"url": "http://kb2.adobe.com/cps/504/cpsid_50431.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/759307\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#759307"
},
{
"db": "VULHUB",
"id": "VHN-50407"
},
{
"db": "VULMON",
"id": "CVE-2011-2462"
},
{
"db": "BID",
"id": "50922"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003287"
},
{
"db": "PACKETSTORM",
"id": "108558"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "107960"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-061"
},
{
"db": "NVD",
"id": "CVE-2011-2462"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#759307"
},
{
"db": "VULHUB",
"id": "VHN-50407"
},
{
"db": "VULMON",
"id": "CVE-2011-2462"
},
{
"db": "BID",
"id": "50922"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003287"
},
{
"db": "PACKETSTORM",
"id": "108558"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "107960"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-061"
},
{
"db": "NVD",
"id": "CVE-2011-2462"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-12-08T00:00:00",
"db": "CERT/CC",
"id": "VU#759307"
},
{
"date": "2011-12-07T00:00:00",
"db": "VULHUB",
"id": "VHN-50407"
},
{
"date": "2011-12-07T00:00:00",
"db": "VULMON",
"id": "CVE-2011-2462"
},
{
"date": "2011-12-06T00:00:00",
"db": "BID",
"id": "50922"
},
{
"date": "2011-12-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003287"
},
{
"date": "2012-01-11T07:30:45",
"db": "PACKETSTORM",
"id": "108558"
},
{
"date": "2012-01-31T00:07:37",
"db": "PACKETSTORM",
"id": "109194"
},
{
"date": "2011-12-17T00:27:48",
"db": "PACKETSTORM",
"id": "107960"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201112-061"
},
{
"date": "2011-12-07T19:55:01.673000",
"db": "NVD",
"id": "CVE-2011-2462"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-12-08T00:00:00",
"db": "CERT/CC",
"id": "VU#759307"
},
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-50407"
},
{
"date": "2017-09-19T00:00:00",
"db": "VULMON",
"id": "CVE-2011-2462"
},
{
"date": "2015-03-19T09:16:00",
"db": "BID",
"id": "50922"
},
{
"date": "2024-07-05T02:02:00",
"db": "JVNDB",
"id": "JVNDB-2011-003287"
},
{
"date": "2011-12-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201112-061"
},
{
"date": "2024-06-28T14:21:09.670000",
"db": "NVD",
"id": "CVE-2011-2462"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-061"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Acrobat and Reader U3D memory corruption vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#759307"
},
{
"db": "BID",
"id": "50922"
}
],
"trust": 1.1
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201112-061"
}
],
"trust": 0.6
}
}
var-201510-0369
Vulnerability from variot
The CBBBRInvite method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the CBBBRInvite method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the CBBBRInvite method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0369",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-486"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005266"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-222"
},
{
"db": "NVD",
"id": "CVE-2015-6709"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005266"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-486"
}
],
"trust": 0.7
},
"cve": "CVE-2015-6709",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6709",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.7,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-6709",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84670",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6709",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6709",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-6709",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-222",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-84670",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-486"
},
{
"db": "VULHUB",
"id": "VHN-84670"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005266"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-222"
},
{
"db": "NVD",
"id": "CVE-2015-6709"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The CBBBRInvite method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the CBBBRInvite method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the CBBBRInvite method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6709"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005266"
},
{
"db": "ZDI",
"id": "ZDI-15-486"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "VULHUB",
"id": "VHN-84670"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6709",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-486",
"trust": 2.4
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005266",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3061",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-222",
"trust": 0.7
},
{
"db": "BID",
"id": "77074",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84670",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-486"
},
{
"db": "VULHUB",
"id": "VHN-84670"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005266"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-222"
},
{
"db": "NVD",
"id": "CVE-2015-6709"
}
]
},
"id": "VAR-201510-0369",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84670"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:31.621000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product Privilege License and Access Control Vulnerability Fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58071"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-486"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005266"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-222"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84670"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005266"
},
{
"db": "NVD",
"id": "CVE-2015-6709"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-486"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6709"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6709"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-486"
},
{
"db": "VULHUB",
"id": "VHN-84670"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005266"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-222"
},
{
"db": "NVD",
"id": "CVE-2015-6709"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-486"
},
{
"db": "VULHUB",
"id": "VHN-84670"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005266"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-222"
},
{
"db": "NVD",
"id": "CVE-2015-6709"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-486"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84670"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005266"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-222"
},
{
"date": "2015-10-14T23:59:31.303000",
"db": "NVD",
"id": "CVE-2015-6709"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-486"
},
{
"date": "2020-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-84670"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005266"
},
{
"date": "2020-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-222"
},
{
"date": "2021-09-08T17:19:32.070000",
"db": "NVD",
"id": "CVE-2015-6709"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-222"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of CBBBRInvite In the method JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005266"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-222"
}
],
"trust": 0.6
}
}
var-201208-0441
Vulnerability from variot
Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE-2012-4150, CVE-2012-4151, CVE-2012-4152, CVE-2012-4154, CVE-2012-4155, CVE-2012-4156, CVE-2012-4157, CVE-2012-4158, CVE-2012-4159, and CVE-2012-4160. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201308-03
http://security.gentoo.org/
Severity: High Title: Adobe Reader: Multiple vulnerabilities Date: August 22, 2013 Bugs: #431732, #451058, #469960 ID: 201308-03
Synopsis
Multiple vulnerabilities have been found in Adobe Reader, including potential remote execution of arbitrary code and local privilege escalation.
Background
Adobe Reader is a closed-source PDF reader.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.5.5 >= 9.5.5
Description
Multiple vulnerabilities have been discovered in Adobe Reader. Please review the CVE identifiers referenced below for details. A local attacker could gain privileges via unspecified vectors.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.5.5"
References
[ 1 ] CVE-2012-1525 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525 [ 2 ] CVE-2012-1530 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530 [ 3 ] CVE-2012-2049 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049 [ 4 ] CVE-2012-2050 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050 [ 5 ] CVE-2012-2051 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051 [ 6 ] CVE-2012-4147 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147 [ 7 ] CVE-2012-4148 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748 [ 8 ] CVE-2012-4149 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149 [ 9 ] CVE-2012-4150 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150 [ 10 ] CVE-2012-4151 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151 [ 11 ] CVE-2012-4152 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152 [ 12 ] CVE-2012-4153 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153 [ 13 ] CVE-2012-4154 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154 [ 14 ] CVE-2012-4155 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155 [ 15 ] CVE-2012-4156 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156 [ 16 ] CVE-2012-4157 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157 [ 17 ] CVE-2012-4158 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158 [ 18 ] CVE-2012-4159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159 [ 19 ] CVE-2012-4160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160 [ 20 ] CVE-2012-4363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363 [ 21 ] CVE-2013-0601 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601 [ 22 ] CVE-2013-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602 [ 23 ] CVE-2013-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603 [ 24 ] CVE-2013-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604 [ 25 ] CVE-2013-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605 [ 26 ] CVE-2013-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606 [ 27 ] CVE-2013-0607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607 [ 28 ] CVE-2013-0608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608 [ 29 ] CVE-2013-0609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609 [ 30 ] CVE-2013-0610 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610 [ 31 ] CVE-2013-0611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611 [ 32 ] CVE-2013-0612 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612 [ 33 ] CVE-2013-0613 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613 [ 34 ] CVE-2013-0614 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614 [ 35 ] CVE-2013-0615 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615 [ 36 ] CVE-2013-0616 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616 [ 37 ] CVE-2013-0617 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617 [ 38 ] CVE-2013-0618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618 [ 39 ] CVE-2013-0619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619 [ 40 ] CVE-2013-0620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620 [ 41 ] CVE-2013-0621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621 [ 42 ] CVE-2013-0622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622 [ 43 ] CVE-2013-0623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623 [ 44 ] CVE-2013-0624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624 [ 45 ] CVE-2013-0626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626 [ 46 ] CVE-2013-0627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627 [ 47 ] CVE-2013-0640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640 [ 48 ] CVE-2013-0641 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641 [ 49 ] CVE-2013-2549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549 [ 50 ] CVE-2013-2550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550 [ 51 ] CVE-2013-2718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718 [ 52 ] CVE-2013-2719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719 [ 53 ] CVE-2013-2720 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720 [ 54 ] CVE-2013-2721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721 [ 55 ] CVE-2013-2722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722 [ 56 ] CVE-2013-2723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723 [ 57 ] CVE-2013-2724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724 [ 58 ] CVE-2013-2725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725 [ 59 ] CVE-2013-2726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726 [ 60 ] CVE-2013-2727 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727 [ 61 ] CVE-2013-2729 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729 [ 62 ] CVE-2013-2730 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730 [ 63 ] CVE-2013-2731 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731 [ 64 ] CVE-2013-2732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732 [ 65 ] CVE-2013-2733 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733 [ 66 ] CVE-2013-2734 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734 [ 67 ] CVE-2013-2735 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735 [ 68 ] CVE-2013-2736 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736 [ 69 ] CVE-2013-2737 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737 [ 70 ] CVE-2013-3337 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337 [ 71 ] CVE-2013-3338 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338 [ 72 ] CVE-2013-3339 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339 [ 73 ] CVE-2013-3340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340 [ 74 ] CVE-2013-3341 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341 [ 75 ] CVE-2013-3342 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201308-03.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . ----------------------------------------------------------------------
The new Secunia CSI 6.0 is now available in beta! Seamless integration with your existing security solutions Sign-up to become a Beta tester: http://secunia.com/csi6beta
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50281
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50281/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
RELEASE DATE: 2012-08-14
DISCUSS ADVISORY: http://secunia.com/advisories/50281/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50281/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.
1) An unspecified error can be exploited to cause a stack-based buffer overflow.
2) An unspecified error can be exploited to cause a buffer overflow.
3) An unspecified error can be exploited to corrupt memory.
4) Another unspecified error can be exploited to corrupt memory.
5) Another unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to cause a heap-based buffer overflow.
7) Multiple unspecified errors can be exploited to corrupt memory.
8) Two unspecified errors can be exploited to corrupt memory.
Note: Vulnerability #8 affects the Macintosh platform only.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
SOLUTION: Apply updates.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1) Pavel Polischouk, TELUS Security Labs 2) An anonymous person via Beyond Security 3) Mateusz Jurczyk, Google Security Team 4, 8) James Quirk 5) John Leitch, Microsoft 6) Nicolas Gr\xe9goire via iDefense 7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team
ORIGINAL ADVISORY: http://www.adobe.com/support/security/bulletins/apsb12-16.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201208-0441",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (windows and macintosh)"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (windows and macintosh)"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "55012"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003641"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-252"
},
{
"db": "NVD",
"id": "CVE-2012-4153"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003641"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mateusz Jurczyk and Gynvael Coldwind, of the Google Security Team",
"sources": [
{
"db": "BID",
"id": "55012"
}
],
"trust": 0.3
},
"cve": "CVE-2012-4153",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2012-4153",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-57434",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-4153",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2012-4153",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201208-252",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-57434",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57434"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003641"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-252"
},
{
"db": "NVD",
"id": "CVE-2012-4153"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE-2012-4150, CVE-2012-4151, CVE-2012-4152, CVE-2012-4154, CVE-2012-4155, CVE-2012-4156, CVE-2012-4157, CVE-2012-4158, CVE-2012-4159, and CVE-2012-4160. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201308-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Adobe Reader: Multiple vulnerabilities\n Date: August 22, 2013\n Bugs: #431732, #451058, #469960\n ID: 201308-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Adobe Reader, including\npotential remote execution of arbitrary code and local privilege\nescalation. \n\nBackground\n==========\n\nAdobe Reader is a closed-source PDF reader. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/acroread \u003c 9.5.5 \u003e= 9.5.5\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Adobe Reader. Please\nreview the CVE identifiers referenced below for details. A local attacker could gain privileges via\nunspecified vectors. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.5.5\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-1525\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525\n[ 2 ] CVE-2012-1530\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530\n[ 3 ] CVE-2012-2049\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049\n[ 4 ] CVE-2012-2050\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050\n[ 5 ] CVE-2012-2051\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051\n[ 6 ] CVE-2012-4147\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147\n[ 7 ] CVE-2012-4148\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748\n[ 8 ] CVE-2012-4149\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149\n[ 9 ] CVE-2012-4150\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150\n[ 10 ] CVE-2012-4151\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151\n[ 11 ] CVE-2012-4152\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152\n[ 12 ] CVE-2012-4153\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153\n[ 13 ] CVE-2012-4154\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154\n[ 14 ] CVE-2012-4155\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155\n[ 15 ] CVE-2012-4156\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156\n[ 16 ] CVE-2012-4157\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157\n[ 17 ] CVE-2012-4158\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158\n[ 18 ] CVE-2012-4159\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159\n[ 19 ] CVE-2012-4160\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160\n[ 20 ] CVE-2012-4363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363\n[ 21 ] CVE-2013-0601\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601\n[ 22 ] CVE-2013-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602\n[ 23 ] CVE-2013-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603\n[ 24 ] CVE-2013-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604\n[ 25 ] CVE-2013-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605\n[ 26 ] CVE-2013-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606\n[ 27 ] CVE-2013-0607\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607\n[ 28 ] CVE-2013-0608\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608\n[ 29 ] CVE-2013-0609\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609\n[ 30 ] CVE-2013-0610\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610\n[ 31 ] CVE-2013-0611\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611\n[ 32 ] CVE-2013-0612\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612\n[ 33 ] CVE-2013-0613\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613\n[ 34 ] CVE-2013-0614\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614\n[ 35 ] CVE-2013-0615\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615\n[ 36 ] CVE-2013-0616\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616\n[ 37 ] CVE-2013-0617\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617\n[ 38 ] CVE-2013-0618\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618\n[ 39 ] CVE-2013-0619\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619\n[ 40 ] CVE-2013-0620\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620\n[ 41 ] CVE-2013-0621\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621\n[ 42 ] CVE-2013-0622\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622\n[ 43 ] CVE-2013-0623\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623\n[ 44 ] CVE-2013-0624\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624\n[ 45 ] CVE-2013-0626\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626\n[ 46 ] CVE-2013-0627\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627\n[ 47 ] CVE-2013-0640\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640\n[ 48 ] CVE-2013-0641\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641\n[ 49 ] CVE-2013-2549\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549\n[ 50 ] CVE-2013-2550\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550\n[ 51 ] CVE-2013-2718\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718\n[ 52 ] CVE-2013-2719\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719\n[ 53 ] CVE-2013-2720\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720\n[ 54 ] CVE-2013-2721\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721\n[ 55 ] CVE-2013-2722\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722\n[ 56 ] CVE-2013-2723\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723\n[ 57 ] CVE-2013-2724\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724\n[ 58 ] CVE-2013-2725\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725\n[ 59 ] CVE-2013-2726\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726\n[ 60 ] CVE-2013-2727\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727\n[ 61 ] CVE-2013-2729\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729\n[ 62 ] CVE-2013-2730\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730\n[ 63 ] CVE-2013-2731\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731\n[ 64 ] CVE-2013-2732\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732\n[ 65 ] CVE-2013-2733\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733\n[ 66 ] CVE-2013-2734\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734\n[ 67 ] CVE-2013-2735\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735\n[ 68 ] CVE-2013-2736\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736\n[ 69 ] CVE-2013-2737\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737\n[ 70 ] CVE-2013-3337\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337\n[ 71 ] CVE-2013-3338\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338\n[ 72 ] CVE-2013-3339\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339\n[ 73 ] CVE-2013-3340\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340\n[ 74 ] CVE-2013-3341\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341\n[ 75 ] CVE-2013-3342\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201308-03.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ----------------------------------------------------------------------\n\nThe new Secunia CSI 6.0 is now available in beta!\nSeamless integration with your existing security solutions Sign-up to \nbecome a Beta tester: http://secunia.com/csi6beta\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50281\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50281/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nRELEASE DATE:\n2012-08-14\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50281/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50281/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader and Adobe\nAcrobat, which can be exploited by malicious people to compromise a\nuser\u0027s system. \n\n1) An unspecified error can be exploited to cause a stack-based\nbuffer overflow. \n\n2) An unspecified error can be exploited to cause a buffer overflow. \n\n3) An unspecified error can be exploited to corrupt memory. \n\n4) Another unspecified error can be exploited to corrupt memory. \n\n5) Another unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to cause a heap-based buffer\noverflow. \n\n7) Multiple unspecified errors can be exploited to corrupt memory. \n\n8) Two unspecified errors can be exploited to corrupt memory. \n\nNote: Vulnerability #8 affects the Macintosh platform only. \n\nSuccessful exploitation of the vulnerabilities may allow execution of\narbitrary code. \n\nSOLUTION:\nApply updates. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1) Pavel Polischouk, TELUS Security Labs\n2) An anonymous person via Beyond Security\n3) Mateusz Jurczyk, Google Security Team\n4, 8) James Quirk\n5) John Leitch, Microsoft\n6) Nicolas Gr\\xe9goire via iDefense\n7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team\n\nORIGINAL ADVISORY:\nhttp://www.adobe.com/support/security/bulletins/apsb12-16.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4153"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003641"
},
{
"db": "BID",
"id": "55012"
},
{
"db": "VULHUB",
"id": "VHN-57434"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-4153",
"trust": 2.9
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003641",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201208-252",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "50281",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "20342",
"trust": 0.6
},
{
"db": "BID",
"id": "55012",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-57434",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "122930",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "115524",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57434"
},
{
"db": "BID",
"id": "55012"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003641"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-252"
},
{
"db": "NVD",
"id": "CVE-2012-4153"
}
]
},
"id": "VAR-201208-0441",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-57434"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:45:14.083000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"title": "APSB12-16 (cq08100817)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/acrobat/kb/cq08100817.html"
},
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb12-16.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20120816.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003641"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57434"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003641"
},
{
"db": "NVD",
"id": "CVE-2012-4153"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"trust": 1.2,
"url": "http://security.gentoo.org/glsa/glsa-201308-03.xml"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16321"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4153"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2012/at120023.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4153"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50281"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/20342"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3338"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4147"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4155"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4152"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2729"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2718"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0611"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2719"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2722"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4147"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4152"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0620"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2725"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2721"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1525"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4153"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0607"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0617"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4151"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0615"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0601"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1525"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2735"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2726"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2737"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2549"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4154"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2727"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0608"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4157"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1530"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2734"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4157"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4153"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4150"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3342"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0641"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0610"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2731"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0623"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2049"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2733"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2736"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3337"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2050"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2720"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0614"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1530"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2730"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0616"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4151"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0619"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4150"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4154"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3341"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2550"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0640"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4155"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2049"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2732"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2724"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0612"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0613"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2723"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2050"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0621"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0601"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/"
},
{
"trust": 0.1,
"url": "http://secunia.com/csi6beta"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57434"
},
{
"db": "BID",
"id": "55012"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003641"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-252"
},
{
"db": "NVD",
"id": "CVE-2012-4153"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-57434"
},
{
"db": "BID",
"id": "55012"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003641"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-252"
},
{
"db": "NVD",
"id": "CVE-2012-4153"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-15T00:00:00",
"db": "VULHUB",
"id": "VHN-57434"
},
{
"date": "2012-08-14T00:00:00",
"db": "BID",
"id": "55012"
},
{
"date": "2012-08-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003641"
},
{
"date": "2013-08-23T06:29:02",
"db": "PACKETSTORM",
"id": "122930"
},
{
"date": "2012-08-14T04:36:45",
"db": "PACKETSTORM",
"id": "115524"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-252"
},
{
"date": "2012-08-15T10:31:41.427000",
"db": "NVD",
"id": "CVE-2012-4153"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-57434"
},
{
"date": "2013-08-26T10:12:00",
"db": "BID",
"id": "55012"
},
{
"date": "2012-08-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003641"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-252"
},
{
"date": "2017-09-19T01:35:16.857000",
"db": "NVD",
"id": "CVE-2012-4153"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-252"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X upper Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003641"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-252"
}
],
"trust": 0.6
}
}
var-201412-0493
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE-2014-8461, and CVE-2014-9158. Adobe Reader and Acrobat are prone to an unspecified memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201412-0493",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.02"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.06"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.01"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.03"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.07"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.04"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.13)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.13)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.10)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.10)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
}
],
"sources": [
{
"db": "BID",
"id": "71576"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005934"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-234"
},
{
"db": "NVD",
"id": "CVE-2014-8459"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005934"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mateusz Jurczyk of Google Project Zero and Gynvael Coldwind of Google Security Team",
"sources": [
{
"db": "BID",
"id": "71576"
}
],
"trust": 0.3
},
"cve": "CVE-2014-8459",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-8459",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-76404",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-8459",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-8459",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201412-234",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-76404",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76404"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005934"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-234"
},
{
"db": "NVD",
"id": "CVE-2014-8459"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE-2014-8461, and CVE-2014-9158. Adobe Reader and Acrobat are prone to an unspecified memory-corruption vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8459"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005934"
},
{
"db": "BID",
"id": "71576"
},
{
"db": "VULHUB",
"id": "VHN-76404"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-8459",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005934",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201412-234",
"trust": 0.7
},
{
"db": "BID",
"id": "71576",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-76404",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76404"
},
{
"db": "BID",
"id": "71576"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005934"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-234"
},
{
"db": "NVD",
"id": "CVE-2014-8459"
}
]
},
"id": "VAR-201412-0493",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-76404"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T15:08:42.674000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb14-28.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005934"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76404"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005934"
},
{
"db": "NVD",
"id": "CVE-2014-8459"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8459"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20141210-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140053.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8459"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=15071"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat.html"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76404"
},
{
"db": "BID",
"id": "71576"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005934"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-234"
},
{
"db": "NVD",
"id": "CVE-2014-8459"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-76404"
},
{
"db": "BID",
"id": "71576"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005934"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-234"
},
{
"db": "NVD",
"id": "CVE-2014-8459"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-10T00:00:00",
"db": "VULHUB",
"id": "VHN-76404"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71576"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005934"
},
{
"date": "2014-12-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-234"
},
{
"date": "2014-12-10T21:59:30.023000",
"db": "NVD",
"id": "CVE-2014-8459"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-76404"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71576"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005934"
},
{
"date": "2014-12-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-234"
},
{
"date": "2014-12-12T01:36:24.010000",
"db": "NVD",
"id": "CVE-2014-8459"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-234"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005934"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-234"
}
],
"trust": 0.6
}
}
var-201208-0422
Vulnerability from variot
Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4147, CVE-2012-4149, CVE-2012-4150, CVE-2012-4151, CVE-2012-4152, CVE-2012-4153, CVE-2012-4154, CVE-2012-4155, CVE-2012-4156, CVE-2012-4157, CVE-2012-4158, CVE-2012-4159, and CVE-2012-4160. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. ----------------------------------------------------------------------
The new Secunia CSI 6.0 is now available in beta! Seamless integration with your existing security solutions Sign-up to become a Beta tester: http://secunia.com/csi6beta
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50281
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50281/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
RELEASE DATE: 2012-08-14
DISCUSS ADVISORY: http://secunia.com/advisories/50281/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50281/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.
1) An unspecified error can be exploited to cause a stack-based buffer overflow.
2) An unspecified error can be exploited to cause a buffer overflow.
3) An unspecified error can be exploited to corrupt memory.
4) Another unspecified error can be exploited to corrupt memory.
5) Another unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to cause a heap-based buffer overflow.
7) Multiple unspecified errors can be exploited to corrupt memory.
8) Two unspecified errors can be exploited to corrupt memory.
Note: Vulnerability #8 affects the Macintosh platform only.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
SOLUTION: Apply updates.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1) Pavel Polischouk, TELUS Security Labs 2) An anonymous person via Beyond Security 3) Mateusz Jurczyk, Google Security Team 4, 8) James Quirk 5) John Leitch, Microsoft 6) Nicolas Gr\xe9goire via iDefense 7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team
ORIGINAL ADVISORY: http://www.adobe.com/support/security/bulletins/apsb12-16.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201208-0422",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (windows and macintosh)"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "55007"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003636"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-247"
},
{
"db": "NVD",
"id": "CVE-2012-4148"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003636"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "John Leitch at Microsoft and Microsoft Vulnerability Research (MSVR)",
"sources": [
{
"db": "BID",
"id": "55007"
}
],
"trust": 0.3
},
"cve": "CVE-2012-4148",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2012-4148",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-57429",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-4148",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2012-4148",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201208-247",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-57429",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57429"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003636"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-247"
},
{
"db": "NVD",
"id": "CVE-2012-4148"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4147, CVE-2012-4149, CVE-2012-4150, CVE-2012-4151, CVE-2012-4152, CVE-2012-4153, CVE-2012-4154, CVE-2012-4155, CVE-2012-4156, CVE-2012-4157, CVE-2012-4158, CVE-2012-4159, and CVE-2012-4160. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. ----------------------------------------------------------------------\n\nThe new Secunia CSI 6.0 is now available in beta!\nSeamless integration with your existing security solutions Sign-up to \nbecome a Beta tester: http://secunia.com/csi6beta\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50281\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50281/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nRELEASE DATE:\n2012-08-14\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50281/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50281/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader and Adobe\nAcrobat, which can be exploited by malicious people to compromise a\nuser\u0027s system. \n\n1) An unspecified error can be exploited to cause a stack-based\nbuffer overflow. \n\n2) An unspecified error can be exploited to cause a buffer overflow. \n\n3) An unspecified error can be exploited to corrupt memory. \n\n4) Another unspecified error can be exploited to corrupt memory. \n\n5) Another unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to cause a heap-based buffer\noverflow. \n\n7) Multiple unspecified errors can be exploited to corrupt memory. \n\n8) Two unspecified errors can be exploited to corrupt memory. \n\nNote: Vulnerability #8 affects the Macintosh platform only. \n\nSuccessful exploitation of the vulnerabilities may allow execution of\narbitrary code. \n\nSOLUTION:\nApply updates. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1) Pavel Polischouk, TELUS Security Labs\n2) An anonymous person via Beyond Security\n3) Mateusz Jurczyk, Google Security Team\n4, 8) James Quirk\n5) John Leitch, Microsoft\n6) Nicolas Gr\\xe9goire via iDefense\n7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team\n\nORIGINAL ADVISORY:\nhttp://www.adobe.com/support/security/bulletins/apsb12-16.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4148"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003636"
},
{
"db": "BID",
"id": "55007"
},
{
"db": "VULHUB",
"id": "VHN-57429"
},
{
"db": "PACKETSTORM",
"id": "115524"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-4148",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003636",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201208-247",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "50281",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "20324",
"trust": 0.6
},
{
"db": "BID",
"id": "55007",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-57429",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "115524",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57429"
},
{
"db": "BID",
"id": "55007"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003636"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-247"
},
{
"db": "NVD",
"id": "CVE-2012-4148"
}
]
},
"id": "VAR-201208-0422",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-57429"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:53:29.645000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"title": "APSB12-16 (cq08100817)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/acrobat/kb/cq08100817.html"
},
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb12-16.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20120816.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003636"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57429"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003636"
},
{
"db": "NVD",
"id": "CVE-2012-4148"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-201308-03.xml"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16347"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4148"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2012/at120023.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4148"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50281"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/20324"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/"
},
{
"trust": 0.1,
"url": "http://secunia.com/csi6beta"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57429"
},
{
"db": "BID",
"id": "55007"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003636"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-247"
},
{
"db": "NVD",
"id": "CVE-2012-4148"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-57429"
},
{
"db": "BID",
"id": "55007"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003636"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-247"
},
{
"db": "NVD",
"id": "CVE-2012-4148"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-15T00:00:00",
"db": "VULHUB",
"id": "VHN-57429"
},
{
"date": "2012-08-14T00:00:00",
"db": "BID",
"id": "55007"
},
{
"date": "2012-08-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003636"
},
{
"date": "2012-08-14T04:36:45",
"db": "PACKETSTORM",
"id": "115524"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-247"
},
{
"date": "2012-08-15T10:31:41.193000",
"db": "NVD",
"id": "CVE-2012-4148"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-57429"
},
{
"date": "2012-08-14T00:00:00",
"db": "BID",
"id": "55007"
},
{
"date": "2012-08-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003636"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-247"
},
{
"date": "2017-09-19T01:35:16.417000",
"db": "NVD",
"id": "CVE-2012-4148"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-247"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X upper Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003636"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-247"
}
],
"trust": 0.6
}
}
var-201102-0060
Vulnerability from variot
The U3D component in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a 3D file with an invalid Parent Node count that triggers an incorrect size calculation and memory corruption, a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, and CVE-2011-0595. Adobe Reader and Acrobat of U3D A component contains a vulnerability that allows arbitrary code execution. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The flaw exists within the U3D component distributed with the Reader. The application uses the Parent Node count to calculate the size of an allocation. This value is not properly validated and the result of this size calculation can be wrapped to an unexpectedly small and insufficient value. Writes to this newly allocated buffer can be outside the bounds of its allocation. Adobe Reader and Acrobat versions prior to 9.4.2 and 10.0.1 are affected.
For more information: SA43207
SOLUTION: Updated packages are available via Red Hat Network. ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA43207
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43207/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
RELEASE DATE: 2011-02-09
DISCUSS ADVISORY: http://secunia.com/advisories/43207/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43207/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader / Acrobat, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks and compromise a user's system.
2) An unspecified error can be exploited to corrupt memory.
3) An unspecified error related to file permissions in Windows-based versions can be exploited to gain escalated privileges.
4) An unspecified error may allow code execution.
5) An unspecified error when parsing images can be exploited to corrupt memory.
6) An error in AcroRd32.dll when parsing certain images can be exploited to corrupt memory.
7) An unspecified error in the Macintosh-based versions may allow code execution.
9) An unspecified error may allow code execution.
10) A input validation error may allow code execution.
11) An input validation error can be exploited to conduct cross-site scripting attacks.
13) An unspecified error can be exploited to corrupt memory.
14) A boundary error when decoding U3D image data in an IFF file can be exploited to cause a buffer overflow.
15) A boundary error when decoding U3D image data in a RGBA file can be exploited to cause a buffer overflow.
16) A boundary error when decoding U3D image data in a BMP file can be exploited to cause a buffer overflow.
17) A boundary error when decoding U3D image data in a PSD file can be exploited to cause a buffer overflow.
18) An input validation error when parsing fonts may allow code execution.
19) A boundary error when decoding U3D image data in a FLI file can be exploited to cause a buffer overflow.
20) An error in 2d.dll when parsing height and width values of RLE_8 compressed BMP files can be exploited to cause a heap-based buffer overflow.
21) An integer overflow in ACE.dll when parsing certain ICC data can be exploited to cause a buffer overflow.
22) A boundary error in rt3d.dll when parsing bits per pixel and number of colors if 4/8-bit RLE compressed BMP files can be exploited to cause a heap-based buffer overflow.
24) A boundary error when processing JPEG files embedded in a PDF file can be exploited to corrupt heap memory.
25) An unspecified error when parsing images may allow code execution.
26) An input validation error can be exploited to conduct cross-site scripting attacks.
27) An unspecified error in the Macintosh-based versions may allow code execution.
28) A boundary error in rt3d.dll when parsing certain files can be exploited to cause a stack-based buffer overflow.
29) An integer overflow in the U3D implementation when parsing a ILBM texture file can be exploited to cause a buffer overflow.
30) Some vulnerabilities are caused due to vulnerabilities in the bundled version of Adobe Flash Player.
For more information: SA43267
The vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1 and prior, and 10.0 and prior.
SOLUTION: Update to version 8.2.6, 9.4.2, or 10.0.1.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: 2) Bing Liu, Fortinet's FortiGuard Labs. 6) Abdullah Ada via ZDI. 8) Haifei Li, Fortinet's FortiGuard Labs. 14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. 21) Sebastian Apelt via ZDI. 23) el via ZDI. 14) Sean Larsson, iDefense Labs. 28) An anonymous person via ZDI.
The vendor also credits: 1) Mitja Kolsek, ACROS Security. 3) Matthew Pun. 4, 5, 18) Tavis Ormandy, Google Security Team. 7) James Quirk. 9) Brett Gervasoni, Sense of Security. 10) Joe Schatz. 11, 26) Billy Rios, Google Security Team. 12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. 13) CESG. 25) Will Dormann, CERT. 27) Marc Schoenefeld, Red Hat Security Response Team.
ORIGINAL ADVISORY: Adobe (APSB11-03) http://www.adobe.com/support/security/bulletins/apsb11-03.html http://www.adobe.com/support/security/bulletins/apsb11-02.html
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-065/ http://www.zerodayinitiative.com/advisories/ZDI-11-066/ http://www.zerodayinitiative.com/advisories/ZDI-11-067/ http://www.zerodayinitiative.com/advisories/ZDI-11-068/ http://www.zerodayinitiative.com/advisories/ZDI-11-069/ http://www.zerodayinitiative.com/advisories/ZDI-11-070/ http://www.zerodayinitiative.com/advisories/ZDI-11-071/ http://www.zerodayinitiative.com/advisories/ZDI-11-072/ http://www.zerodayinitiative.com/advisories/ZDI-11-073/ http://www.zerodayinitiative.com/advisories/ZDI-11-074/ http://www.zerodayinitiative.com/advisories/ZDI-11-075/ http://www.zerodayinitiative.com/advisories/ZDI-11-077/
FortiGuard Labs: http://www.fortiguard.com/advisory/FGA-2011-06.html
iDefense: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.4.7 >= 9.4.7=20
Description
Multiple vulnerabilities have been discovered in Adobe Reader. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open a specially crafted PDF file using Adobe Reader, possibly resulting in the remote execution of arbitrary code, a Denial of Service, or other impact.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.7"
References
[ 1 ] CVE-2010-4091 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091 [ 2 ] CVE-2011-0562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562 [ 3 ] CVE-2011-0563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563 [ 4 ] CVE-2011-0565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565 [ 5 ] CVE-2011-0566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566 [ 6 ] CVE-2011-0567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567 [ 7 ] CVE-2011-0570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570 [ 8 ] CVE-2011-0585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585 [ 9 ] CVE-2011-0586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586 [ 10 ] CVE-2011-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587 [ 11 ] CVE-2011-0588 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588 [ 12 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 13 ] CVE-2011-0590 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590 [ 14 ] CVE-2011-0591 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591 [ 15 ] CVE-2011-0592 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592 [ 16 ] CVE-2011-0593 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593 [ 17 ] CVE-2011-0594 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594 [ 18 ] CVE-2011-0595 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595 [ 19 ] CVE-2011-0596 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596 [ 20 ] CVE-2011-0598 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598 [ 21 ] CVE-2011-0599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599 [ 22 ] CVE-2011-0600 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600 [ 23 ] CVE-2011-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602 [ 24 ] CVE-2011-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603 [ 25 ] CVE-2011-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604 [ 26 ] CVE-2011-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605 [ 27 ] CVE-2011-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606 [ 28 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 29 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 30 ] CVE-2011-2135 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 31 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 32 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 33 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 34 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 35 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 36 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 37 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 38 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 39 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 40 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 41 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 42 ] CVE-2011-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431 [ 43 ] CVE-2011-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432 [ 44 ] CVE-2011-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433 [ 45 ] CVE-2011-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434 [ 46 ] CVE-2011-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435 [ 47 ] CVE-2011-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436 [ 48 ] CVE-2011-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437 [ 49 ] CVE-2011-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438 [ 50 ] CVE-2011-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439 [ 51 ] CVE-2011-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440 [ 52 ] CVE-2011-2441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441 [ 53 ] CVE-2011-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442 [ 54 ] CVE-2011-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462 [ 55 ] CVE-2011-4369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201201-19.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 .
-- Vendor Response: Adobe has issued an update to correct this vulnerability. More details can be found at:
http://www.adobe.com/support/security/bulletins/apsb11-03.html
-- Disclosure Timeline: 2010-11-15 - Vulnerability reported to vendor 2011-02-08 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by: * el
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
Follow the ZDI on Twitter:
http://twitter.com/thezdi
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0060",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat professional extended",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-074"
},
{
"db": "BID",
"id": "46213"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001211"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-136"
},
{
"db": "NVD",
"id": "CVE-2011-0600"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_server_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_workstation_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001211"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "el through TippingPoint\u0027s Zero Day Initiative",
"sources": [
{
"db": "BID",
"id": "46213"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-136"
}
],
"trust": 0.9
},
"cve": "CVE-2011-0600",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2011-0600",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2011-0600",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-48545",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-0600",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-0600",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2011-0600",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-136",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-48545",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-074"
},
{
"db": "VULHUB",
"id": "VHN-48545"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001211"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-136"
},
{
"db": "NVD",
"id": "CVE-2011-0600"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The U3D component in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a 3D file with an invalid Parent Node count that triggers an incorrect size calculation and memory corruption, a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, and CVE-2011-0595. Adobe Reader and Acrobat of U3D A component contains a vulnerability that allows arbitrary code execution. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The flaw exists within the U3D component distributed with the Reader. The application uses the Parent Node count to calculate the size of an allocation. This value is not properly validated and the result of this size calculation can be wrapped to an unexpectedly small and insufficient value. Writes to this newly allocated buffer can be outside the bounds of its allocation. \nAdobe Reader and Acrobat versions prior to 9.4.2 and 10.0.1 are affected. \n\nFor more information:\nSA43207\n\nSOLUTION:\nUpdated packages are available via Red Hat Network. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA43207\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43207/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nRELEASE DATE:\n2011-02-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43207/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43207/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader /\nAcrobat, which can be exploited by malicious, local users to gain\nescalated privileges and by malicious people to conduct cross-site\nscripting attacks and compromise a user\u0027s system. \n\n2) An unspecified error can be exploited to corrupt memory. \n\n3) An unspecified error related to file permissions in Windows-based\nversions can be exploited to gain escalated privileges. \n\n4) An unspecified error may allow code execution. \n\n5) An unspecified error when parsing images can be exploited to\ncorrupt memory. \n\n6) An error in AcroRd32.dll when parsing certain images can be\nexploited to corrupt memory. \n\n7) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n9) An unspecified error may allow code execution. \n\n10) A input validation error may allow code execution. \n\n11) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n13) An unspecified error can be exploited to corrupt memory. \n\n14) A boundary error when decoding U3D image data in an IFF file can\nbe exploited to cause a buffer overflow. \n\n15) A boundary error when decoding U3D image data in a RGBA file can\nbe exploited to cause a buffer overflow. \n\n16) A boundary error when decoding U3D image data in a BMP file can\nbe exploited to cause a buffer overflow. \n\n17) A boundary error when decoding U3D image data in a PSD file can\nbe exploited to cause a buffer overflow. \n\n18) An input validation error when parsing fonts may allow code\nexecution. \n\n19) A boundary error when decoding U3D image data in a FLI file can\nbe exploited to cause a buffer overflow. \n\n20) An error in 2d.dll when parsing height and width values of RLE_8\ncompressed BMP files can be exploited to cause a heap-based buffer\noverflow. \n\n21) An integer overflow in ACE.dll when parsing certain ICC data can\nbe exploited to cause a buffer overflow. \n\n22) A boundary error in rt3d.dll when parsing bits per pixel and\nnumber of colors if 4/8-bit RLE compressed BMP files can be exploited\nto cause a heap-based buffer overflow. \n\n24) A boundary error when processing JPEG files embedded in a PDF\nfile can be exploited to corrupt heap memory. \n\n25) An unspecified error when parsing images may allow code\nexecution. \n\n26) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n27) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n28) A boundary error in rt3d.dll when parsing certain files can be\nexploited to cause a stack-based buffer overflow. \n\n29) An integer overflow in the U3D implementation when parsing a ILBM\ntexture file can be exploited to cause a buffer overflow. \n\n30) Some vulnerabilities are caused due to vulnerabilities in the\nbundled version of Adobe Flash Player. \n\nFor more information:\nSA43267\n\nThe vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1\nand prior, and 10.0 and prior. \n\nSOLUTION:\nUpdate to version 8.2.6, 9.4.2, or 10.0.1. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\n2) Bing Liu, Fortinet\u0027s FortiGuard Labs. \n6) Abdullah Ada via ZDI. \n8) Haifei Li, Fortinet\u0027s FortiGuard Labs. \n14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. \n21) Sebastian Apelt via ZDI. \n23) el via ZDI. \n14) Sean Larsson, iDefense Labs. \n28) An anonymous person via ZDI. \n\nThe vendor also credits:\n1) Mitja Kolsek, ACROS Security. \n3) Matthew Pun. \n4, 5, 18) Tavis Ormandy, Google Security Team. \n7) James Quirk. \n9) Brett Gervasoni, Sense of Security. \n10) Joe Schatz. \n11, 26) Billy Rios, Google Security Team. \n12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. \n13) CESG. \n25) Will Dormann, CERT. \n27) Marc Schoenefeld, Red Hat Security Response Team. \n\nORIGINAL ADVISORY:\nAdobe (APSB11-03)\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-02.html\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-065/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-066/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-067/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-068/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-069/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-070/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-071/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-072/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-073/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-074/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-075/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-077/\n\nFortiGuard Labs:\nhttp://www.fortiguard.com/advisory/FGA-2011-06.html\n\niDefense:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/acroread \u003c 9.4.7 \u003e= 9.4.7=20\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Adobe Reader. Please\nreview the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could entice a user to open a specially crafted PDF\nfile using Adobe Reader, possibly resulting in the remote execution of\narbitrary code, a Denial of Service, or other impact. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.4.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-4091\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091\n[ 2 ] CVE-2011-0562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562\n[ 3 ] CVE-2011-0563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563\n[ 4 ] CVE-2011-0565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565\n[ 5 ] CVE-2011-0566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566\n[ 6 ] CVE-2011-0567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567\n[ 7 ] CVE-2011-0570\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570\n[ 8 ] CVE-2011-0585\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585\n[ 9 ] CVE-2011-0586\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586\n[ 10 ] CVE-2011-0587\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587\n[ 11 ] CVE-2011-0588\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588\n[ 12 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 13 ] CVE-2011-0590\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590\n[ 14 ] CVE-2011-0591\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591\n[ 15 ] CVE-2011-0592\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592\n[ 16 ] CVE-2011-0593\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593\n[ 17 ] CVE-2011-0594\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594\n[ 18 ] CVE-2011-0595\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595\n[ 19 ] CVE-2011-0596\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596\n[ 20 ] CVE-2011-0598\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598\n[ 21 ] CVE-2011-0599\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599\n[ 22 ] CVE-2011-0600\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600\n[ 23 ] CVE-2011-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602\n[ 24 ] CVE-2011-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603\n[ 25 ] CVE-2011-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604\n[ 26 ] CVE-2011-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605\n[ 27 ] CVE-2011-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606\n[ 28 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 29 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 30 ] CVE-2011-2135\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 31 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 32 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 33 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 34 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 35 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 36 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 37 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 38 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 39 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 40 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 41 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 42 ] CVE-2011-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431\n[ 43 ] CVE-2011-2432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432\n[ 44 ] CVE-2011-2433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433\n[ 45 ] CVE-2011-2434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434\n[ 46 ] CVE-2011-2435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435\n[ 47 ] CVE-2011-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436\n[ 48 ] CVE-2011-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437\n[ 49 ] CVE-2011-2438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438\n[ 50 ] CVE-2011-2439\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439\n[ 51 ] CVE-2011-2440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440\n[ 52 ] CVE-2011-2441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441\n[ 53 ] CVE-2011-2442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442\n[ 54 ] CVE-2011-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462\n[ 55 ] CVE-2011-4369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201201-19.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. \n\n-- Vendor Response:\nAdobe has issued an update to correct this vulnerability. More\ndetails can be found at:\n\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\n\n-- Disclosure Timeline:\n2010-11-15 - Vulnerability reported to vendor\n2011-02-08 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n * el\n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nFollow the ZDI on Twitter:\n\n http://twitter.com/thezdi\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0600"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001211"
},
{
"db": "ZDI",
"id": "ZDI-11-074"
},
{
"db": "BID",
"id": "46213"
},
{
"db": "VULHUB",
"id": "VHN-48545"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "98289"
}
],
"trust": 2.97
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-48545",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48545"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-0600",
"trust": 3.7
},
{
"db": "ZDI",
"id": "ZDI-11-074",
"trust": 2.3
},
{
"db": "BID",
"id": "46213",
"trust": 2.2
},
{
"db": "SECTRACK",
"id": "1025033",
"trust": 1.9
},
{
"db": "VUPEN",
"id": "ADV-2011-0337",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "43470",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2011-0492",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "43207",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001211",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-946",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201102-136",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "98289",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-48545",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99246",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-071",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-070",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-066",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-067",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-077",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-073",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-072",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-065",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-068",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-075",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-069",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98320",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109194",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-074"
},
{
"db": "VULHUB",
"id": "VHN-48545"
},
{
"db": "BID",
"id": "46213"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001211"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "98289"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-136"
},
{
"db": "NVD",
"id": "CVE-2011-0600"
}
]
},
"id": "VAR-201102-0060",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48545"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:54:42.763000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-03",
"trust": 1.5,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"title": "cpsid_89065",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/890/cpsid_89065.html"
},
{
"title": "RHSA-2011:0301",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2011-0301.html"
},
{
"title": "Adobe Reader 10.0.1 update - Tier 1 languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38487"
},
{
"title": "Adobe Acrobat 9.4.2 Pro Extended update - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38491"
},
{
"title": "Adobe Reader MUI 10.0.1 update - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38486"
},
{
"title": "Adobe Reader MUI 9.4.2 update - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38490"
},
{
"title": "Adobe Acrobat 9.4.2 Pro update - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38494"
},
{
"title": "Adobe Reader 10.0.1 update - Tier 2 languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38485"
},
{
"title": "Adobe Reader 9.4.2 update - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38489"
},
{
"title": "Adobe Acrobat 10.0.1 Pro update - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38493"
},
{
"title": "Adobe Reader 10.0.1 update - Tier 3 languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38484"
},
{
"title": "Adobe Reader 10.0.1 update - Tier 4 languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38488"
},
{
"title": "Adobe Acrobat 3D 8.2.6 update - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38492"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-074"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001211"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-136"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48545"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001211"
},
{
"db": "NVD",
"id": "CVE-2011-0600"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/46213"
},
{
"trust": 1.9,
"url": "http://www.securitytracker.com/id?1025033"
},
{
"trust": 1.9,
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"trust": 1.5,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-074/"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/516316/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12428"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2011-0301.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/43470"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2011/0492"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0600"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2011/at110004.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0600"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/43207"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/vim/section_179/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/#comments"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-0301.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43470"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-066/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-068/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/#comments"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-065/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-072/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-073/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-069/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-075/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-070/"
},
{
"trust": 0.1,
"url": "http://www.fortiguard.com/advisory/fga-2011-06.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-077/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-067/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-071/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-074"
},
{
"trust": 0.1,
"url": "http://twitter.com/thezdi"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-074"
},
{
"db": "VULHUB",
"id": "VHN-48545"
},
{
"db": "BID",
"id": "46213"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001211"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "98289"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-136"
},
{
"db": "NVD",
"id": "CVE-2011-0600"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-11-074"
},
{
"db": "VULHUB",
"id": "VHN-48545"
},
{
"db": "BID",
"id": "46213"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001211"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "98289"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-136"
},
{
"db": "NVD",
"id": "CVE-2011-0600"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-08T00:00:00",
"db": "ZDI",
"id": "ZDI-11-074"
},
{
"date": "2011-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-48545"
},
{
"date": "2011-02-08T00:00:00",
"db": "BID",
"id": "46213"
},
{
"date": "2011-03-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001211"
},
{
"date": "2011-03-14T11:37:12",
"db": "PACKETSTORM",
"id": "99246"
},
{
"date": "2011-02-09T03:30:01",
"db": "PACKETSTORM",
"id": "98320"
},
{
"date": "2012-01-31T00:07:37",
"db": "PACKETSTORM",
"id": "109194"
},
{
"date": "2011-02-08T22:42:44",
"db": "PACKETSTORM",
"id": "98289"
},
{
"date": "2011-02-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-136"
},
{
"date": "2011-02-10T18:00:58.800000",
"db": "NVD",
"id": "CVE-2011-0600"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-08T00:00:00",
"db": "ZDI",
"id": "ZDI-11-074"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-48545"
},
{
"date": "2013-06-20T09:39:00",
"db": "BID",
"id": "46213"
},
{
"date": "2011-03-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001211"
},
{
"date": "2011-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-136"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2011-0600"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "98289"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-136"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat of U3D Vulnerability in arbitrary code execution in components",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001211"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-136"
}
],
"trust": 0.6
}
}
var-201412-0500
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE-2014-8459, CVE-2014-8461, and CVE-2014-9158. Adobe Reader and Acrobat are prone to an unspecified memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201412-0500",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.02"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.06"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.01"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.03"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.07"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.04"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.13)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.13)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.10)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.10)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "71570"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005922"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-222"
},
{
"db": "NVD",
"id": "CVE-2014-8446"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005922"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ashfaq Ansari of Payatu Technologies",
"sources": [
{
"db": "BID",
"id": "71570"
}
],
"trust": 0.3
},
"cve": "CVE-2014-8446",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-8446",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-76391",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-8446",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-8446",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201412-222",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-76391",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76391"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005922"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-222"
},
{
"db": "NVD",
"id": "CVE-2014-8446"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE-2014-8459, CVE-2014-8461, and CVE-2014-9158. Adobe Reader and Acrobat are prone to an unspecified memory-corruption vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8446"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005922"
},
{
"db": "BID",
"id": "71570"
},
{
"db": "VULHUB",
"id": "VHN-76391"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-8446",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005922",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201412-222",
"trust": 0.7
},
{
"db": "BID",
"id": "71570",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-76391",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76391"
},
{
"db": "BID",
"id": "71570"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005922"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-222"
},
{
"db": "NVD",
"id": "CVE-2014-8446"
}
]
},
"id": "VAR-201412-0500",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-76391"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T14:06:23.440000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb14-28.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005922"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8446"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8446"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20141210-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140053.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8446"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=15071"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76391"
},
{
"db": "BID",
"id": "71570"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005922"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-222"
},
{
"db": "NVD",
"id": "CVE-2014-8446"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-76391"
},
{
"db": "BID",
"id": "71570"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005922"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-222"
},
{
"db": "NVD",
"id": "CVE-2014-8446"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-10T00:00:00",
"db": "VULHUB",
"id": "VHN-76391"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71570"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005922"
},
{
"date": "2014-12-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-222"
},
{
"date": "2014-12-10T21:59:19.117000",
"db": "NVD",
"id": "CVE-2014-8446"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-76391"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71570"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005922"
},
{
"date": "2014-12-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-222"
},
{
"date": "2014-12-12T01:15:46.777000",
"db": "NVD",
"id": "CVE-2014-8446"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-222"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005922"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "71570"
}
],
"trust": 0.3
}
}
var-201208-0437
Vulnerability from variot
Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4161. Failed exploit attempts will likely cause denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. ----------------------------------------------------------------------
The new Secunia CSI 6.0 is now available in beta! Seamless integration with your existing security solutions Sign-up to become a Beta tester: http://secunia.com/csi6beta
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50281
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50281/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
RELEASE DATE: 2012-08-14
DISCUSS ADVISORY: http://secunia.com/advisories/50281/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50281/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.
1) An unspecified error can be exploited to cause a stack-based buffer overflow.
2) An unspecified error can be exploited to cause a buffer overflow.
3) An unspecified error can be exploited to corrupt memory.
4) Another unspecified error can be exploited to corrupt memory.
5) Another unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to cause a heap-based buffer overflow.
7) Multiple unspecified errors can be exploited to corrupt memory.
8) Two unspecified errors can be exploited to corrupt memory.
Note: Vulnerability #8 affects the Macintosh platform only.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
SOLUTION: Apply updates.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1) Pavel Polischouk, TELUS Security Labs 2) An anonymous person via Beyond Security 3) Mateusz Jurczyk, Google Security Team 4, 8) James Quirk 5) John Leitch, Microsoft 6) Nicolas Gr\xe9goire via iDefense 7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team
ORIGINAL ADVISORY: http://www.adobe.com/support/security/bulletins/apsb12-16.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201208-0437",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (macintosh)"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "55023"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003650"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-261"
},
{
"db": "NVD",
"id": "CVE-2012-4162"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003650"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "James Quirk of Los Alamos, New Mexico",
"sources": [
{
"db": "BID",
"id": "55023"
}
],
"trust": 0.3
},
"cve": "CVE-2012-4162",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2012-4162",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-57443",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-4162",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2012-4162",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201208-261",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-57443",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57443"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003650"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-261"
},
{
"db": "NVD",
"id": "CVE-2012-4162"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4161. Failed exploit attempts will likely cause denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. ----------------------------------------------------------------------\n\nThe new Secunia CSI 6.0 is now available in beta!\nSeamless integration with your existing security solutions Sign-up to \nbecome a Beta tester: http://secunia.com/csi6beta\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50281\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50281/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nRELEASE DATE:\n2012-08-14\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50281/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50281/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader and Adobe\nAcrobat, which can be exploited by malicious people to compromise a\nuser\u0027s system. \n\n1) An unspecified error can be exploited to cause a stack-based\nbuffer overflow. \n\n2) An unspecified error can be exploited to cause a buffer overflow. \n\n3) An unspecified error can be exploited to corrupt memory. \n\n4) Another unspecified error can be exploited to corrupt memory. \n\n5) Another unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to cause a heap-based buffer\noverflow. \n\n7) Multiple unspecified errors can be exploited to corrupt memory. \n\n8) Two unspecified errors can be exploited to corrupt memory. \n\nNote: Vulnerability #8 affects the Macintosh platform only. \n\nSuccessful exploitation of the vulnerabilities may allow execution of\narbitrary code. \n\nSOLUTION:\nApply updates. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1) Pavel Polischouk, TELUS Security Labs\n2) An anonymous person via Beyond Security\n3) Mateusz Jurczyk, Google Security Team\n4, 8) James Quirk\n5) John Leitch, Microsoft\n6) Nicolas Gr\\xe9goire via iDefense\n7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team\n\nORIGINAL ADVISORY:\nhttp://www.adobe.com/support/security/bulletins/apsb12-16.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4162"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003650"
},
{
"db": "BID",
"id": "55023"
},
{
"db": "VULHUB",
"id": "VHN-57443"
},
{
"db": "PACKETSTORM",
"id": "115524"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-4162",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003650",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201208-261",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "50281",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "20332",
"trust": 0.6
},
{
"db": "BID",
"id": "55023",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-57443",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "115524",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57443"
},
{
"db": "BID",
"id": "55023"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003650"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-261"
},
{
"db": "NVD",
"id": "CVE-2012-4162"
}
]
},
"id": "VAR-201208-0437",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-57443"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:36:12.874000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"title": "APSB12-16 (cq08100817)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/acrobat/kb/cq08100817.html"
},
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb12-16.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20120816.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003650"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57443"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003650"
},
{
"db": "NVD",
"id": "CVE-2012-4162"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4162"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2012/at120023.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4162"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50281"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/20332"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/"
},
{
"trust": 0.1,
"url": "http://secunia.com/csi6beta"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57443"
},
{
"db": "BID",
"id": "55023"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003650"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-261"
},
{
"db": "NVD",
"id": "CVE-2012-4162"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-57443"
},
{
"db": "BID",
"id": "55023"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003650"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-261"
},
{
"db": "NVD",
"id": "CVE-2012-4162"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-15T00:00:00",
"db": "VULHUB",
"id": "VHN-57443"
},
{
"date": "2012-08-14T00:00:00",
"db": "BID",
"id": "55023"
},
{
"date": "2012-08-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003650"
},
{
"date": "2012-08-14T04:36:45",
"db": "PACKETSTORM",
"id": "115524"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-261"
},
{
"date": "2012-08-15T10:31:41.787000",
"db": "NVD",
"id": "CVE-2012-4162"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-15T00:00:00",
"db": "VULHUB",
"id": "VHN-57443"
},
{
"date": "2012-08-14T00:00:00",
"db": "BID",
"id": "55023"
},
{
"date": "2012-08-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003650"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-261"
},
{
"date": "2012-08-15T10:31:41.787000",
"db": "NVD",
"id": "CVE-2012-4162"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-261"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003650"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-261"
}
],
"trust": 0.6
}
}
var-201102-0067
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, and CVE-2011-0600. Adobe Reader and Acrobat Contains a vulnerability that allows arbitrary code execution. This vulnerability CVE-2011-0590 , CVE-2011-0591 , CVE-2011-0592 , CVE-2011-0593 and CVE-2011-0600 Is a different vulnerability.By a third party 3D An arbitrary code may be executed via the file. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the application's implementation of an image format supported by the Universal 3D compressed file format. When decoding the image data provided by the file, the application will use one size for allocating space for the destination buffer and then trust the data when decompressing into that buffer. Due to the decompression being unbounded by the actual buffer size, a buffer overflow can be made to occur leading to code execution under the context of the application.
For more information: SA43207
SOLUTION: Updated packages are available via Red Hat Network.
-- Vendor Response: Adobe has issued an update to correct this vulnerability. More details can be found at:
http://www.adobe.com/support/security/bulletins/apsb11-03.html
-- Disclosure Timeline: 2010-10-18 - Vulnerability reported to vendor 2011-02-08 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by: * Peter Vreugdenhil ( http://vreugdenhilresearch.nl )
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
Follow the ZDI on Twitter:
http://twitter.com/thezdi
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA43207
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43207/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
RELEASE DATE: 2011-02-09
DISCUSS ADVISORY: http://secunia.com/advisories/43207/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43207/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader / Acrobat, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks and compromise a user's system.
2) An unspecified error can be exploited to corrupt memory.
3) An unspecified error related to file permissions in Windows-based versions can be exploited to gain escalated privileges.
4) An unspecified error may allow code execution.
5) An unspecified error when parsing images can be exploited to corrupt memory.
6) An error in AcroRd32.dll when parsing certain images can be exploited to corrupt memory.
7) An unspecified error in the Macintosh-based versions may allow code execution.
9) An unspecified error may allow code execution.
10) A input validation error may allow code execution.
11) An input validation error can be exploited to conduct cross-site scripting attacks.
13) An unspecified error can be exploited to corrupt memory.
18) An input validation error when parsing fonts may allow code execution.
20) An error in 2d.dll when parsing height and width values of RLE_8 compressed BMP files can be exploited to cause a heap-based buffer overflow.
21) An integer overflow in ACE.dll when parsing certain ICC data can be exploited to cause a buffer overflow.
22) A boundary error in rt3d.dll when parsing bits per pixel and number of colors if 4/8-bit RLE compressed BMP files can be exploited to cause a heap-based buffer overflow.
23) An error in the U3D implementation when handling the Parent Node count can be exploited to cause a buffer overflow.
24) A boundary error when processing JPEG files embedded in a PDF file can be exploited to corrupt heap memory.
25) An unspecified error when parsing images may allow code execution.
26) An input validation error can be exploited to conduct cross-site scripting attacks.
27) An unspecified error in the Macintosh-based versions may allow code execution.
28) A boundary error in rt3d.dll when parsing certain files can be exploited to cause a stack-based buffer overflow.
29) An integer overflow in the U3D implementation when parsing a ILBM texture file can be exploited to cause a buffer overflow.
30) Some vulnerabilities are caused due to vulnerabilities in the bundled version of Adobe Flash Player.
For more information: SA43267
The vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1 and prior, and 10.0 and prior.
SOLUTION: Update to version 8.2.6, 9.4.2, or 10.0.1.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: 2) Bing Liu, Fortinet's FortiGuard Labs. 6) Abdullah Ada via ZDI. 8) Haifei Li, Fortinet's FortiGuard Labs. 14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. 21) Sebastian Apelt via ZDI. 23) el via ZDI. 14) Sean Larsson, iDefense Labs. 28) An anonymous person via ZDI.
The vendor also credits: 1) Mitja Kolsek, ACROS Security. 3) Matthew Pun. 4, 5, 18) Tavis Ormandy, Google Security Team. 7) James Quirk. 9) Brett Gervasoni, Sense of Security. 10) Joe Schatz. 11, 26) Billy Rios, Google Security Team. 12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. 13) CESG. 25) Will Dormann, CERT. 27) Marc Schoenefeld, Red Hat Security Response Team.
ORIGINAL ADVISORY: Adobe (APSB11-03) http://www.adobe.com/support/security/bulletins/apsb11-03.html http://www.adobe.com/support/security/bulletins/apsb11-02.html
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-065/ http://www.zerodayinitiative.com/advisories/ZDI-11-066/ http://www.zerodayinitiative.com/advisories/ZDI-11-067/ http://www.zerodayinitiative.com/advisories/ZDI-11-068/ http://www.zerodayinitiative.com/advisories/ZDI-11-069/ http://www.zerodayinitiative.com/advisories/ZDI-11-070/ http://www.zerodayinitiative.com/advisories/ZDI-11-071/ http://www.zerodayinitiative.com/advisories/ZDI-11-072/ http://www.zerodayinitiative.com/advisories/ZDI-11-073/ http://www.zerodayinitiative.com/advisories/ZDI-11-074/ http://www.zerodayinitiative.com/advisories/ZDI-11-075/ http://www.zerodayinitiative.com/advisories/ZDI-11-077/
FortiGuard Labs: http://www.fortiguard.com/advisory/FGA-2011-06.html
iDefense: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.7"
References
[ 1 ] CVE-2010-4091 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091 [ 2 ] CVE-2011-0562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562 [ 3 ] CVE-2011-0563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563 [ 4 ] CVE-2011-0565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565 [ 5 ] CVE-2011-0566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566 [ 6 ] CVE-2011-0567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567 [ 7 ] CVE-2011-0570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570 [ 8 ] CVE-2011-0585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585 [ 9 ] CVE-2011-0586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586 [ 10 ] CVE-2011-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587 [ 11 ] CVE-2011-0588 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588 [ 12 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 13 ] CVE-2011-0590 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590 [ 14 ] CVE-2011-0591 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591 [ 15 ] CVE-2011-0592 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592 [ 16 ] CVE-2011-0593 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593 [ 17 ] CVE-2011-0594 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594 [ 18 ] CVE-2011-0595 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595 [ 19 ] CVE-2011-0596 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596 [ 20 ] CVE-2011-0598 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598 [ 21 ] CVE-2011-0599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599 [ 22 ] CVE-2011-0600 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600 [ 23 ] CVE-2011-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602 [ 24 ] CVE-2011-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603 [ 25 ] CVE-2011-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604 [ 26 ] CVE-2011-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605 [ 27 ] CVE-2011-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606 [ 28 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 29 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 30 ] CVE-2011-2135 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 31 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 32 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 33 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 34 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 35 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 36 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 37 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 38 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 39 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 40 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 41 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 42 ] CVE-2011-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431 [ 43 ] CVE-2011-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432 [ 44 ] CVE-2011-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433 [ 45 ] CVE-2011-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434 [ 46 ] CVE-2011-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435 [ 47 ] CVE-2011-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436 [ 48 ] CVE-2011-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437 [ 49 ] CVE-2011-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438 [ 50 ] CVE-2011-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439 [ 51 ] CVE-2011-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440 [ 52 ] CVE-2011-2441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441 [ 53 ] CVE-2011-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442 [ 54 ] CVE-2011-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462 [ 55 ] CVE-2011-4369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201201-19.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0067",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat professional extended",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-070"
},
{
"db": "BID",
"id": "46212"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001207"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-140"
},
{
"db": "NVD",
"id": "CVE-2011-0595"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_server_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_workstation_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001207"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Peter Vreugdenhil through TippingPoint\u0027s Zero Day Initiative",
"sources": [
{
"db": "BID",
"id": "46212"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-140"
}
],
"trust": 0.9
},
"cve": "CVE-2011-0595",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2011-0595",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 9.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2011-0595",
"impactScore": 9.5,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-48540",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-0595",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-0595",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2011-0595",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-140",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-48540",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-070"
},
{
"db": "VULHUB",
"id": "VHN-48540"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001207"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-140"
},
{
"db": "NVD",
"id": "CVE-2011-0595"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, and CVE-2011-0600. Adobe Reader and Acrobat Contains a vulnerability that allows arbitrary code execution. This vulnerability CVE-2011-0590 , CVE-2011-0591 , CVE-2011-0592 , CVE-2011-0593 and CVE-2011-0600 Is a different vulnerability.By a third party 3D An arbitrary code may be executed via the file. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the application\u0027s implementation of an image format supported by the Universal 3D compressed file format. When decoding the image data provided by the file, the application will use one size for allocating space for the destination buffer and then trust the data when decompressing into that buffer. Due to the decompression being unbounded by the actual buffer size, a buffer overflow can be made to occur leading to code execution under the context of the application. \n\nFor more information:\nSA43207\n\nSOLUTION:\nUpdated packages are available via Red Hat Network. \n\n-- Vendor Response:\nAdobe has issued an update to correct this vulnerability. More\ndetails can be found at:\n\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\n\n-- Disclosure Timeline:\n2010-10-18 - Vulnerability reported to vendor\n2011-02-08 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n * Peter Vreugdenhil ( http://vreugdenhilresearch.nl )\n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. TippingPoint does not re-sell the vulnerability details or any\nexploit code. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nFollow the ZDI on Twitter:\n\n http://twitter.com/thezdi\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA43207\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43207/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nRELEASE DATE:\n2011-02-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43207/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43207/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader /\nAcrobat, which can be exploited by malicious, local users to gain\nescalated privileges and by malicious people to conduct cross-site\nscripting attacks and compromise a user\u0027s system. \n\n2) An unspecified error can be exploited to corrupt memory. \n\n3) An unspecified error related to file permissions in Windows-based\nversions can be exploited to gain escalated privileges. \n\n4) An unspecified error may allow code execution. \n\n5) An unspecified error when parsing images can be exploited to\ncorrupt memory. \n\n6) An error in AcroRd32.dll when parsing certain images can be\nexploited to corrupt memory. \n\n7) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n9) An unspecified error may allow code execution. \n\n10) A input validation error may allow code execution. \n\n11) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n13) An unspecified error can be exploited to corrupt memory. \n\n18) An input validation error when parsing fonts may allow code\nexecution. \n\n20) An error in 2d.dll when parsing height and width values of RLE_8\ncompressed BMP files can be exploited to cause a heap-based buffer\noverflow. \n\n21) An integer overflow in ACE.dll when parsing certain ICC data can\nbe exploited to cause a buffer overflow. \n\n22) A boundary error in rt3d.dll when parsing bits per pixel and\nnumber of colors if 4/8-bit RLE compressed BMP files can be exploited\nto cause a heap-based buffer overflow. \n\n23) An error in the U3D implementation when handling the Parent Node\ncount can be exploited to cause a buffer overflow. \n\n24) A boundary error when processing JPEG files embedded in a PDF\nfile can be exploited to corrupt heap memory. \n\n25) An unspecified error when parsing images may allow code\nexecution. \n\n26) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n27) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n28) A boundary error in rt3d.dll when parsing certain files can be\nexploited to cause a stack-based buffer overflow. \n\n29) An integer overflow in the U3D implementation when parsing a ILBM\ntexture file can be exploited to cause a buffer overflow. \n\n30) Some vulnerabilities are caused due to vulnerabilities in the\nbundled version of Adobe Flash Player. \n\nFor more information:\nSA43267\n\nThe vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1\nand prior, and 10.0 and prior. \n\nSOLUTION:\nUpdate to version 8.2.6, 9.4.2, or 10.0.1. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\n2) Bing Liu, Fortinet\u0027s FortiGuard Labs. \n6) Abdullah Ada via ZDI. \n8) Haifei Li, Fortinet\u0027s FortiGuard Labs. \n14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. \n21) Sebastian Apelt via ZDI. \n23) el via ZDI. \n14) Sean Larsson, iDefense Labs. \n28) An anonymous person via ZDI. \n\nThe vendor also credits:\n1) Mitja Kolsek, ACROS Security. \n3) Matthew Pun. \n4, 5, 18) Tavis Ormandy, Google Security Team. \n7) James Quirk. \n9) Brett Gervasoni, Sense of Security. \n10) Joe Schatz. \n11, 26) Billy Rios, Google Security Team. \n12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. \n13) CESG. \n25) Will Dormann, CERT. \n27) Marc Schoenefeld, Red Hat Security Response Team. \n\nORIGINAL ADVISORY:\nAdobe (APSB11-03)\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-02.html\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-065/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-066/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-067/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-068/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-069/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-070/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-071/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-072/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-073/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-074/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-075/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-077/\n\nFortiGuard Labs:\nhttp://www.fortiguard.com/advisory/FGA-2011-06.html\n\niDefense:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. Please\nreview the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.4.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-4091\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091\n[ 2 ] CVE-2011-0562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562\n[ 3 ] CVE-2011-0563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563\n[ 4 ] CVE-2011-0565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565\n[ 5 ] CVE-2011-0566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566\n[ 6 ] CVE-2011-0567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567\n[ 7 ] CVE-2011-0570\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570\n[ 8 ] CVE-2011-0585\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585\n[ 9 ] CVE-2011-0586\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586\n[ 10 ] CVE-2011-0587\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587\n[ 11 ] CVE-2011-0588\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588\n[ 12 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 13 ] CVE-2011-0590\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590\n[ 14 ] CVE-2011-0591\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591\n[ 15 ] CVE-2011-0592\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592\n[ 16 ] CVE-2011-0593\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593\n[ 17 ] CVE-2011-0594\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594\n[ 18 ] CVE-2011-0595\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595\n[ 19 ] CVE-2011-0596\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596\n[ 20 ] CVE-2011-0598\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598\n[ 21 ] CVE-2011-0599\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599\n[ 22 ] CVE-2011-0600\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600\n[ 23 ] CVE-2011-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602\n[ 24 ] CVE-2011-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603\n[ 25 ] CVE-2011-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604\n[ 26 ] CVE-2011-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605\n[ 27 ] CVE-2011-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606\n[ 28 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 29 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 30 ] CVE-2011-2135\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 31 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 32 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 33 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 34 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 35 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 36 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 37 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 38 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 39 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 40 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 41 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 42 ] CVE-2011-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431\n[ 43 ] CVE-2011-2432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432\n[ 44 ] CVE-2011-2433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433\n[ 45 ] CVE-2011-2434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434\n[ 46 ] CVE-2011-2435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435\n[ 47 ] CVE-2011-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436\n[ 48 ] CVE-2011-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437\n[ 49 ] CVE-2011-2438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438\n[ 50 ] CVE-2011-2439\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439\n[ 51 ] CVE-2011-2440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440\n[ 52 ] CVE-2011-2441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441\n[ 53 ] CVE-2011-2442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442\n[ 54 ] CVE-2011-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462\n[ 55 ] CVE-2011-4369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201201-19.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0595"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001207"
},
{
"db": "ZDI",
"id": "ZDI-11-070"
},
{
"db": "BID",
"id": "46212"
},
{
"db": "VULHUB",
"id": "VHN-48540"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98278"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
}
],
"trust": 2.97
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-48540",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48540"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-0595",
"trust": 3.7
},
{
"db": "ZDI",
"id": "ZDI-11-070",
"trust": 2.3
},
{
"db": "BID",
"id": "46212",
"trust": 2.2
},
{
"db": "SECTRACK",
"id": "1025033",
"trust": 1.9
},
{
"db": "VUPEN",
"id": "ADV-2011-0337",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "43470",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2011-0492",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "43207",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001207",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-900",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201102-140",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "98278",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-48540",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99246",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-074",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-071",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-066",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-067",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-077",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-073",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-072",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-065",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-068",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-075",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-069",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98320",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109194",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-070"
},
{
"db": "VULHUB",
"id": "VHN-48540"
},
{
"db": "BID",
"id": "46212"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001207"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98278"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-140"
},
{
"db": "NVD",
"id": "CVE-2011-0595"
}
]
},
"id": "VAR-201102-0067",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48540"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:29:18.615000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-03",
"trust": 1.5,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"title": "cpsid_89065",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/890/cpsid_89065.html"
},
{
"title": "RHSA-2011:0301",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2011-0301.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-070"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001207"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48540"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001207"
},
{
"db": "NVD",
"id": "CVE-2011-0595"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/46212"
},
{
"trust": 1.9,
"url": "http://www.securitytracker.com/id?1025033"
},
{
"trust": 1.9,
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"trust": 1.5,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-070/"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/516312"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12500"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2011-0301.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/43470"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2011/0492"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0595"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2011/at110004.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0595"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/43207"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "/archive/1/516312"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/vim/section_179/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/#comments"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-0301.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43470"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-070"
},
{
"trust": 0.1,
"url": "http://vreugdenhilresearch.nl"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://twitter.com/thezdi"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-066/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-068/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/#comments"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-065/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-072/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-073/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-069/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-075/"
},
{
"trust": 0.1,
"url": "http://www.fortiguard.com/advisory/fga-2011-06.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-077/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-067/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-071/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-074/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-070"
},
{
"db": "VULHUB",
"id": "VHN-48540"
},
{
"db": "BID",
"id": "46212"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001207"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98278"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-140"
},
{
"db": "NVD",
"id": "CVE-2011-0595"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-11-070"
},
{
"db": "VULHUB",
"id": "VHN-48540"
},
{
"db": "BID",
"id": "46212"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001207"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98278"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-140"
},
{
"db": "NVD",
"id": "CVE-2011-0595"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-08T00:00:00",
"db": "ZDI",
"id": "ZDI-11-070"
},
{
"date": "2011-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-48540"
},
{
"date": "2011-02-08T00:00:00",
"db": "BID",
"id": "46212"
},
{
"date": "2011-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001207"
},
{
"date": "2011-03-14T11:37:12",
"db": "PACKETSTORM",
"id": "99246"
},
{
"date": "2011-02-08T22:28:42",
"db": "PACKETSTORM",
"id": "98278"
},
{
"date": "2011-02-09T03:30:01",
"db": "PACKETSTORM",
"id": "98320"
},
{
"date": "2012-01-31T00:07:37",
"db": "PACKETSTORM",
"id": "109194"
},
{
"date": "2011-02-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-140"
},
{
"date": "2011-02-10T18:00:58.643000",
"db": "NVD",
"id": "CVE-2011-0595"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-08T00:00:00",
"db": "ZDI",
"id": "ZDI-11-070"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-48540"
},
{
"date": "2013-06-20T09:40:00",
"db": "BID",
"id": "46212"
},
{
"date": "2011-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001207"
},
{
"date": "2011-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-140"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2011-0595"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "98278"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-140"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001207"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-140"
}
],
"trust": 0.6
}
}
var-201004-0119
Vulnerability from variot
Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0194, CVE-2010-0197, and CVE-2010-0204. Adobe Reader and Acrobat There is a service disruption (DoS) A vulnerability exists that could lead to a condition or arbitrary code execution. This vulnerability CVE-2010-0194 , CVE-2010-0197 and CVE-2010-0204 Is a different vulnerability.Denial of service by attacker (DoS) Could be put into a state or execute arbitrary code. Adobe released an advisory addressing multiple issues in Reader and Acrobat. Attackers can exploit these issues to steal cookie-based authentication credentials, cause a denial-of-service, or execute arbitrary code in the context of the user running an affected application.
I. These vulnerabilities affect Reader and Acrobat 9.3.1 and earlier 9.x versions, and 8.2.1 and earlier versions.
An attacker could exploit these vulnerabilities by convincing a user to open a specially crafted PDF file. The Adobe Reader browser plug-in is available for multiple web browsers and operating systems, which can automatically open PDF documents hosted on a website.
II.
III. For a fresh installation, first install Adobe Reader 9.3.0 or 8.2.0 and then use the automatic update feature or install the appropriate update referenced in APSB10-09. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Adobe provides a framework to blacklist specific JavaScipt APIs. If JavaScript must be enabled, this feature may be useful when specific APIs are known to be vulnerable or used in attacks.
Prevent Internet Explorer from automatically opening PDF documents
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7] "EditFlags"=hex:00,00,00,00
Disable the display of PDF documents in the web browser
Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF documents from automatically being opened in a web browser, do the following:
- Open the Edit menu.
- Choose the Preferences option.
- Choose the Internet section.
- Uncheck the "Display PDF in browser" checkbox.
Do not access PDF documents from untrusted sources
Do not open unfamiliar or unexpected PDF documents, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. Please send email to cert@cert.org with "TA10-103C Feedback VU#352598" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
April 13, 2010: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBS8TuRj6pPKYJORa3AQJfzggAj8p3s/TrJT16ceFtRzLR31QBgRq6GxYr h8WnsGlj2WR71XjH219XaWx9Mj3KBWVxbAsNPmK0tEir7KA+n4DwZCewTDYRqfYs 8N7G9MOI68Z87+7zBiZAo0j5/lQuxLWyTF9PqWbX8gCWLqJWW46cEZCqg7OGRbYt w8coxdMXU6tM3WGoWAIKwLRtpQUdubcITPTrE7RATyLJ1422B9dkTSeSCuHHZs5d eXSPYzTQ1EOwHpuA5/a/or2SjeRPLQcpxb/8WKelSqwW3hpK4zviEnPt4cYyeNqW BQY06OQMTKch/nmniuEDuiwe69m0gTw7Tw2Dm6xrg6BLBy3A6GAwkQ== =CQ6i -----END PGP SIGNATURE----- . For further information please consult the CVE entries and the Adobe Security Bulletins referenced below.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.3.4"
References
[ 1 ] APSA10-01 http://www.adobe.com/support/security/advisories/apsa10-01.html [ 2 ] APSB10-02 http://www.adobe.com/support/security/bulletins/apsb10-02.html [ 3 ] APSB10-07 http://www.adobe.com/support/security/bulletins/apsb10-07.html [ 4 ] APSB10-09 http://www.adobe.com/support/security/bulletins/apsb10-09.html [ 5 ] APSB10-14 http://www.adobe.com/support/security/bulletins/apsb10-14.html [ 6 ] APSB10-16 http://www.adobe.com/support/security/bulletins/apsb10-16.html [ 7 ] CVE-2009-3953 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953 [ 8 ] CVE-2009-4324 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324 [ 9 ] CVE-2010-0186 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186 [ 10 ] CVE-2010-0188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188 [ 11 ] CVE-2010-0190 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190 [ 12 ] CVE-2010-0191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191 [ 13 ] CVE-2010-0192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192 [ 14 ] CVE-2010-0193 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193 [ 15 ] CVE-2010-0194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194 [ 16 ] CVE-2010-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195 [ 17 ] CVE-2010-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196 [ 18 ] CVE-2010-0197 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197 [ 19 ] CVE-2010-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198 [ 20 ] CVE-2010-0199 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199 [ 21 ] CVE-2010-0201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201 [ 22 ] CVE-2010-0202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202 [ 23 ] CVE-2010-0203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203 [ 24 ] CVE-2010-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204 [ 25 ] CVE-2010-1241 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241 [ 26 ] CVE-2010-1285 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285 [ 27 ] CVE-2010-1295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295 [ 28 ] CVE-2010-1297 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297 [ 29 ] CVE-2010-2168 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168 [ 30 ] CVE-2010-2201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201 [ 31 ] CVE-2010-2202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202 [ 32 ] CVE-2010-2203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203 [ 33 ] CVE-2010-2204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204 [ 34 ] CVE-2010-2205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205 [ 35 ] CVE-2010-2206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206 [ 36 ] CVE-2010-2207 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207 [ 37 ] CVE-2010-2208 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208 [ 38 ] CVE-2010-2209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209 [ 39 ] CVE-2010-2210 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210 [ 40 ] CVE-2010-2211 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211 [ 41 ] CVE-2010-2212 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201009-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201004-0119",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.4.z (server)"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "39520"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001356"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-254"
},
{
"db": "NVD",
"id": "CVE-2010-0201"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001356"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Billy Rios and Microsoft Vulnerability Research (MSVR), Aki Helin of Oulu University Secure Programming Group, Microsoft Vulnerability Research Program (MSVR), Bing Liu of Fortinet\u0027s FortiGuard Labs, an anonymous researcher reported through TippingPoint\u0026a",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-254"
}
],
"trust": 0.6
},
"cve": "CVE-2010-0201",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-0201",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-42806",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-0201",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2010-0201",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201004-254",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-42806",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42806"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001356"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-254"
},
{
"db": "NVD",
"id": "CVE-2010-0201"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0194, CVE-2010-0197, and CVE-2010-0204. Adobe Reader and Acrobat There is a service disruption (DoS) A vulnerability exists that could lead to a condition or arbitrary code execution. This vulnerability CVE-2010-0194 , CVE-2010-0197 and CVE-2010-0204 Is a different vulnerability.Denial of service by attacker (DoS) Could be put into a state or execute arbitrary code. Adobe released an advisory addressing multiple issues in Reader and Acrobat. \nAttackers can exploit these issues to steal cookie-based authentication credentials, cause a denial-of-service, or execute arbitrary code in the context of the user running an affected application. \n\n\nI. These\n vulnerabilities affect Reader and Acrobat 9.3.1 and earlier 9.x\n versions, and 8.2.1 and earlier versions. \n\n An attacker could exploit these vulnerabilities by convincing a\n user to open a specially crafted PDF file. The Adobe Reader browser\n plug-in is available for multiple web browsers and operating\n systems, which can automatically open PDF documents hosted on a\n website. \n\n\nII. \n\n\nIII. For a fresh installation, first install\n Adobe Reader 9.3.0 or 8.2.0 and then use the automatic update\n feature or install the appropriate update referenced in APSB10-09. Acrobat JavaScript can be disabled using the\n Preferences menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable\n Acrobat JavaScript). \n\n Adobe provides a framework to blacklist specific JavaScipt APIs. If\n JavaScript must be enabled, this feature may be useful when\n specific APIs are known to be vulnerable or used in attacks. \n\n Prevent Internet Explorer from automatically opening PDF documents\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF documents in the web browser\n\n Preventing PDF documents from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF documents from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. \n\n Do not access PDF documents from untrusted sources\n\n Do not open unfamiliar or unexpected PDF documents, particularly\n those hosted on websites or delivered as email attachments. Please\n see Cyber Security Tip ST04-010. \n\n\nIV. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-103C Feedback VU#352598\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n April 13, 2010: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBS8TuRj6pPKYJORa3AQJfzggAj8p3s/TrJT16ceFtRzLR31QBgRq6GxYr\nh8WnsGlj2WR71XjH219XaWx9Mj3KBWVxbAsNPmK0tEir7KA+n4DwZCewTDYRqfYs\n8N7G9MOI68Z87+7zBiZAo0j5/lQuxLWyTF9PqWbX8gCWLqJWW46cEZCqg7OGRbYt\nw8coxdMXU6tM3WGoWAIKwLRtpQUdubcITPTrE7RATyLJ1422B9dkTSeSCuHHZs5d\neXSPYzTQ1EOwHpuA5/a/or2SjeRPLQcpxb/8WKelSqwW3hpK4zviEnPt4cYyeNqW\nBQY06OQMTKch/nmniuEDuiwe69m0gTw7Tw2Dm6xrg6BLBy3A6GAwkQ==\n=CQ6i\n-----END PGP SIGNATURE-----\n. For further\ninformation please consult the CVE entries and the Adobe Security\nBulletins referenced below. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.3.4\"\n\nReferences\n==========\n\n [ 1 ] APSA10-01\n http://www.adobe.com/support/security/advisories/apsa10-01.html\n [ 2 ] APSB10-02\n http://www.adobe.com/support/security/bulletins/apsb10-02.html\n [ 3 ] APSB10-07\n http://www.adobe.com/support/security/bulletins/apsb10-07.html\n [ 4 ] APSB10-09\n http://www.adobe.com/support/security/bulletins/apsb10-09.html\n [ 5 ] APSB10-14\n http://www.adobe.com/support/security/bulletins/apsb10-14.html\n [ 6 ] APSB10-16\n http://www.adobe.com/support/security/bulletins/apsb10-16.html\n [ 7 ] CVE-2009-3953\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953\n [ 8 ] CVE-2009-4324\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324\n [ 9 ] CVE-2010-0186\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186\n [ 10 ] CVE-2010-0188\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188\n [ 11 ] CVE-2010-0190\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190\n [ 12 ] CVE-2010-0191\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191\n [ 13 ] CVE-2010-0192\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192\n [ 14 ] CVE-2010-0193\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193\n [ 15 ] CVE-2010-0194\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194\n [ 16 ] CVE-2010-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195\n [ 17 ] CVE-2010-0196\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196\n [ 18 ] CVE-2010-0197\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197\n [ 19 ] CVE-2010-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198\n [ 20 ] CVE-2010-0199\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199\n [ 21 ] CVE-2010-0201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201\n [ 22 ] CVE-2010-0202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202\n [ 23 ] CVE-2010-0203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203\n [ 24 ] CVE-2010-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204\n [ 25 ] CVE-2010-1241\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241\n [ 26 ] CVE-2010-1285\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285\n [ 27 ] CVE-2010-1295\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295\n [ 28 ] CVE-2010-1297\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297\n [ 29 ] CVE-2010-2168\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168\n [ 30 ] CVE-2010-2201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201\n [ 31 ] CVE-2010-2202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202\n [ 32 ] CVE-2010-2203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203\n [ 33 ] CVE-2010-2204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204\n [ 34 ] CVE-2010-2205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205\n [ 35 ] CVE-2010-2206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206\n [ 36 ] CVE-2010-2207\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207\n [ 37 ] CVE-2010-2208\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208\n [ 38 ] CVE-2010-2209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209\n [ 39 ] CVE-2010-2210\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210\n [ 40 ] CVE-2010-2211\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211\n [ 41 ] CVE-2010-2212\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201009-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-0201"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001356"
},
{
"db": "BID",
"id": "39520"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "VULHUB",
"id": "VHN-42806"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-0201",
"trust": 2.9
},
{
"db": "USCERT",
"id": "TA10-103C",
"trust": 2.6
},
{
"db": "VUPEN",
"id": "ADV-2010-0873",
"trust": 2.5
},
{
"db": "BID",
"id": "39329",
"trust": 2.0
},
{
"db": "BID",
"id": "39520",
"trust": 1.2
},
{
"db": "USCERT",
"id": "SA10-103C",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001356",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201004-254",
"trust": 0.7
},
{
"db": "CERT/CC",
"id": "TA10-103C",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-42806",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88345",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "93607",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42806"
},
{
"db": "BID",
"id": "39520"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001356"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-254"
},
{
"db": "NVD",
"id": "CVE-2010-0201"
}
]
},
"id": "VAR-201004-0119",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-42806"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:06:08.813000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-09",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"title": "APSB10-09",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-09.html"
},
{
"title": "RHSA-2010:0349",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0349.html"
},
{
"title": "TA10-103C",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-103c.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001356"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42806"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001356"
},
{
"db": "NVD",
"id": "CVE-2010-0201"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-103c.html"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2010/0873"
},
{
"trust": 2.4,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/39329"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7056"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0201"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100009.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-103c/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-13/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0201"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/39520"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-103c.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/index.html#topics"
},
{
"trust": 0.6,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-103c.html\u003e"
},
{
"trust": 0.1,
"url": "http://kb2.adobe.com/cps/504/cpsid_50431.html\u003e"
},
{
"trust": 0.1,
"url": "http://blogs.adobe.com/adobereader/2010/04/upcoming_adobe_reader_and_acro.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2203"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2209"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0188"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0199"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201009-05.xml"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2205"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2211"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1285"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0199"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0190"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2210"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0188"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0198"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-07.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1297"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1241"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1295"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2208"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0190"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0198"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2207"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2168"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2201"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-16.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0186"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2212"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42806"
},
{
"db": "BID",
"id": "39520"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001356"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-254"
},
{
"db": "NVD",
"id": "CVE-2010-0201"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-42806"
},
{
"db": "BID",
"id": "39520"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001356"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-254"
},
{
"db": "NVD",
"id": "CVE-2010-0201"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-14T00:00:00",
"db": "VULHUB",
"id": "VHN-42806"
},
{
"date": "2010-04-13T00:00:00",
"db": "BID",
"id": "39520"
},
{
"date": "2010-04-08T00:00:00",
"db": "BID",
"id": "39329"
},
{
"date": "2010-04-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001356"
},
{
"date": "2010-04-14T07:04:22",
"db": "PACKETSTORM",
"id": "88345"
},
{
"date": "2010-09-08T05:23:46",
"db": "PACKETSTORM",
"id": "93607"
},
{
"date": "2010-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-254"
},
{
"date": "2010-04-14T16:00:01.257000",
"db": "NVD",
"id": "CVE-2010-0201"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-42806"
},
{
"date": "2010-09-07T21:12:00",
"db": "BID",
"id": "39520"
},
{
"date": "2010-04-16T15:53:00",
"db": "BID",
"id": "39329"
},
{
"date": "2010-04-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001356"
},
{
"date": "2010-04-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-254"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2010-0201"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "39520"
},
{
"db": "BID",
"id": "39329"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001356"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "39520"
},
{
"db": "BID",
"id": "39329"
}
],
"trust": 0.6
}
}
var-201208-0421
Vulnerability from variot
Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4148, CVE-2012-4149, CVE-2012-4150, CVE-2012-4151, CVE-2012-4152, CVE-2012-4153, CVE-2012-4154, CVE-2012-4155, CVE-2012-4156, CVE-2012-4157, CVE-2012-4158, CVE-2012-4159, and CVE-2012-4160. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201308-03
http://security.gentoo.org/
Severity: High Title: Adobe Reader: Multiple vulnerabilities Date: August 22, 2013 Bugs: #431732, #451058, #469960 ID: 201308-03
Synopsis
Multiple vulnerabilities have been found in Adobe Reader, including potential remote execution of arbitrary code and local privilege escalation.
Background
Adobe Reader is a closed-source PDF reader.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.5.5 >= 9.5.5
Description
Multiple vulnerabilities have been discovered in Adobe Reader. Please review the CVE identifiers referenced below for details. A local attacker could gain privileges via unspecified vectors.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.5.5"
References
[ 1 ] CVE-2012-1525 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525 [ 2 ] CVE-2012-1530 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530 [ 3 ] CVE-2012-2049 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049 [ 4 ] CVE-2012-2050 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050 [ 5 ] CVE-2012-2051 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051 [ 6 ] CVE-2012-4147 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147 [ 7 ] CVE-2012-4148 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748 [ 8 ] CVE-2012-4149 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149 [ 9 ] CVE-2012-4150 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150 [ 10 ] CVE-2012-4151 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151 [ 11 ] CVE-2012-4152 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152 [ 12 ] CVE-2012-4153 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153 [ 13 ] CVE-2012-4154 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154 [ 14 ] CVE-2012-4155 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155 [ 15 ] CVE-2012-4156 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156 [ 16 ] CVE-2012-4157 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157 [ 17 ] CVE-2012-4158 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158 [ 18 ] CVE-2012-4159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159 [ 19 ] CVE-2012-4160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160 [ 20 ] CVE-2012-4363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363 [ 21 ] CVE-2013-0601 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601 [ 22 ] CVE-2013-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602 [ 23 ] CVE-2013-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603 [ 24 ] CVE-2013-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604 [ 25 ] CVE-2013-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605 [ 26 ] CVE-2013-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606 [ 27 ] CVE-2013-0607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607 [ 28 ] CVE-2013-0608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608 [ 29 ] CVE-2013-0609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609 [ 30 ] CVE-2013-0610 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610 [ 31 ] CVE-2013-0611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611 [ 32 ] CVE-2013-0612 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612 [ 33 ] CVE-2013-0613 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613 [ 34 ] CVE-2013-0614 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614 [ 35 ] CVE-2013-0615 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615 [ 36 ] CVE-2013-0616 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616 [ 37 ] CVE-2013-0617 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617 [ 38 ] CVE-2013-0618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618 [ 39 ] CVE-2013-0619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619 [ 40 ] CVE-2013-0620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620 [ 41 ] CVE-2013-0621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621 [ 42 ] CVE-2013-0622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622 [ 43 ] CVE-2013-0623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623 [ 44 ] CVE-2013-0624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624 [ 45 ] CVE-2013-0626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626 [ 46 ] CVE-2013-0627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627 [ 47 ] CVE-2013-0640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640 [ 48 ] CVE-2013-0641 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641 [ 49 ] CVE-2013-2549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549 [ 50 ] CVE-2013-2550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550 [ 51 ] CVE-2013-2718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718 [ 52 ] CVE-2013-2719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719 [ 53 ] CVE-2013-2720 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720 [ 54 ] CVE-2013-2721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721 [ 55 ] CVE-2013-2722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722 [ 56 ] CVE-2013-2723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723 [ 57 ] CVE-2013-2724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724 [ 58 ] CVE-2013-2725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725 [ 59 ] CVE-2013-2726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726 [ 60 ] CVE-2013-2727 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727 [ 61 ] CVE-2013-2729 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729 [ 62 ] CVE-2013-2730 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730 [ 63 ] CVE-2013-2731 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731 [ 64 ] CVE-2013-2732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732 [ 65 ] CVE-2013-2733 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733 [ 66 ] CVE-2013-2734 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734 [ 67 ] CVE-2013-2735 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735 [ 68 ] CVE-2013-2736 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736 [ 69 ] CVE-2013-2737 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737 [ 70 ] CVE-2013-3337 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337 [ 71 ] CVE-2013-3338 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338 [ 72 ] CVE-2013-3339 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339 [ 73 ] CVE-2013-3340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340 [ 74 ] CVE-2013-3341 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341 [ 75 ] CVE-2013-3342 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201308-03.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . ----------------------------------------------------------------------
The new Secunia CSI 6.0 is now available in beta! Seamless integration with your existing security solutions Sign-up to become a Beta tester: http://secunia.com/csi6beta
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50281
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50281/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
RELEASE DATE: 2012-08-14
DISCUSS ADVISORY: http://secunia.com/advisories/50281/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50281/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.
1) An unspecified error can be exploited to cause a stack-based buffer overflow.
2) An unspecified error can be exploited to cause a buffer overflow.
3) An unspecified error can be exploited to corrupt memory.
4) Another unspecified error can be exploited to corrupt memory.
5) Another unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to cause a heap-based buffer overflow.
7) Multiple unspecified errors can be exploited to corrupt memory.
8) Two unspecified errors can be exploited to corrupt memory.
Note: Vulnerability #8 affects the Macintosh platform only.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
SOLUTION: Apply updates.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1) Pavel Polischouk, TELUS Security Labs 2) An anonymous person via Beyond Security 3) Mateusz Jurczyk, Google Security Team 4, 8) James Quirk 5) John Leitch, Microsoft 6) Nicolas Gr\xe9goire via iDefense 7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team
ORIGINAL ADVISORY: http://www.adobe.com/support/security/bulletins/apsb12-16.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201208-0421",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (windows and macintosh)"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (windows and macintosh)"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "55006"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003635"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-246"
},
{
"db": "NVD",
"id": "CVE-2012-4147"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003635"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "James Quirk of Los Alamos, New Mexico",
"sources": [
{
"db": "BID",
"id": "55006"
}
],
"trust": 0.3
},
"cve": "CVE-2012-4147",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2012-4147",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-57428",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-4147",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2012-4147",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201208-246",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-57428",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57428"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003635"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-246"
},
{
"db": "NVD",
"id": "CVE-2012-4147"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4148, CVE-2012-4149, CVE-2012-4150, CVE-2012-4151, CVE-2012-4152, CVE-2012-4153, CVE-2012-4154, CVE-2012-4155, CVE-2012-4156, CVE-2012-4157, CVE-2012-4158, CVE-2012-4159, and CVE-2012-4160. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201308-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Adobe Reader: Multiple vulnerabilities\n Date: August 22, 2013\n Bugs: #431732, #451058, #469960\n ID: 201308-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Adobe Reader, including\npotential remote execution of arbitrary code and local privilege\nescalation. \n\nBackground\n==========\n\nAdobe Reader is a closed-source PDF reader. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/acroread \u003c 9.5.5 \u003e= 9.5.5\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Adobe Reader. Please\nreview the CVE identifiers referenced below for details. A local attacker could gain privileges via\nunspecified vectors. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.5.5\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-1525\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525\n[ 2 ] CVE-2012-1530\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530\n[ 3 ] CVE-2012-2049\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049\n[ 4 ] CVE-2012-2050\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050\n[ 5 ] CVE-2012-2051\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051\n[ 6 ] CVE-2012-4147\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147\n[ 7 ] CVE-2012-4148\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748\n[ 8 ] CVE-2012-4149\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149\n[ 9 ] CVE-2012-4150\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150\n[ 10 ] CVE-2012-4151\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151\n[ 11 ] CVE-2012-4152\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152\n[ 12 ] CVE-2012-4153\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153\n[ 13 ] CVE-2012-4154\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154\n[ 14 ] CVE-2012-4155\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155\n[ 15 ] CVE-2012-4156\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156\n[ 16 ] CVE-2012-4157\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157\n[ 17 ] CVE-2012-4158\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158\n[ 18 ] CVE-2012-4159\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159\n[ 19 ] CVE-2012-4160\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160\n[ 20 ] CVE-2012-4363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363\n[ 21 ] CVE-2013-0601\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601\n[ 22 ] CVE-2013-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602\n[ 23 ] CVE-2013-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603\n[ 24 ] CVE-2013-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604\n[ 25 ] CVE-2013-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605\n[ 26 ] CVE-2013-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606\n[ 27 ] CVE-2013-0607\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607\n[ 28 ] CVE-2013-0608\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608\n[ 29 ] CVE-2013-0609\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609\n[ 30 ] CVE-2013-0610\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610\n[ 31 ] CVE-2013-0611\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611\n[ 32 ] CVE-2013-0612\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612\n[ 33 ] CVE-2013-0613\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613\n[ 34 ] CVE-2013-0614\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614\n[ 35 ] CVE-2013-0615\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615\n[ 36 ] CVE-2013-0616\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616\n[ 37 ] CVE-2013-0617\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617\n[ 38 ] CVE-2013-0618\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618\n[ 39 ] CVE-2013-0619\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619\n[ 40 ] CVE-2013-0620\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620\n[ 41 ] CVE-2013-0621\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621\n[ 42 ] CVE-2013-0622\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622\n[ 43 ] CVE-2013-0623\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623\n[ 44 ] CVE-2013-0624\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624\n[ 45 ] CVE-2013-0626\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626\n[ 46 ] CVE-2013-0627\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627\n[ 47 ] CVE-2013-0640\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640\n[ 48 ] CVE-2013-0641\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641\n[ 49 ] CVE-2013-2549\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549\n[ 50 ] CVE-2013-2550\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550\n[ 51 ] CVE-2013-2718\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718\n[ 52 ] CVE-2013-2719\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719\n[ 53 ] CVE-2013-2720\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720\n[ 54 ] CVE-2013-2721\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721\n[ 55 ] CVE-2013-2722\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722\n[ 56 ] CVE-2013-2723\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723\n[ 57 ] CVE-2013-2724\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724\n[ 58 ] CVE-2013-2725\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725\n[ 59 ] CVE-2013-2726\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726\n[ 60 ] CVE-2013-2727\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727\n[ 61 ] CVE-2013-2729\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729\n[ 62 ] CVE-2013-2730\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730\n[ 63 ] CVE-2013-2731\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731\n[ 64 ] CVE-2013-2732\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732\n[ 65 ] CVE-2013-2733\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733\n[ 66 ] CVE-2013-2734\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734\n[ 67 ] CVE-2013-2735\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735\n[ 68 ] CVE-2013-2736\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736\n[ 69 ] CVE-2013-2737\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737\n[ 70 ] CVE-2013-3337\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337\n[ 71 ] CVE-2013-3338\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338\n[ 72 ] CVE-2013-3339\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339\n[ 73 ] CVE-2013-3340\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340\n[ 74 ] CVE-2013-3341\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341\n[ 75 ] CVE-2013-3342\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201308-03.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ----------------------------------------------------------------------\n\nThe new Secunia CSI 6.0 is now available in beta!\nSeamless integration with your existing security solutions Sign-up to \nbecome a Beta tester: http://secunia.com/csi6beta\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50281\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50281/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nRELEASE DATE:\n2012-08-14\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50281/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50281/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader and Adobe\nAcrobat, which can be exploited by malicious people to compromise a\nuser\u0027s system. \n\n1) An unspecified error can be exploited to cause a stack-based\nbuffer overflow. \n\n2) An unspecified error can be exploited to cause a buffer overflow. \n\n3) An unspecified error can be exploited to corrupt memory. \n\n4) Another unspecified error can be exploited to corrupt memory. \n\n5) Another unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to cause a heap-based buffer\noverflow. \n\n7) Multiple unspecified errors can be exploited to corrupt memory. \n\n8) Two unspecified errors can be exploited to corrupt memory. \n\nNote: Vulnerability #8 affects the Macintosh platform only. \n\nSuccessful exploitation of the vulnerabilities may allow execution of\narbitrary code. \n\nSOLUTION:\nApply updates. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1) Pavel Polischouk, TELUS Security Labs\n2) An anonymous person via Beyond Security\n3) Mateusz Jurczyk, Google Security Team\n4, 8) James Quirk\n5) John Leitch, Microsoft\n6) Nicolas Gr\\xe9goire via iDefense\n7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team\n\nORIGINAL ADVISORY:\nhttp://www.adobe.com/support/security/bulletins/apsb12-16.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4147"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003635"
},
{
"db": "BID",
"id": "55006"
},
{
"db": "VULHUB",
"id": "VHN-57428"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-4147",
"trust": 2.9
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003635",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201208-246",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "50281",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "20325",
"trust": 0.6
},
{
"db": "BID",
"id": "55006",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-57428",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "122930",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "115524",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57428"
},
{
"db": "BID",
"id": "55006"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003635"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-246"
},
{
"db": "NVD",
"id": "CVE-2012-4147"
}
]
},
"id": "VAR-201208-0421",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-57428"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:07:50.166000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"title": "APSB12-16 (cq08100817)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/acrobat/kb/cq08100817.html"
},
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb12-16.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20120816.html"
},
{
"title": "AcrobatUpd1014",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44040"
},
{
"title": "AdbeRdrUpd952_all_ppc",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44044"
},
{
"title": "AcroProUpd952_all",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44039"
},
{
"title": "AdbeRdrUpd952_all_i386",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44043"
},
{
"title": "AcrobatUpd1014",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44038"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003635"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-246"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57428"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003635"
},
{
"db": "NVD",
"id": "CVE-2012-4147"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"trust": 1.2,
"url": "http://security.gentoo.org/glsa/glsa-201308-03.xml"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a15949"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4147"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2012/at120023.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4147"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50281"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/20325"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3338"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4147"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4155"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4152"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2729"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2718"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0611"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2719"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2722"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4147"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4152"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0620"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2725"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2721"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1525"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4153"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0607"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0617"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4151"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0615"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0601"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1525"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2735"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2726"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2737"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2549"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4154"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2727"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0608"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4157"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1530"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2734"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4157"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4153"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4150"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3342"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0641"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0610"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2731"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0623"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2049"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2733"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2736"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3337"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2050"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2720"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0614"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1530"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2730"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0616"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4151"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0619"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4150"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4154"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3341"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2550"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0640"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4155"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2049"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2732"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2724"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0612"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0613"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2723"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2050"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0621"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0601"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/"
},
{
"trust": 0.1,
"url": "http://secunia.com/csi6beta"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57428"
},
{
"db": "BID",
"id": "55006"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003635"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-246"
},
{
"db": "NVD",
"id": "CVE-2012-4147"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-57428"
},
{
"db": "BID",
"id": "55006"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003635"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-246"
},
{
"db": "NVD",
"id": "CVE-2012-4147"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-15T00:00:00",
"db": "VULHUB",
"id": "VHN-57428"
},
{
"date": "2012-08-14T00:00:00",
"db": "BID",
"id": "55006"
},
{
"date": "2012-08-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003635"
},
{
"date": "2013-08-23T06:29:02",
"db": "PACKETSTORM",
"id": "122930"
},
{
"date": "2012-08-14T04:36:45",
"db": "PACKETSTORM",
"id": "115524"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-246"
},
{
"date": "2012-08-15T10:31:41.117000",
"db": "NVD",
"id": "CVE-2012-4147"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-57428"
},
{
"date": "2013-08-26T06:14:00",
"db": "BID",
"id": "55006"
},
{
"date": "2012-08-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003635"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-246"
},
{
"date": "2017-09-19T01:35:16.340000",
"db": "NVD",
"id": "CVE-2012-4147"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-246"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X upper Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003635"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-246"
}
],
"trust": 0.6
}
}
var-201208-0431
Vulnerability from variot
Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE-2012-4151, CVE-2012-4152, CVE-2012-4153, CVE-2012-4154, CVE-2012-4155, CVE-2012-4156, CVE-2012-4157, CVE-2012-4158, CVE-2012-4159, and CVE-2012-4160. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201308-03
http://security.gentoo.org/
Severity: High Title: Adobe Reader: Multiple vulnerabilities Date: August 22, 2013 Bugs: #431732, #451058, #469960 ID: 201308-03
Synopsis
Multiple vulnerabilities have been found in Adobe Reader, including potential remote execution of arbitrary code and local privilege escalation.
Background
Adobe Reader is a closed-source PDF reader.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.5.5 >= 9.5.5
Description
Multiple vulnerabilities have been discovered in Adobe Reader. Please review the CVE identifiers referenced below for details. A local attacker could gain privileges via unspecified vectors.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.5.5"
References
[ 1 ] CVE-2012-1525 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525 [ 2 ] CVE-2012-1530 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530 [ 3 ] CVE-2012-2049 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049 [ 4 ] CVE-2012-2050 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050 [ 5 ] CVE-2012-2051 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051 [ 6 ] CVE-2012-4147 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147 [ 7 ] CVE-2012-4148 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748 [ 8 ] CVE-2012-4149 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149 [ 9 ] CVE-2012-4150 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150 [ 10 ] CVE-2012-4151 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151 [ 11 ] CVE-2012-4152 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152 [ 12 ] CVE-2012-4153 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153 [ 13 ] CVE-2012-4154 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154 [ 14 ] CVE-2012-4155 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155 [ 15 ] CVE-2012-4156 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156 [ 16 ] CVE-2012-4157 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157 [ 17 ] CVE-2012-4158 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158 [ 18 ] CVE-2012-4159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159 [ 19 ] CVE-2012-4160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160 [ 20 ] CVE-2012-4363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363 [ 21 ] CVE-2013-0601 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601 [ 22 ] CVE-2013-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602 [ 23 ] CVE-2013-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603 [ 24 ] CVE-2013-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604 [ 25 ] CVE-2013-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605 [ 26 ] CVE-2013-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606 [ 27 ] CVE-2013-0607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607 [ 28 ] CVE-2013-0608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608 [ 29 ] CVE-2013-0609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609 [ 30 ] CVE-2013-0610 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610 [ 31 ] CVE-2013-0611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611 [ 32 ] CVE-2013-0612 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612 [ 33 ] CVE-2013-0613 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613 [ 34 ] CVE-2013-0614 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614 [ 35 ] CVE-2013-0615 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615 [ 36 ] CVE-2013-0616 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616 [ 37 ] CVE-2013-0617 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617 [ 38 ] CVE-2013-0618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618 [ 39 ] CVE-2013-0619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619 [ 40 ] CVE-2013-0620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620 [ 41 ] CVE-2013-0621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621 [ 42 ] CVE-2013-0622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622 [ 43 ] CVE-2013-0623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623 [ 44 ] CVE-2013-0624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624 [ 45 ] CVE-2013-0626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626 [ 46 ] CVE-2013-0627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627 [ 47 ] CVE-2013-0640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640 [ 48 ] CVE-2013-0641 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641 [ 49 ] CVE-2013-2549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549 [ 50 ] CVE-2013-2550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550 [ 51 ] CVE-2013-2718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718 [ 52 ] CVE-2013-2719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719 [ 53 ] CVE-2013-2720 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720 [ 54 ] CVE-2013-2721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721 [ 55 ] CVE-2013-2722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722 [ 56 ] CVE-2013-2723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723 [ 57 ] CVE-2013-2724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724 [ 58 ] CVE-2013-2725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725 [ 59 ] CVE-2013-2726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726 [ 60 ] CVE-2013-2727 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727 [ 61 ] CVE-2013-2729 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729 [ 62 ] CVE-2013-2730 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730 [ 63 ] CVE-2013-2731 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731 [ 64 ] CVE-2013-2732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732 [ 65 ] CVE-2013-2733 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733 [ 66 ] CVE-2013-2734 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734 [ 67 ] CVE-2013-2735 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735 [ 68 ] CVE-2013-2736 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736 [ 69 ] CVE-2013-2737 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737 [ 70 ] CVE-2013-3337 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337 [ 71 ] CVE-2013-3338 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338 [ 72 ] CVE-2013-3339 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339 [ 73 ] CVE-2013-3340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340 [ 74 ] CVE-2013-3341 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341 [ 75 ] CVE-2013-3342 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201308-03.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . ----------------------------------------------------------------------
The new Secunia CSI 6.0 is now available in beta! Seamless integration with your existing security solutions Sign-up to become a Beta tester: http://secunia.com/csi6beta
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50281
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50281/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
RELEASE DATE: 2012-08-14
DISCUSS ADVISORY: http://secunia.com/advisories/50281/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50281/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.
1) An unspecified error can be exploited to cause a stack-based buffer overflow.
2) An unspecified error can be exploited to cause a buffer overflow.
3) An unspecified error can be exploited to corrupt memory.
4) Another unspecified error can be exploited to corrupt memory.
5) Another unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to cause a heap-based buffer overflow.
7) Multiple unspecified errors can be exploited to corrupt memory.
8) Two unspecified errors can be exploited to corrupt memory.
Note: Vulnerability #8 affects the Macintosh platform only.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
SOLUTION: Apply updates.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1) Pavel Polischouk, TELUS Security Labs 2) An anonymous person via Beyond Security 3) Mateusz Jurczyk, Google Security Team 4, 8) James Quirk 5) John Leitch, Microsoft 6) Nicolas Gr\xe9goire via iDefense 7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team
ORIGINAL ADVISORY: http://www.adobe.com/support/security/bulletins/apsb12-16.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201208-0431",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (windows and macintosh)"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (windows and macintosh)"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "55011"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003638"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-249"
},
{
"db": "NVD",
"id": "CVE-2012-4150"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003638"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mateusz Jurczyk and Gynvael Coldwind, of the Google Security Team",
"sources": [
{
"db": "BID",
"id": "55011"
}
],
"trust": 0.3
},
"cve": "CVE-2012-4150",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2012-4150",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-57431",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-4150",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2012-4150",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201208-249",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-57431",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2012-4150",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57431"
},
{
"db": "VULMON",
"id": "CVE-2012-4150"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003638"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-249"
},
{
"db": "NVD",
"id": "CVE-2012-4150"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE-2012-4151, CVE-2012-4152, CVE-2012-4153, CVE-2012-4154, CVE-2012-4155, CVE-2012-4156, CVE-2012-4157, CVE-2012-4158, CVE-2012-4159, and CVE-2012-4160. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201308-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Adobe Reader: Multiple vulnerabilities\n Date: August 22, 2013\n Bugs: #431732, #451058, #469960\n ID: 201308-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Adobe Reader, including\npotential remote execution of arbitrary code and local privilege\nescalation. \n\nBackground\n==========\n\nAdobe Reader is a closed-source PDF reader. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/acroread \u003c 9.5.5 \u003e= 9.5.5\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Adobe Reader. Please\nreview the CVE identifiers referenced below for details. A local attacker could gain privileges via\nunspecified vectors. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.5.5\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-1525\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525\n[ 2 ] CVE-2012-1530\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530\n[ 3 ] CVE-2012-2049\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049\n[ 4 ] CVE-2012-2050\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050\n[ 5 ] CVE-2012-2051\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051\n[ 6 ] CVE-2012-4147\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147\n[ 7 ] CVE-2012-4148\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748\n[ 8 ] CVE-2012-4149\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149\n[ 9 ] CVE-2012-4150\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150\n[ 10 ] CVE-2012-4151\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151\n[ 11 ] CVE-2012-4152\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152\n[ 12 ] CVE-2012-4153\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153\n[ 13 ] CVE-2012-4154\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154\n[ 14 ] CVE-2012-4155\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155\n[ 15 ] CVE-2012-4156\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156\n[ 16 ] CVE-2012-4157\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157\n[ 17 ] CVE-2012-4158\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158\n[ 18 ] CVE-2012-4159\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159\n[ 19 ] CVE-2012-4160\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160\n[ 20 ] CVE-2012-4363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363\n[ 21 ] CVE-2013-0601\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601\n[ 22 ] CVE-2013-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602\n[ 23 ] CVE-2013-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603\n[ 24 ] CVE-2013-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604\n[ 25 ] CVE-2013-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605\n[ 26 ] CVE-2013-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606\n[ 27 ] CVE-2013-0607\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607\n[ 28 ] CVE-2013-0608\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608\n[ 29 ] CVE-2013-0609\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609\n[ 30 ] CVE-2013-0610\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610\n[ 31 ] CVE-2013-0611\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611\n[ 32 ] CVE-2013-0612\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612\n[ 33 ] CVE-2013-0613\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613\n[ 34 ] CVE-2013-0614\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614\n[ 35 ] CVE-2013-0615\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615\n[ 36 ] CVE-2013-0616\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616\n[ 37 ] CVE-2013-0617\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617\n[ 38 ] CVE-2013-0618\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618\n[ 39 ] CVE-2013-0619\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619\n[ 40 ] CVE-2013-0620\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620\n[ 41 ] CVE-2013-0621\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621\n[ 42 ] CVE-2013-0622\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622\n[ 43 ] CVE-2013-0623\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623\n[ 44 ] CVE-2013-0624\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624\n[ 45 ] CVE-2013-0626\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626\n[ 46 ] CVE-2013-0627\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627\n[ 47 ] CVE-2013-0640\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640\n[ 48 ] CVE-2013-0641\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641\n[ 49 ] CVE-2013-2549\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549\n[ 50 ] CVE-2013-2550\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550\n[ 51 ] CVE-2013-2718\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718\n[ 52 ] CVE-2013-2719\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719\n[ 53 ] CVE-2013-2720\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720\n[ 54 ] CVE-2013-2721\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721\n[ 55 ] CVE-2013-2722\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722\n[ 56 ] CVE-2013-2723\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723\n[ 57 ] CVE-2013-2724\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724\n[ 58 ] CVE-2013-2725\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725\n[ 59 ] CVE-2013-2726\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726\n[ 60 ] CVE-2013-2727\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727\n[ 61 ] CVE-2013-2729\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729\n[ 62 ] CVE-2013-2730\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730\n[ 63 ] CVE-2013-2731\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731\n[ 64 ] CVE-2013-2732\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732\n[ 65 ] CVE-2013-2733\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733\n[ 66 ] CVE-2013-2734\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734\n[ 67 ] CVE-2013-2735\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735\n[ 68 ] CVE-2013-2736\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736\n[ 69 ] CVE-2013-2737\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737\n[ 70 ] CVE-2013-3337\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337\n[ 71 ] CVE-2013-3338\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338\n[ 72 ] CVE-2013-3339\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339\n[ 73 ] CVE-2013-3340\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340\n[ 74 ] CVE-2013-3341\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341\n[ 75 ] CVE-2013-3342\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201308-03.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ----------------------------------------------------------------------\n\nThe new Secunia CSI 6.0 is now available in beta!\nSeamless integration with your existing security solutions Sign-up to \nbecome a Beta tester: http://secunia.com/csi6beta\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50281\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50281/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nRELEASE DATE:\n2012-08-14\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50281/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50281/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader and Adobe\nAcrobat, which can be exploited by malicious people to compromise a\nuser\u0027s system. \n\n1) An unspecified error can be exploited to cause a stack-based\nbuffer overflow. \n\n2) An unspecified error can be exploited to cause a buffer overflow. \n\n3) An unspecified error can be exploited to corrupt memory. \n\n4) Another unspecified error can be exploited to corrupt memory. \n\n5) Another unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to cause a heap-based buffer\noverflow. \n\n7) Multiple unspecified errors can be exploited to corrupt memory. \n\n8) Two unspecified errors can be exploited to corrupt memory. \n\nNote: Vulnerability #8 affects the Macintosh platform only. \n\nSuccessful exploitation of the vulnerabilities may allow execution of\narbitrary code. \n\nSOLUTION:\nApply updates. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1) Pavel Polischouk, TELUS Security Labs\n2) An anonymous person via Beyond Security\n3) Mateusz Jurczyk, Google Security Team\n4, 8) James Quirk\n5) John Leitch, Microsoft\n6) Nicolas Gr\\xe9goire via iDefense\n7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team\n\nORIGINAL ADVISORY:\nhttp://www.adobe.com/support/security/bulletins/apsb12-16.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4150"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003638"
},
{
"db": "BID",
"id": "55011"
},
{
"db": "VULHUB",
"id": "VHN-57431"
},
{
"db": "VULMON",
"id": "CVE-2012-4150"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-4150",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003638",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "50281",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "20343",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201208-249",
"trust": 0.6
},
{
"db": "BID",
"id": "55011",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-57431",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2012-4150",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "122930",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "115524",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57431"
},
{
"db": "VULMON",
"id": "CVE-2012-4150"
},
{
"db": "BID",
"id": "55011"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003638"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-249"
},
{
"db": "NVD",
"id": "CVE-2012-4150"
}
]
},
"id": "VAR-201208-0431",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-57431"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:03:13.048000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"title": "APSB12-16 (cq08100817)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/acrobat/kb/cq08100817.html"
},
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb12-16.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20120816.html"
},
{
"title": "AcrobatUpd1014",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44040"
},
{
"title": "AdbeRdrUpd952_all_ppc",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44044"
},
{
"title": "AcroProUpd952_all",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44039"
},
{
"title": "AdbeRdrUpd952_all_i386",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44043"
},
{
"title": "AcrobatUpd1014",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44038"
},
{
"title": "AdbeRdrUpd1014",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44042"
},
{
"title": "AcrobatUpd952_all_incr",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44037"
},
{
"title": "AdbeRdrUpd952_all_incr",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44041"
},
{
"title": "AdbeRdrUpd1014",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44045"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003638"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-249"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57431"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003638"
},
{
"db": "NVD",
"id": "CVE-2012-4150"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"trust": 1.3,
"url": "http://security.gentoo.org/glsa/glsa-201308-03.xml"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16467"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4150"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2012/at120023.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4150"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50281"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/20343"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3338"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4147"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4155"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4152"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2729"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2718"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0611"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2719"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2722"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4147"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4152"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0620"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2725"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2721"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1525"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4153"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0607"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0617"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4151"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0615"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0601"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1525"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2735"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2726"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2737"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2549"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4154"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2727"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0608"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4157"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1530"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2734"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4157"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4153"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4150"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3342"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0641"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0610"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2731"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0623"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2049"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2733"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2736"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3337"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2050"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2720"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0614"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1530"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2730"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0616"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4151"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0619"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4150"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4154"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3341"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2550"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0640"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4155"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2049"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2732"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2724"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0612"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0613"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2723"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2050"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0621"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0601"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/"
},
{
"trust": 0.1,
"url": "http://secunia.com/csi6beta"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57431"
},
{
"db": "VULMON",
"id": "CVE-2012-4150"
},
{
"db": "BID",
"id": "55011"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003638"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-249"
},
{
"db": "NVD",
"id": "CVE-2012-4150"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-57431"
},
{
"db": "VULMON",
"id": "CVE-2012-4150"
},
{
"db": "BID",
"id": "55011"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003638"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-249"
},
{
"db": "NVD",
"id": "CVE-2012-4150"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-15T00:00:00",
"db": "VULHUB",
"id": "VHN-57431"
},
{
"date": "2012-08-15T00:00:00",
"db": "VULMON",
"id": "CVE-2012-4150"
},
{
"date": "2012-08-14T00:00:00",
"db": "BID",
"id": "55011"
},
{
"date": "2012-08-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003638"
},
{
"date": "2013-08-23T06:29:02",
"db": "PACKETSTORM",
"id": "122930"
},
{
"date": "2012-08-14T04:36:45",
"db": "PACKETSTORM",
"id": "115524"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-249"
},
{
"date": "2012-08-15T10:31:41.320000",
"db": "NVD",
"id": "CVE-2012-4150"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-57431"
},
{
"date": "2017-09-19T00:00:00",
"db": "VULMON",
"id": "CVE-2012-4150"
},
{
"date": "2013-08-26T08:09:00",
"db": "BID",
"id": "55011"
},
{
"date": "2012-08-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003638"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-249"
},
{
"date": "2017-09-19T01:35:16.637000",
"db": "NVD",
"id": "CVE-2012-4150"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-249"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X upper Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003638"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-249"
}
],
"trust": 0.6
}
}
var-201409-0421
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0565. Adobe Reader and Acrobat are prone to an unspecified remote code-execution vulnerability. Failed exploit attempts likely result in denial-of-service conditions. The affected products are: Adobe Reader 11.x versions prior to 11.0.09 Adobe Reader 10.x versions prior to 10.1.12 Adobe Acrobat 11.x versions prior to 11.0.09 Adobe Acrobat 10.x versions prior to 10.1.12. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201409-0421",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.007.20033"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.007.20033"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30033"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30033"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.008.20082"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.12)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.008.20082"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30060"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.12)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.15)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.15)"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
}
],
"sources": [
{
"db": "BID",
"id": "69825"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004244"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-584"
},
{
"db": "NVD",
"id": "CVE-2014-0566"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-004244"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wei Lei and Wu Hongjun of Nanyang Technological University",
"sources": [
{
"db": "BID",
"id": "69825"
}
],
"trust": 0.3
},
"cve": "CVE-2014-0566",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-0566",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-68059",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-0566",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-0566",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201409-584",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-68059",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68059"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004244"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-584"
},
{
"db": "NVD",
"id": "CVE-2014-0566"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0565. Adobe Reader and Acrobat are prone to an unspecified remote code-execution vulnerability. Failed exploit attempts likely result in denial-of-service conditions. \nThe affected products are:\nAdobe Reader 11.x versions prior to 11.0.09\nAdobe Reader 10.x versions prior to 10.1.12\nAdobe Acrobat 11.x versions prior to 11.0.09\nAdobe Acrobat 10.x versions prior to 10.1.12. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0566"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004244"
},
{
"db": "BID",
"id": "69825"
},
{
"db": "VULHUB",
"id": "VHN-68059"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0566",
"trust": 2.8
},
{
"db": "BID",
"id": "69825",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1030853",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1032892",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004244",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201409-584",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-68059",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68059"
},
{
"db": "BID",
"id": "69825"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004244"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-584"
},
{
"db": "NVD",
"id": "CVE-2014-0566"
}
]
},
"id": "VAR-201409-0421",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-68059"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:53.516000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-15",
"trust": 0.8,
"url": "https://helpx.adobe.com/security/products/reader/apsb15-15.html"
},
{
"title": "APSB14-20",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-20.html"
},
{
"title": "APSB14-20",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb14-20.html"
},
{
"title": "APSB15-15",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb15-15.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b (2014\u5e749\u670818\u65e5)",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20140918.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b (2015\u5e747\u670816\u65e5)",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150716.html"
},
{
"title": "AdbeRdrUpd10112",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51673"
},
{
"title": "AcrobatUpd10112",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51677"
},
{
"title": "AdbeRdrUpd11009",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51676"
},
{
"title": "AcrobatUpd11009",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51680"
},
{
"title": "AdbeRdrUpd10112",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51675"
},
{
"title": "AcrobatUpd10112",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51679"
},
{
"title": "AdbeRdrUpd11009",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51674"
},
{
"title": "AcrobatUpd11009",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51678"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-004244"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-584"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68059"
},
{
"db": "NVD",
"id": "CVE-2014-0566"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/69825"
},
{
"trust": 1.7,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-20.html"
},
{
"trust": 1.7,
"url": "https://helpx.adobe.com/security/products/reader/apsb15-15.html"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1030853"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1032892"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96003"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0566"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150715-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20140917-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140036.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150023.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0566"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=14605"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=16619"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/reader/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68059"
},
{
"db": "BID",
"id": "69825"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004244"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-584"
},
{
"db": "NVD",
"id": "CVE-2014-0566"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-68059"
},
{
"db": "BID",
"id": "69825"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004244"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-584"
},
{
"db": "NVD",
"id": "CVE-2014-0566"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-09-17T00:00:00",
"db": "VULHUB",
"id": "VHN-68059"
},
{
"date": "2014-09-16T00:00:00",
"db": "BID",
"id": "69825"
},
{
"date": "2014-09-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-004244"
},
{
"date": "2014-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201409-584"
},
{
"date": "2014-09-17T10:55:06.823000",
"db": "NVD",
"id": "CVE-2014-0566"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-68059"
},
{
"date": "2015-07-14T18:51:00",
"db": "BID",
"id": "69825"
},
{
"date": "2015-07-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-004244"
},
{
"date": "2020-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201409-584"
},
{
"date": "2021-09-08T17:19:27.303000",
"db": "NVD",
"id": "CVE-2014-0566"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201409-584"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-004244"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201409-584"
}
],
"trust": 0.6
}
}
var-201208-0527
Vulnerability from variot
Heap-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors. Adobe Acrobat and Reader are prone to a remote heap-based buffer-overflow vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201308-03
http://security.gentoo.org/
Severity: High Title: Adobe Reader: Multiple vulnerabilities Date: August 22, 2013 Bugs: #431732, #451058, #469960 ID: 201308-03
Synopsis
Multiple vulnerabilities have been found in Adobe Reader, including potential remote execution of arbitrary code and local privilege escalation.
Background
Adobe Reader is a closed-source PDF reader.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.5.5 >= 9.5.5
Description
Multiple vulnerabilities have been discovered in Adobe Reader. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open a specially crafted PDF file, possibly resulting in arbitrary code execution or a Denial of Service condition. A local attacker could gain privileges via unspecified vectors.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.5.5"
References
[ 1 ] CVE-2012-1525 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525 [ 2 ] CVE-2012-1530 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530 [ 3 ] CVE-2012-2049 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049 [ 4 ] CVE-2012-2050 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050 [ 5 ] CVE-2012-2051 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051 [ 6 ] CVE-2012-4147 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147 [ 7 ] CVE-2012-4148 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748 [ 8 ] CVE-2012-4149 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149 [ 9 ] CVE-2012-4150 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150 [ 10 ] CVE-2012-4151 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151 [ 11 ] CVE-2012-4152 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152 [ 12 ] CVE-2012-4153 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153 [ 13 ] CVE-2012-4154 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154 [ 14 ] CVE-2012-4155 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155 [ 15 ] CVE-2012-4156 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156 [ 16 ] CVE-2012-4157 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157 [ 17 ] CVE-2012-4158 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158 [ 18 ] CVE-2012-4159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159 [ 19 ] CVE-2012-4160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160 [ 20 ] CVE-2012-4363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363 [ 21 ] CVE-2013-0601 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601 [ 22 ] CVE-2013-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602 [ 23 ] CVE-2013-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603 [ 24 ] CVE-2013-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604 [ 25 ] CVE-2013-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605 [ 26 ] CVE-2013-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606 [ 27 ] CVE-2013-0607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607 [ 28 ] CVE-2013-0608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608 [ 29 ] CVE-2013-0609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609 [ 30 ] CVE-2013-0610 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610 [ 31 ] CVE-2013-0611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611 [ 32 ] CVE-2013-0612 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612 [ 33 ] CVE-2013-0613 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613 [ 34 ] CVE-2013-0614 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614 [ 35 ] CVE-2013-0615 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615 [ 36 ] CVE-2013-0616 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616 [ 37 ] CVE-2013-0617 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617 [ 38 ] CVE-2013-0618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618 [ 39 ] CVE-2013-0619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619 [ 40 ] CVE-2013-0620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620 [ 41 ] CVE-2013-0621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621 [ 42 ] CVE-2013-0622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622 [ 43 ] CVE-2013-0623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623 [ 44 ] CVE-2013-0624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624 [ 45 ] CVE-2013-0626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626 [ 46 ] CVE-2013-0627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627 [ 47 ] CVE-2013-0640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640 [ 48 ] CVE-2013-0641 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641 [ 49 ] CVE-2013-2549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549 [ 50 ] CVE-2013-2550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550 [ 51 ] CVE-2013-2718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718 [ 52 ] CVE-2013-2719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719 [ 53 ] CVE-2013-2720 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720 [ 54 ] CVE-2013-2721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721 [ 55 ] CVE-2013-2722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722 [ 56 ] CVE-2013-2723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723 [ 57 ] CVE-2013-2724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724 [ 58 ] CVE-2013-2725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725 [ 59 ] CVE-2013-2726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726 [ 60 ] CVE-2013-2727 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727 [ 61 ] CVE-2013-2729 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729 [ 62 ] CVE-2013-2730 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730 [ 63 ] CVE-2013-2731 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731 [ 64 ] CVE-2013-2732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732 [ 65 ] CVE-2013-2733 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733 [ 66 ] CVE-2013-2734 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734 [ 67 ] CVE-2013-2735 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735 [ 68 ] CVE-2013-2736 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736 [ 69 ] CVE-2013-2737 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737 [ 70 ] CVE-2013-3337 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337 [ 71 ] CVE-2013-3338 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338 [ 72 ] CVE-2013-3339 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339 [ 73 ] CVE-2013-3340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340 [ 74 ] CVE-2013-3341 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341 [ 75 ] CVE-2013-3342 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201308-03.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . ----------------------------------------------------------------------
The new Secunia CSI 6.0 is now available in beta! Seamless integration with your existing security solutions Sign-up to become a Beta tester: http://secunia.com/csi6beta
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50281
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50281/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
RELEASE DATE: 2012-08-14
DISCUSS ADVISORY: http://secunia.com/advisories/50281/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50281/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.
1) An unspecified error can be exploited to cause a stack-based buffer overflow.
2) An unspecified error can be exploited to cause a buffer overflow.
3) An unspecified error can be exploited to corrupt memory.
4) Another unspecified error can be exploited to corrupt memory.
5) Another unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to cause a heap-based buffer overflow.
7) Multiple unspecified errors can be exploited to corrupt memory.
8) Two unspecified errors can be exploited to corrupt memory.
Note: Vulnerability #8 affects the Macintosh platform only.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
SOLUTION: Apply updates.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1) Pavel Polischouk, TELUS Security Labs 2) An anonymous person via Beyond Security 3) Mateusz Jurczyk, Google Security Team 4, 8) James Quirk 5) John Leitch, Microsoft 6) Nicolas Gr\xe9goire via iDefense 7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team
ORIGINAL ADVISORY: http://www.adobe.com/support/security/bulletins/apsb12-16.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201208-0527",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (windows and macintosh)"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (windows and macintosh)"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "55027"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003631"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-242"
},
{
"db": "NVD",
"id": "CVE-2012-1525"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003631"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nicolas Gr\u0026eacute;goire through iDefense\u0027s Vulnerability Contributor Program.",
"sources": [
{
"db": "BID",
"id": "55027"
}
],
"trust": 0.3
},
"cve": "CVE-2012-1525",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2012-1525",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-54806",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-1525",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2012-1525",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201208-242",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-54806",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2012-1525",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54806"
},
{
"db": "VULMON",
"id": "CVE-2012-1525"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003631"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-242"
},
{
"db": "NVD",
"id": "CVE-2012-1525"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors. Adobe Acrobat and Reader are prone to a remote heap-based buffer-overflow vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201308-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Adobe Reader: Multiple vulnerabilities\n Date: August 22, 2013\n Bugs: #431732, #451058, #469960\n ID: 201308-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Adobe Reader, including\npotential remote execution of arbitrary code and local privilege\nescalation. \n\nBackground\n==========\n\nAdobe Reader is a closed-source PDF reader. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/acroread \u003c 9.5.5 \u003e= 9.5.5\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Adobe Reader. Please\nreview the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could entice a user to open a specially crafted PDF\nfile, possibly resulting in arbitrary code execution or a Denial of\nService condition. A local attacker could gain privileges via\nunspecified vectors. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.5.5\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-1525\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525\n[ 2 ] CVE-2012-1530\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530\n[ 3 ] CVE-2012-2049\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049\n[ 4 ] CVE-2012-2050\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050\n[ 5 ] CVE-2012-2051\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051\n[ 6 ] CVE-2012-4147\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147\n[ 7 ] CVE-2012-4148\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748\n[ 8 ] CVE-2012-4149\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149\n[ 9 ] CVE-2012-4150\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150\n[ 10 ] CVE-2012-4151\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151\n[ 11 ] CVE-2012-4152\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152\n[ 12 ] CVE-2012-4153\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153\n[ 13 ] CVE-2012-4154\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154\n[ 14 ] CVE-2012-4155\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155\n[ 15 ] CVE-2012-4156\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156\n[ 16 ] CVE-2012-4157\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157\n[ 17 ] CVE-2012-4158\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158\n[ 18 ] CVE-2012-4159\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159\n[ 19 ] CVE-2012-4160\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160\n[ 20 ] CVE-2012-4363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363\n[ 21 ] CVE-2013-0601\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601\n[ 22 ] CVE-2013-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602\n[ 23 ] CVE-2013-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603\n[ 24 ] CVE-2013-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604\n[ 25 ] CVE-2013-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605\n[ 26 ] CVE-2013-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606\n[ 27 ] CVE-2013-0607\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607\n[ 28 ] CVE-2013-0608\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608\n[ 29 ] CVE-2013-0609\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609\n[ 30 ] CVE-2013-0610\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610\n[ 31 ] CVE-2013-0611\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611\n[ 32 ] CVE-2013-0612\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612\n[ 33 ] CVE-2013-0613\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613\n[ 34 ] CVE-2013-0614\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614\n[ 35 ] CVE-2013-0615\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615\n[ 36 ] CVE-2013-0616\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616\n[ 37 ] CVE-2013-0617\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617\n[ 38 ] CVE-2013-0618\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618\n[ 39 ] CVE-2013-0619\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619\n[ 40 ] CVE-2013-0620\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620\n[ 41 ] CVE-2013-0621\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621\n[ 42 ] CVE-2013-0622\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622\n[ 43 ] CVE-2013-0623\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623\n[ 44 ] CVE-2013-0624\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624\n[ 45 ] CVE-2013-0626\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626\n[ 46 ] CVE-2013-0627\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627\n[ 47 ] CVE-2013-0640\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640\n[ 48 ] CVE-2013-0641\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641\n[ 49 ] CVE-2013-2549\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549\n[ 50 ] CVE-2013-2550\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550\n[ 51 ] CVE-2013-2718\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718\n[ 52 ] CVE-2013-2719\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719\n[ 53 ] CVE-2013-2720\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720\n[ 54 ] CVE-2013-2721\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721\n[ 55 ] CVE-2013-2722\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722\n[ 56 ] CVE-2013-2723\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723\n[ 57 ] CVE-2013-2724\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724\n[ 58 ] CVE-2013-2725\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725\n[ 59 ] CVE-2013-2726\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726\n[ 60 ] CVE-2013-2727\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727\n[ 61 ] CVE-2013-2729\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729\n[ 62 ] CVE-2013-2730\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730\n[ 63 ] CVE-2013-2731\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731\n[ 64 ] CVE-2013-2732\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732\n[ 65 ] CVE-2013-2733\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733\n[ 66 ] CVE-2013-2734\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734\n[ 67 ] CVE-2013-2735\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735\n[ 68 ] CVE-2013-2736\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736\n[ 69 ] CVE-2013-2737\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737\n[ 70 ] CVE-2013-3337\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337\n[ 71 ] CVE-2013-3338\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338\n[ 72 ] CVE-2013-3339\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339\n[ 73 ] CVE-2013-3340\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340\n[ 74 ] CVE-2013-3341\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341\n[ 75 ] CVE-2013-3342\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201308-03.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ----------------------------------------------------------------------\n\nThe new Secunia CSI 6.0 is now available in beta!\nSeamless integration with your existing security solutions Sign-up to \nbecome a Beta tester: http://secunia.com/csi6beta\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50281\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50281/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nRELEASE DATE:\n2012-08-14\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50281/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50281/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader and Adobe\nAcrobat, which can be exploited by malicious people to compromise a\nuser\u0027s system. \n\n1) An unspecified error can be exploited to cause a stack-based\nbuffer overflow. \n\n2) An unspecified error can be exploited to cause a buffer overflow. \n\n3) An unspecified error can be exploited to corrupt memory. \n\n4) Another unspecified error can be exploited to corrupt memory. \n\n5) Another unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to cause a heap-based buffer\noverflow. \n\n7) Multiple unspecified errors can be exploited to corrupt memory. \n\n8) Two unspecified errors can be exploited to corrupt memory. \n\nNote: Vulnerability #8 affects the Macintosh platform only. \n\nSuccessful exploitation of the vulnerabilities may allow execution of\narbitrary code. \n\nSOLUTION:\nApply updates. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1) Pavel Polischouk, TELUS Security Labs\n2) An anonymous person via Beyond Security\n3) Mateusz Jurczyk, Google Security Team\n4, 8) James Quirk\n5) John Leitch, Microsoft\n6) Nicolas Gr\\xe9goire via iDefense\n7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team\n\nORIGINAL ADVISORY:\nhttp://www.adobe.com/support/security/bulletins/apsb12-16.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1525"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003631"
},
{
"db": "BID",
"id": "55027"
},
{
"db": "VULHUB",
"id": "VHN-54806"
},
{
"db": "VULMON",
"id": "CVE-2012-1525"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-1525",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003631",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201208-242",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "50281",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "20329",
"trust": 0.6
},
{
"db": "BID",
"id": "55027",
"trust": 0.4
},
{
"db": "PACKETSTORM",
"id": "122930",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-54806",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2012-1525",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "115524",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54806"
},
{
"db": "VULMON",
"id": "CVE-2012-1525"
},
{
"db": "BID",
"id": "55027"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003631"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-242"
},
{
"db": "NVD",
"id": "CVE-2012-1525"
}
]
},
"id": "VAR-201208-0527",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-54806"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:07:11.071000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"title": "APSB12-16 (cq08100817)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/acrobat/kb/cq08100817.html"
},
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb12-16.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20120816.html"
},
{
"title": "radamsa-Fuzzer",
"trust": 0.1,
"url": "https://github.com/sunzu94/radamsa-Fuzzer "
},
{
"title": "RADAMSA",
"trust": 0.1,
"url": "https://github.com/StephenHaruna/RADAMSA "
},
{
"title": "radamsa",
"trust": 0.1,
"url": "https://github.com/Hwangtaewon/radamsa "
},
{
"title": "radamsa",
"trust": 0.1,
"url": "https://github.com/benoit-a/radamsa "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-1525"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003631"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54806"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003631"
},
{
"db": "NVD",
"id": "CVE-2012-1525"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"trust": 1.3,
"url": "http://security.gentoo.org/glsa/glsa-201308-03.xml"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16422"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1525"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2012/at120023.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-1525"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50281"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/20329"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=27044"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3338"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4147"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4155"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4152"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2729"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2718"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0611"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2719"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2722"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4147"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4152"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0620"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2725"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2721"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1525"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4153"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0607"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0617"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4151"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0615"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0601"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1525"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2735"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2726"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2737"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2549"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4154"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2727"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0608"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4157"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1530"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2734"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4157"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4153"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4150"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3342"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0641"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0610"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2731"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0623"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2049"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2733"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2736"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3337"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2050"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2720"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0614"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1530"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2730"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0616"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4151"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0619"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4150"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4154"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3341"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2550"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0640"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4155"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2049"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2732"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2724"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0612"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0613"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2723"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2050"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0621"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0601"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/"
},
{
"trust": 0.1,
"url": "http://secunia.com/csi6beta"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54806"
},
{
"db": "VULMON",
"id": "CVE-2012-1525"
},
{
"db": "BID",
"id": "55027"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003631"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-242"
},
{
"db": "NVD",
"id": "CVE-2012-1525"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-54806"
},
{
"db": "VULMON",
"id": "CVE-2012-1525"
},
{
"db": "BID",
"id": "55027"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003631"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-242"
},
{
"db": "NVD",
"id": "CVE-2012-1525"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-15T00:00:00",
"db": "VULHUB",
"id": "VHN-54806"
},
{
"date": "2012-08-15T00:00:00",
"db": "VULMON",
"id": "CVE-2012-1525"
},
{
"date": "2012-08-14T00:00:00",
"db": "BID",
"id": "55027"
},
{
"date": "2012-08-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003631"
},
{
"date": "2013-08-23T06:29:02",
"db": "PACKETSTORM",
"id": "122930"
},
{
"date": "2012-08-14T04:36:45",
"db": "PACKETSTORM",
"id": "115524"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-242"
},
{
"date": "2012-08-15T10:31:40.630000",
"db": "NVD",
"id": "CVE-2012-1525"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-54806"
},
{
"date": "2017-09-19T00:00:00",
"db": "VULMON",
"id": "CVE-2012-1525"
},
{
"date": "2013-08-26T08:09:00",
"db": "BID",
"id": "55027"
},
{
"date": "2012-08-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003631"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-242"
},
{
"date": "2017-09-19T01:34:45.997000",
"db": "NVD",
"id": "CVE-2012-1525"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-242"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X upper Adobe Reader and Acrobat Heap-based buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003631"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-242"
}
],
"trust": 0.6
}
}
var-201409-0420
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0566. Adobe Reader and Acrobat are prone to an unspecified remote code-execution vulnerability. Failed exploit attempts likely result in denial-of-service conditions. The affected products are: Adobe Reader 11.x versions prior to 11.0.09 Adobe Reader 10.x versions prior to 10.1.12 Adobe Acrobat 11.x versions prior to 11.0.09 Adobe Acrobat 10.x versions prior to 10.1.12. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201409-0420",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.09)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.12)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.09)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.12)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "69824"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004243"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-583"
},
{
"db": "NVD",
"id": "CVE-2014-0565"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-004243"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wei Lei and Wu Hongjun of Nanyang Technological University",
"sources": [
{
"db": "BID",
"id": "69824"
}
],
"trust": 0.3
},
"cve": "CVE-2014-0565",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-0565",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-68058",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-0565",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-0565",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201409-583",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-68058",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2014-0565",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68058"
},
{
"db": "VULMON",
"id": "CVE-2014-0565"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004243"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-583"
},
{
"db": "NVD",
"id": "CVE-2014-0565"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0566. Adobe Reader and Acrobat are prone to an unspecified remote code-execution vulnerability. Failed exploit attempts likely result in denial-of-service conditions. \nThe affected products are:\nAdobe Reader 11.x versions prior to 11.0.09\nAdobe Reader 10.x versions prior to 10.1.12\nAdobe Acrobat 11.x versions prior to 11.0.09\nAdobe Acrobat 10.x versions prior to 10.1.12. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0565"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004243"
},
{
"db": "BID",
"id": "69824"
},
{
"db": "VULHUB",
"id": "VHN-68058"
},
{
"db": "VULMON",
"id": "CVE-2014-0565"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0565",
"trust": 2.9
},
{
"db": "BID",
"id": "69824",
"trust": 1.5
},
{
"db": "SECTRACK",
"id": "1030853",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004243",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201409-583",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-68058",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2014-0565",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68058"
},
{
"db": "VULMON",
"id": "CVE-2014-0565"
},
{
"db": "BID",
"id": "69824"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004243"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-583"
},
{
"db": "NVD",
"id": "CVE-2014-0565"
}
]
},
"id": "VAR-201409-0420",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-68058"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:53.158000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB14-20",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-20.html"
},
{
"title": "APSB14-20",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb14-20.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20140918.html"
},
{
"title": "AdbeRdrUpd11009",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51674"
},
{
"title": "AcrobatUpd11009",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51678"
},
{
"title": "AdbeRdrUpd10112",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51673"
},
{
"title": "AcrobatUpd10112",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51677"
},
{
"title": "AdbeRdrUpd11009",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51676"
},
{
"title": "AcrobatUpd11009",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51680"
},
{
"title": "AdbeRdrUpd10112",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51675"
},
{
"title": "AcrobatUpd10112",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51679"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-004243"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-583"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68058"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004243"
},
{
"db": "NVD",
"id": "CVE-2014-0565"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-20.html"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/69824"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1030853"
},
{
"trust": 1.2,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96002"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0565"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20140917-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140036.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0565"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=14605"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/reader/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://www.rapid7.com/db/vulnerabilities/adobe-reader-apsb15-15-cve-2014-0566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/69824"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68058"
},
{
"db": "VULMON",
"id": "CVE-2014-0565"
},
{
"db": "BID",
"id": "69824"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004243"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-583"
},
{
"db": "NVD",
"id": "CVE-2014-0565"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-68058"
},
{
"db": "VULMON",
"id": "CVE-2014-0565"
},
{
"db": "BID",
"id": "69824"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004243"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-583"
},
{
"db": "NVD",
"id": "CVE-2014-0565"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-09-17T00:00:00",
"db": "VULHUB",
"id": "VHN-68058"
},
{
"date": "2014-09-17T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0565"
},
{
"date": "2014-09-16T00:00:00",
"db": "BID",
"id": "69824"
},
{
"date": "2014-09-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-004243"
},
{
"date": "2014-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201409-583"
},
{
"date": "2014-09-17T10:55:06.777000",
"db": "NVD",
"id": "CVE-2014-0565"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-68058"
},
{
"date": "2017-08-29T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0565"
},
{
"date": "2014-09-16T00:00:00",
"db": "BID",
"id": "69824"
},
{
"date": "2014-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-004243"
},
{
"date": "2014-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201409-583"
},
{
"date": "2017-08-29T01:34:12.670000",
"db": "NVD",
"id": "CVE-2014-0565"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201409-583"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-004243"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201409-583"
}
],
"trust": 0.6
}
}
var-201510-0337
Vulnerability from variot
The ANRunSharedReviewEmailStep method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the ANRunSharedReviewEmailStep method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the ANRunSharedReviewEmailStep method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0337",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-506"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005277"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-233"
},
{
"db": "NVD",
"id": "CVE-2015-6720"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005277"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Matt Molinyawe and Jasiel Spelman of HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-506"
}
],
"trust": 0.7
},
"cve": "CVE-2015-6720",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6720",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.7,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-6720",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84681",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6720",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6720",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-6720",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-233",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-84681",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-506"
},
{
"db": "VULHUB",
"id": "VHN-84681"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005277"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-233"
},
{
"db": "NVD",
"id": "CVE-2015-6720"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The ANRunSharedReviewEmailStep method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the ANRunSharedReviewEmailStep method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the ANRunSharedReviewEmailStep method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6720"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005277"
},
{
"db": "ZDI",
"id": "ZDI-15-506"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "VULHUB",
"id": "VHN-84681"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6720",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-506",
"trust": 2.4
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005277",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3090",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-233",
"trust": 0.7
},
{
"db": "BID",
"id": "77074",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84681",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-506"
},
{
"db": "VULHUB",
"id": "VHN-84681"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005277"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-233"
},
{
"db": "NVD",
"id": "CVE-2015-6720"
}
]
},
"id": "VAR-201510-0337",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84681"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:36.254000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product Privilege License and Access Control Vulnerability Fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58082"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-506"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005277"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-233"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84681"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005277"
},
{
"db": "NVD",
"id": "CVE-2015-6720"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-506"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6720"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6720"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-506"
},
{
"db": "VULHUB",
"id": "VHN-84681"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005277"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-233"
},
{
"db": "NVD",
"id": "CVE-2015-6720"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-506"
},
{
"db": "VULHUB",
"id": "VHN-84681"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005277"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-233"
},
{
"db": "NVD",
"id": "CVE-2015-6720"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-506"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84681"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005277"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-233"
},
{
"date": "2015-10-14T23:59:41.617000",
"db": "NVD",
"id": "CVE-2015-6720"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-506"
},
{
"date": "2020-05-18T00:00:00",
"db": "VULHUB",
"id": "VHN-84681"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005277"
},
{
"date": "2020-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-233"
},
{
"date": "2021-09-08T17:19:32.333000",
"db": "NVD",
"id": "CVE-2015-6720"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-233"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of ANRunSharedReviewEmailStep In the method JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005277"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-233"
}
],
"trust": 0.6
}
}
var-201006-0264
Vulnerability from variot
Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a PDF file containing Flash content with a crafted #1023 (3FFh) tag, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2209, CVE-2010-2210, and CVE-2010-2211. Adobe Reader and Acrobat Contains a buffer overflow vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. NOTE: This issue was previously covered in BID 41130 (Adobe Acrobat and Reader Prior to 9.3.3 Multiple Remote Vulnerabilities) but has been given its own record to better document it. They are used to create, view, search, digitally sign, verify, print, and collaborate on Adobe PDF files."
II. Binary Analysis & Proof-of-concept
In-depth binary analysis of the vulnerability and a code execution exploit are available through the VUPEN Binary Analysis & Exploits Service :
http://www.vupen.com/english/services/ba-index.php
V.
VI. CREDIT
This vulnerability was discovered by Nicolas Joly of VUPEN Security
VII. ABOUT VUPEN Security
VUPEN is a leading IT security research company providing vulnerability management and security intelligence solutions which enable enterprises and institutions to eliminate vulnerabilities before they can be exploited, ensure security policy compliance and meaningfully measure and manage risks.
Governmental and federal agencies, and global enterprises in the financial services, insurance, manufacturing and technology industries rely on VUPEN to improve their security, prioritize resources, cut time and costs, and stay ahead of the latest threats.
-
VUPEN Vulnerability Notification Service (VNS) : http://www.vupen.com/english/services/vns-index.php
-
VUPEN Binary Analysis & Exploits Service (BAE) : http://www.vupen.com/english/services/ba-index.php
-
VUPEN Threat Protection Program for Govs (TPP) : http://www.vupen.com/english/services/tpp-index.php
-
VUPEN Web Application Security Scanner (WASS) : http://www.vupen.com/english/services/wass-index.php
VIII. REFERENCES
http://www.vupen.com/english/advisories/2010/1636 http://www.adobe.com/support/security/bulletins/apsb10-15.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212
IX. DISCLOSURE TIMELINE
2009-09-06 - Vendor notified 2009-09-06 - Vendor response 2010-03-08 - Status update received 2010-06-20 - Status update received 2010-06-29 - Coordinated public Disclosure . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201009-05
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: September 07, 2010 Bugs: #297385, #306429, #313343, #322857 ID: 201009-05
Synopsis
Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code or other attacks. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.3.4"
References
[ 1 ] APSA10-01 http://www.adobe.com/support/security/advisories/apsa10-01.html [ 2 ] APSB10-02 http://www.adobe.com/support/security/bulletins/apsb10-02.html [ 3 ] APSB10-07 http://www.adobe.com/support/security/bulletins/apsb10-07.html [ 4 ] APSB10-09 http://www.adobe.com/support/security/bulletins/apsb10-09.html [ 5 ] APSB10-14 http://www.adobe.com/support/security/bulletins/apsb10-14.html [ 6 ] APSB10-16 http://www.adobe.com/support/security/bulletins/apsb10-16.html [ 7 ] CVE-2009-3953 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953 [ 8 ] CVE-2009-4324 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324 [ 9 ] CVE-2010-0186 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186 [ 10 ] CVE-2010-0188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188 [ 11 ] CVE-2010-0190 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190 [ 12 ] CVE-2010-0191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191 [ 13 ] CVE-2010-0192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192 [ 14 ] CVE-2010-0193 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193 [ 15 ] CVE-2010-0194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194 [ 16 ] CVE-2010-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195 [ 17 ] CVE-2010-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196 [ 18 ] CVE-2010-0197 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197 [ 19 ] CVE-2010-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198 [ 20 ] CVE-2010-0199 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199 [ 21 ] CVE-2010-0201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201 [ 22 ] CVE-2010-0202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202 [ 23 ] CVE-2010-0203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203 [ 24 ] CVE-2010-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204 [ 25 ] CVE-2010-1241 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241 [ 26 ] CVE-2010-1285 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285 [ 27 ] CVE-2010-1295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295 [ 28 ] CVE-2010-1297 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297 [ 29 ] CVE-2010-2168 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168 [ 30 ] CVE-2010-2201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201 [ 31 ] CVE-2010-2202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202 [ 32 ] CVE-2010-2203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203 [ 33 ] CVE-2010-2204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204 [ 34 ] CVE-2010-2205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205 [ 35 ] CVE-2010-2206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206 [ 36 ] CVE-2010-2207 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207 [ 37 ] CVE-2010-2208 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208 [ 38 ] CVE-2010-2209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209 [ 39 ] CVE-2010-2210 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210 [ 40 ] CVE-2010-2211 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211 [ 41 ] CVE-2010-2212 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201009-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. ----------------------------------------------------------------------
Secunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management
Free webinars
http://secunia.com/vulnerability_scanning/corporate/webinars/
TITLE: Adobe Flash Player Unspecified Code Execution Vulnerability
SECUNIA ADVISORY ID: SA40026
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/40026/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=40026
RELEASE DATE: 2010-06-05
DISCUSS ADVISORY: http://secunia.com/advisories/40026/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/40026/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=40026
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an unspecified error. No more information is currently available.
The vulnerability is reported in version 10.0.45.2 and prior 10.0.x and 9.0.x versions for Windows, Macintosh, Linux, and Solaris.
NOTE: The vulnerability is reportedly being actively exploited.
SOLUTION: Reportedly, the latest version 10.1 Release Candidate is not affected.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day.
ORIGINAL ADVISORY: Adobe: http://www.adobe.com/support/security/advisories/apsa10-01.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA10-159A
Adobe Flash, Reader, and Acrobat Vulnerability
Original release date: June 08, 2010 Last revised: -- Source: US-CERT
Systems Affected
* Adobe Flash Player 10.0.45.2 and earlier 10.x versions
* Adobe Flash Player 9.0.262 and earlier 9.x versions
* Adobe Reader 9.3.2 and earlier 9.x versions
* Adobe Acrobat 9.3.2 and earlier 9.x versions
Other Adobe products that support Flash may also be vulnerable.
Overview
According to Adobe, there is a vulnerability in Adobe Flash. This vulnerability affects Flash Player, Reader, Acrobat, and possibly other products that support Flash.
I. It may also affect other products that independently support Flash, such as Photoshop, Photoshop Lightroom, Freehand MX, and Fireworks.
An attacker could exploit this vulnerability by convincing a user to open specially crafted Flash content. Flash content is commonly hosted on a web page, but it can also be embedded in PDF and other documents or provided as a stand-alone file.
II.
III. Solution
Update
Adobe Security Advisory APSA10-01 suggests updating to the release candidate of Flash Player 10.1.
Disable Flash in your web browser
Uninstall Flash or restrict which sites are allowed to run Flash. To the extent possible, only run trusted Flash content on trusted domains. For more information, see Securing Your Web Browser.
Disable Flash in Adobe Reader and Acrobat
Disabling Flash in Adobe Reader will mitigate attacks that rely on Flash content embedded in a PDF file. Disabling 3D & Multimedia support does not directly address the vulnerability, but it does provide additional mitigation and results in a more user-friendly error message instead of a crash. To disable Flash and 3D & Multimedia support in Adobe Reader 9, delete, rename, or remove access to these files:
Microsoft Windows
"%ProgramFiles%\Adobe\Reader 9.0\Reader\authplay.dll"
"%ProgramFiles%\Adobe\Reader 9.0\Reader\rt3d.dll"
Apple Mac OS X
"/Applications/Adobe Reader 9/Adobe
Reader.app/Contents/Frameworks/AuthPlayLib.bundle"
"/Applications/Adobe Reader 9/Adobe
Reader.app/Contents/Frameworks/Adobe3D.framework"
GNU/Linux (locations may vary among distributions)
"/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so"
"/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so"
File locations may be different for Adobe Acrobat or other Adobe products that include Flash and 3D & Multimedia support. Disabling these plugins will reduce functionality and will not protect against Flash content hosted on websites. Depending on the update schedule for products other than Flash Player, consider leaving Flash and 3D & Multimedia support disabled unless they are absolutely required.
Prevent Internet Explorer from automatically opening PDF documents
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7]
"EditFlags"=hex:00,00,00,00
Disable the display of PDF documents in the web browser
Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF documents from automatically being opened in a web browser, do the following:
1.
2. Open the Edit menu.
3. Choose the Preferences option.
4. Choose the Internet section.
5. Uncheck the "Display PDF in browser" checkbox.
Disable JavaScript in Adobe Reader and Acrobat
Disabling JavaScript provides some additional protection against attacks. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Enable DEP in Microsoft Windows
Consider enabling Data Execution Prevention (DEP) in supported versions of Windows. DEP should not be treated as a complete workaround, but it can mitigate the execution of attacker-supplied code in some cases. Microsoft has published detailed technical information about DEP in Security Research & Defense blog posts "Understanding DEP as a mitigation technology" part 1 and part 2. Use of DEP should be considered in conjunction with the application of patches or other mitigations described in this document.
Do not access PDF documents from untrusted sources
Do not open unfamiliar or unexpected PDF documents, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. References
-
Security Advisory for Flash Player, Adobe Reader and Acrobat - http://www.adobe.com/support/security/advisories/apsa10-01.html
-
Adobe Labs - Flash Player 10 pre-release - http://labs.adobe.com/technologies/flashplayer10/
-
US-CERT Vulnerability Note VU#486225 - http://www.kb.cert.org/vuls/id/486225
-
Securing Your Web Browser - http://www.us-cert.gov/reading_room/securing_browser/
-
Understanding DEP as a mitigation technology part 1 - http://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx
-
Understanding DEP as a mitigation technology part 2 - http://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA10-159A.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA10-159A Feedback VU#486225" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
June 08, 2010: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBTA65yT6pPKYJORa3AQLS9wf/fh+7IwRtBvoPgn8pYeOsVheLkbVLWC3W miWUnY1acuPTwZzG5JcAldRHksFkx1j0mMEvp4PhtiTr51JFPi4XgDfrG4cEcVaw nuAqEV+hLAWZkMex/jWxBV+85tZqKN0kiUr3bq5DPsdkhjV7c2MFfS8BSxLXLuPm OFAXPT+XFldq6MJhYUOtWT1CIz6PNPfo68KmZaUThjdqkkBW3HQu90OSRf2c6M/u V6KBQf7QuhpPqYUqAZU6ZUNEfL/7g2BwvuPjUMlgE5N+Z8EYnhyhu0qDtZeLUcXA 2gH31VEr79DUHJqpb9jk61bi5Dm4gjHeLHoTAwu0IrduZzXvWncfIg== =ZPZM -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201006-0264",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.4.z (server)"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "BID",
"id": "41245"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001718"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-490"
},
{
"db": "NVD",
"id": "CVE-2010-2212"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001718"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nicolas Joly of VUPEN Vulnerability Research Team",
"sources": [
{
"db": "BID",
"id": "41245"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-490"
}
],
"trust": 0.9
},
"cve": "CVE-2010-2212",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-2212",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CARNEGIE MELLON",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 9.0,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 7.0,
"exploitability": "PROOF-OF-CONCEPT",
"exploitabilityScore": 8.6,
"id": "VU#486225",
"impactScore": 9.5,
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "OFFICIAL FIX",
"reportConfidence": "CONFIRMED",
"severity": "HIGH",
"targetDistribution": "NOT DEFINED",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-44817",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-2212",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#486225",
"trust": 0.8,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2010-2212",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201006-490",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-44817",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2010-2212",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44817"
},
{
"db": "VULMON",
"id": "CVE-2010-2212"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001718"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-490"
},
{
"db": "NVD",
"id": "CVE-2010-2212"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a PDF file containing Flash content with a crafted #1023 (3FFh) tag, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2209, CVE-2010-2210, and CVE-2010-2211. Adobe Reader and Acrobat Contains a buffer overflow vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. \nNOTE: This issue was previously covered in BID 41130 (Adobe Acrobat and Reader Prior to 9.3.3 Multiple Remote Vulnerabilities) but has been given its own record to better document it. They are used to create, view, search, digitally\nsign, verify, print, and collaborate on Adobe PDF files.\"\n\n\nII. Binary Analysis \u0026 Proof-of-concept\n---------------------------------------\n\nIn-depth binary analysis of the vulnerability and a code execution exploit\nare available through the VUPEN Binary Analysis \u0026 Exploits Service :\n\nhttp://www.vupen.com/english/services/ba-index.php\n\n\nV. \n\n\nVI. CREDIT\n--------------\n\nThis vulnerability was discovered by Nicolas Joly of VUPEN Security\n\n\nVII. ABOUT VUPEN Security\n---------------------------\n\nVUPEN is a leading IT security research company providing vulnerability\nmanagement and security intelligence solutions which enable enterprises\nand institutions to eliminate vulnerabilities before they can be exploited,\nensure security policy compliance and meaningfully measure and manage risks. \n\nGovernmental and federal agencies, and global enterprises in the financial\nservices, insurance, manufacturing and technology industries rely on VUPEN\nto improve their security, prioritize resources, cut time and costs, and\nstay ahead of the latest threats. \n\n* VUPEN Vulnerability Notification Service (VNS) :\nhttp://www.vupen.com/english/services/vns-index.php\n\n* VUPEN Binary Analysis \u0026 Exploits Service (BAE) :\nhttp://www.vupen.com/english/services/ba-index.php\n\n* VUPEN Threat Protection Program for Govs (TPP) :\nhttp://www.vupen.com/english/services/tpp-index.php\n\n* VUPEN Web Application Security Scanner (WASS) :\nhttp://www.vupen.com/english/services/wass-index.php\n\n\nVIII. REFERENCES\n----------------------\n\nhttp://www.vupen.com/english/advisories/2010/1636\nhttp://www.adobe.com/support/security/bulletins/apsb10-15.html\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212\n\n\nIX. DISCLOSURE TIMELINE\n-----------------------------\n\n2009-09-06 - Vendor notified\n2009-09-06 - Vendor response\n2010-03-08 - Status update received\n2010-06-20 - Status update received\n2010-06-29 - Coordinated public Disclosure\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201009-05\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: September 07, 2010\n Bugs: #297385, #306429, #313343, #322857\n ID: 201009-05\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might result in the execution\nof arbitrary code or other attacks. For further\ninformation please consult the CVE entries and the Adobe Security\nBulletins referenced below. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.3.4\"\n\nReferences\n==========\n\n [ 1 ] APSA10-01\n http://www.adobe.com/support/security/advisories/apsa10-01.html\n [ 2 ] APSB10-02\n http://www.adobe.com/support/security/bulletins/apsb10-02.html\n [ 3 ] APSB10-07\n http://www.adobe.com/support/security/bulletins/apsb10-07.html\n [ 4 ] APSB10-09\n http://www.adobe.com/support/security/bulletins/apsb10-09.html\n [ 5 ] APSB10-14\n http://www.adobe.com/support/security/bulletins/apsb10-14.html\n [ 6 ] APSB10-16\n http://www.adobe.com/support/security/bulletins/apsb10-16.html\n [ 7 ] CVE-2009-3953\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953\n [ 8 ] CVE-2009-4324\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324\n [ 9 ] CVE-2010-0186\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186\n [ 10 ] CVE-2010-0188\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188\n [ 11 ] CVE-2010-0190\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190\n [ 12 ] CVE-2010-0191\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191\n [ 13 ] CVE-2010-0192\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192\n [ 14 ] CVE-2010-0193\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193\n [ 15 ] CVE-2010-0194\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194\n [ 16 ] CVE-2010-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195\n [ 17 ] CVE-2010-0196\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196\n [ 18 ] CVE-2010-0197\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197\n [ 19 ] CVE-2010-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198\n [ 20 ] CVE-2010-0199\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199\n [ 21 ] CVE-2010-0201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201\n [ 22 ] CVE-2010-0202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202\n [ 23 ] CVE-2010-0203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203\n [ 24 ] CVE-2010-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204\n [ 25 ] CVE-2010-1241\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241\n [ 26 ] CVE-2010-1285\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285\n [ 27 ] CVE-2010-1295\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295\n [ 28 ] CVE-2010-1297\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297\n [ 29 ] CVE-2010-2168\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168\n [ 30 ] CVE-2010-2201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201\n [ 31 ] CVE-2010-2202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202\n [ 32 ] CVE-2010-2203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203\n [ 33 ] CVE-2010-2204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204\n [ 34 ] CVE-2010-2205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205\n [ 35 ] CVE-2010-2206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206\n [ 36 ] CVE-2010-2207\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207\n [ 37 ] CVE-2010-2208\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208\n [ 38 ] CVE-2010-2209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209\n [ 39 ] CVE-2010-2210\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210\n [ 40 ] CVE-2010-2211\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211\n [ 41 ] CVE-2010-2212\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201009-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. ----------------------------------------------------------------------\n\n\nSecunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management\n\nFree webinars\n\nhttp://secunia.com/vulnerability_scanning/corporate/webinars/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player Unspecified Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA40026\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/40026/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026\n\nRELEASE DATE:\n2010-06-05\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/40026/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/40026/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in Adobe Flash Player, which can be\nexploited by malicious people to compromise a user\u0027s system. \n\nThe vulnerability is caused due to an unspecified error. No more\ninformation is currently available. \n\nThe vulnerability is reported in version 10.0.45.2 and prior 10.0.x\nand 9.0.x versions for Windows, Macintosh, Linux, and Solaris. \n\nNOTE: The vulnerability is reportedly being actively exploited. \n\nSOLUTION:\nReportedly, the latest version 10.1 Release Candidate is not\naffected. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\nReported as a 0-day. \n\nORIGINAL ADVISORY:\nAdobe:\nhttp://www.adobe.com/support/security/advisories/apsa10-01.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n National Cyber Alert System\n\n Technical Cyber Security Alert TA10-159A\n\n\nAdobe Flash, Reader, and Acrobat Vulnerability\n\n Original release date: June 08, 2010\n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n * Adobe Flash Player 10.0.45.2 and earlier 10.x versions\n * Adobe Flash Player 9.0.262 and earlier 9.x versions\n * Adobe Reader 9.3.2 and earlier 9.x versions\n * Adobe Acrobat 9.3.2 and earlier 9.x versions\n\n Other Adobe products that support Flash may also be vulnerable. \n\n\nOverview\n\n According to Adobe, there is a vulnerability in Adobe Flash. This\n vulnerability affects Flash Player, Reader, Acrobat, and possibly\n other products that support Flash. \n\n\nI. It may\n also affect other products that independently support Flash, such\n as Photoshop, Photoshop Lightroom, Freehand MX, and Fireworks. \n\n An attacker could exploit this vulnerability by convincing a user\n to open specially crafted Flash content. Flash content is commonly\n hosted on a web page, but it can also be embedded in PDF and other\n documents or provided as a stand-alone file. \n\n\nII. \n\n\nIII. Solution\n\n Update\n\n Adobe Security Advisory APSA10-01 suggests updating to the release\n candidate of Flash Player 10.1. \n\n Disable Flash in your web browser\n\n Uninstall Flash or restrict which sites are allowed to run Flash. \n To the extent possible, only run trusted Flash content on trusted\n domains. For more information, see Securing Your Web Browser. \n\n Disable Flash in Adobe Reader and Acrobat\n\n Disabling Flash in Adobe Reader will mitigate attacks that rely on\n Flash content embedded in a PDF file. Disabling 3D \u0026 Multimedia\n support does not directly address the vulnerability, but it does\n provide additional mitigation and results in a more user-friendly\n error message instead of a crash. To disable Flash and 3D \u0026\n Multimedia support in Adobe Reader 9, delete, rename, or remove\n access to these files:\n\n Microsoft Windows\n\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\authplay.dll\"\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\rt3d.dll\"\n\n Apple Mac OS X\n\n \"/Applications/Adobe Reader 9/Adobe\n Reader.app/Contents/Frameworks/AuthPlayLib.bundle\"\n \"/Applications/Adobe Reader 9/Adobe\n Reader.app/Contents/Frameworks/Adobe3D.framework\"\n\n\n GNU/Linux (locations may vary among distributions)\n\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so\"\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so\"\n\n File locations may be different for Adobe Acrobat or other Adobe\n products that include Flash and 3D \u0026 Multimedia support. Disabling\n these plugins will reduce functionality and will not protect\n against Flash content hosted on websites. Depending on the update\n schedule for products other than Flash Player, consider leaving\n Flash and 3D \u0026 Multimedia support disabled unless they are\n absolutely required. \n\n Prevent Internet Explorer from automatically opening PDF documents\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF documents in the web browser\n\n Preventing PDF documents from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF documents from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. \n\n Disable JavaScript in Adobe Reader and Acrobat\n\n Disabling JavaScript provides some additional protection against\n attacks. Acrobat JavaScript can be disabled using the Preferences\n menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable Acrobat\n JavaScript). \n\n Enable DEP in Microsoft Windows\n\n Consider enabling Data Execution Prevention (DEP) in supported\n versions of Windows. DEP should not be treated as a complete\n workaround, but it can mitigate the execution of attacker-supplied\n code in some cases. Microsoft has published detailed technical\n information about DEP in Security Research \u0026 Defense blog posts\n \"Understanding DEP as a mitigation technology\" part 1 and part 2. \n Use of DEP should be considered in conjunction with the application\n of patches or other mitigations described in this document. \n\n Do not access PDF documents from untrusted sources\n\n Do not open unfamiliar or unexpected PDF documents, particularly\n those hosted on websites or delivered as email attachments. Please\n see Cyber Security Tip ST04-010. \n\n\nIV. References\n\n * Security Advisory for Flash Player, Adobe Reader and Acrobat -\n \u003chttp://www.adobe.com/support/security/advisories/apsa10-01.html\u003e\n\n * Adobe Labs - Flash Player 10 pre-release -\n \u003chttp://labs.adobe.com/technologies/flashplayer10/\u003e\n\n * US-CERT Vulnerability Note VU#486225 -\n \u003chttp://www.kb.cert.org/vuls/id/486225\u003e\n\n * Securing Your Web Browser -\n \u003chttp://www.us-cert.gov/reading_room/securing_browser/\u003e\n\n * Understanding DEP as a mitigation technology part 1 -\n \u003chttp://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx\u003e\n\n * Understanding DEP as a mitigation technology part 2 -\n \u003chttp://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx\u003e\n\n ____________________________________________________________________\n\n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA10-159A.html\u003e\n ____________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-159A Feedback VU#486225\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n June 08, 2010: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBTA65yT6pPKYJORa3AQLS9wf/fh+7IwRtBvoPgn8pYeOsVheLkbVLWC3W\nmiWUnY1acuPTwZzG5JcAldRHksFkx1j0mMEvp4PhtiTr51JFPi4XgDfrG4cEcVaw\nnuAqEV+hLAWZkMex/jWxBV+85tZqKN0kiUr3bq5DPsdkhjV7c2MFfS8BSxLXLuPm\nOFAXPT+XFldq6MJhYUOtWT1CIz6PNPfo68KmZaUThjdqkkBW3HQu90OSRf2c6M/u\nV6KBQf7QuhpPqYUqAZU6ZUNEfL/7g2BwvuPjUMlgE5N+Z8EYnhyhu0qDtZeLUcXA\n2gH31VEr79DUHJqpb9jk61bi5Dm4gjHeLHoTAwu0IrduZzXvWncfIg==\n=ZPZM\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-2212"
},
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001718"
},
{
"db": "BID",
"id": "41245"
},
{
"db": "VULHUB",
"id": "VHN-44817"
},
{
"db": "VULMON",
"id": "CVE-2010-2212"
},
{
"db": "PACKETSTORM",
"id": "91353"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
}
],
"trust": 3.15
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.kb.cert.org/vuls/id/486225",
"trust": 0.8,
"type": "poc"
},
{
"reference": "https://www.scap.org.cn/vuln/vhn-44817",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44817"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-2212",
"trust": 3.1
},
{
"db": "VUPEN",
"id": "ADV-2010-1636",
"trust": 2.1
},
{
"db": "BID",
"id": "41245",
"trust": 1.3
},
{
"db": "SECTRACK",
"id": "1024159",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "40026",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#486225",
"trust": 0.9
},
{
"db": "USCERT",
"id": "TA10-159A",
"trust": 0.9
},
{
"db": "USCERT",
"id": "SA10-162A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "TA10-162A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA10-159A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001718",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201006-490",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "91353",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-44817",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2010-2212",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "93607",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90322",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90516",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44817"
},
{
"db": "VULMON",
"id": "CVE-2010-2212"
},
{
"db": "BID",
"id": "41245"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001718"
},
{
"db": "PACKETSTORM",
"id": "91353"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-490"
},
{
"db": "NVD",
"id": "CVE-2010-2212"
}
]
},
"id": "VAR-201006-0264",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-44817"
}
],
"trust": 0.01
},
"last_update_date": "2024-09-09T20:33:51.736000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-15",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"
},
{
"title": "APSB10-15",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-15.html"
},
{
"title": "RHSA-2010:0503",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0503.html"
},
{
"title": "TA10-159A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-159a.html"
},
{
"title": "TA10-162A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-162a.html"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/0xCyberY/CVE-T4PDF "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-2212"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001718"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44817"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001718"
},
{
"db": "NVD",
"id": "CVE-2010-2212"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"
},
{
"trust": 2.1,
"url": "http://www.vupen.com/english/advisories/2010/1636"
},
{
"trust": 1.8,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/512095/100/0/threaded"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a6798"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id?1024159"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2212"
},
{
"trust": 0.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
},
{
"trust": 0.9,
"url": "http://www.securityfocus.com/bid/41245"
},
{
"trust": 0.8,
"url": "http://www.adobe.com/devnet/actionscript/articles/avm2overview.pdf"
},
{
"trust": 0.8,
"url": "http://labs.adobe.com/technologies/flashplayer10/"
},
{
"trust": 0.8,
"url": "http://blog.zynamics.com/2010/06/09/analyzing-the-currently-exploited-0-day-for-adobe-reader-and-adobe-flash/"
},
{
"trust": 0.8,
"url": "http://www.symantec.com/connect/blogs/analysis-zero-day-exploit-adobe-flash-and-reader"
},
{
"trust": 0.8,
"url": "http://community.websense.com/blogs/securitylabs/archive/2010/06/09/having-fun-with-adobe-0-day-exploits.aspx"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/40026"
},
{
"trust": 0.8,
"url": "http://www.f-secure.com/weblog/archives/00001962.html"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20100611-adobe.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100015.txt"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100017.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-159a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-162a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-16"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2212"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-159a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-162a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-159a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-162a.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "/archive/1/512095"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/0xcybery/cve-t4pdf"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2212"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/services/wass-index.php"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/research.php"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/services/ba-index.php"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/services/tpp-index.php"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/services/vns-index.php"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2203"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2209"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0188"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0199"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201009-05.xml"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2205"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2211"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1285"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0199"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0190"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2210"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0188"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0198"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-07.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1297"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1241"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1295"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2208"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0190"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0198"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2207"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2168"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2201"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-16.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0186"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0195"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40026/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/webinars/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40026/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/486225\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-159a.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx\u003e"
},
{
"trust": 0.1,
"url": "http://labs.adobe.com/technologies/flashplayer10/\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/reading_room/securing_browser/\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx\u003e"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44817"
},
{
"db": "VULMON",
"id": "CVE-2010-2212"
},
{
"db": "BID",
"id": "41245"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001718"
},
{
"db": "PACKETSTORM",
"id": "91353"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-490"
},
{
"db": "NVD",
"id": "CVE-2010-2212"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44817"
},
{
"db": "VULMON",
"id": "CVE-2010-2212"
},
{
"db": "BID",
"id": "41245"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001718"
},
{
"db": "PACKETSTORM",
"id": "91353"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-490"
},
{
"db": "NVD",
"id": "CVE-2010-2212"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-06-07T00:00:00",
"db": "CERT/CC",
"id": "VU#486225"
},
{
"date": "2010-06-30T00:00:00",
"db": "VULHUB",
"id": "VHN-44817"
},
{
"date": "2010-06-30T00:00:00",
"db": "VULMON",
"id": "CVE-2010-2212"
},
{
"date": "2010-06-29T00:00:00",
"db": "BID",
"id": "41245"
},
{
"date": "2010-07-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001718"
},
{
"date": "2010-07-01T05:40:37",
"db": "PACKETSTORM",
"id": "91353"
},
{
"date": "2010-09-08T05:23:46",
"db": "PACKETSTORM",
"id": "93607"
},
{
"date": "2010-06-07T11:14:28",
"db": "PACKETSTORM",
"id": "90322"
},
{
"date": "2010-06-12T04:47:27",
"db": "PACKETSTORM",
"id": "90516"
},
{
"date": "2010-06-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-490"
},
{
"date": "2010-06-30T18:30:01.833000",
"db": "NVD",
"id": "CVE-2010-2212"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-03-28T00:00:00",
"db": "CERT/CC",
"id": "VU#486225"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-44817"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2010-2212"
},
{
"date": "2015-03-19T09:19:00",
"db": "BID",
"id": "41245"
},
{
"date": "2010-07-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001718"
},
{
"date": "2011-07-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-490"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2010-2212"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-490"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash ActionScript AVM2 newfunction vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201006-490"
}
],
"trust": 0.6
}
}
var-201106-0026
Vulnerability from variot
Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.181.22 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.22 and earlier on Android, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a "universal cross-site scripting vulnerability.". An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. The following versions are vulnerable: Adobe Flash Player 10.3.181.16 and prior versions for Windows, Macintosh, Linux and Solaris operating systems Adobe Flash Player 10.3.185.22 and prior versions for Android UPDATE (June 7, 2011): The vendor indicates there may be an impact related to the 'Authplay.dll' component of Adobe Reader and Acrobat X 10.0.3, Reader 9.x and 10.x, and Acrobat 9.x and 10.x. We will update this BID when additional details emerge. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: flash-plugin security update Advisory ID: RHSA-2011:0850-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0850.html Issue date: 2011-06-06 CVE Names: CVE-2011-2107 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- This vulnerability is detailed on the Adobe security page APSB11-13, listed in the References section. (CVE-2011-2107)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 10.3.181.22
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-10.3.181.22-1.el5.i386.rpm
x86_64: flash-plugin-10.3.181.22-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-10.3.181.22-1.el5.i386.rpm
x86_64: flash-plugin-10.3.181.22-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-10.3.181.22-1.el6.i686.rpm
x86_64: flash-plugin-10.3.181.22-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-10.3.181.22-1.el6.i686.rpm
x86_64: flash-plugin-10.3.181.22-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-10.3.181.22-1.el6.i686.rpm
x86_64: flash-plugin-10.3.181.22-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2011-2107.html https://access.redhat.com/security/updates/classification/#important http://www.adobe.com/support/security/bulletins/apsb11-13.html
- Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFN7OqAXlSAg2UNWIIRApgjAKCldmXlUbDzD/uUwi8XnweoaBZ00gCeIzcZ 1XCuXnfYCW/M6oYmVu+sw+U= =AUfZ -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201110-11
http://security.gentoo.org/
Severity: Normal Title: Adobe Flash Player: Multiple vulnerabilities Date: October 13, 2011 Bugs: #354207, #359019, #363179, #367031, #370215, #372899, #378637, #384017 ID: 201110-11
Synopsis
Multiple vulnerabilities in Adobe Flash Player might allow remote attackers to execute arbitrary code or cause a Denial of Service.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites.
Impact
By enticing a user to open a specially crafted SWF file a remote attacker could cause a Denial of Service or the execution of arbitrary code with the privileges of the user running the application.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-10.3.183.10"
References
[ 1 ] APSA11-01 http://www.adobe.com/support/security/advisories/apsa11-01.html [ 2 ] APSA11-02 http://www.adobe.com/support/security/advisories/apsa11-02.html [ 3 ] APSB11-02 http://www.adobe.com/support/security/bulletins/apsb11-02.html [ 4 ] APSB11-12 http://www.adobe.com/support/security/bulletins/apsb11-12.html [ 5 ] APSB11-13 http://www.adobe.com/support/security/bulletins/apsb11-13.html [ 6 ] APSB11-21 https://www.adobe.com/support/security/bulletins/apsb11-21.html [ 7 ] APSB11-26 https://www.adobe.com/support/security/bulletins/apsb11-26.html [ 8 ] CVE-2011-0558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0558 [ 9 ] CVE-2011-0559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0559 [ 10 ] CVE-2011-0560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0560 [ 11 ] CVE-2011-0561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0561 [ 12 ] CVE-2011-0571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0571 [ 13 ] CVE-2011-0572 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0572 [ 14 ] CVE-2011-0573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0573 [ 15 ] CVE-2011-0574 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0574 [ 16 ] CVE-2011-0575 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0575 [ 17 ] CVE-2011-0577 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0577 [ 18 ] CVE-2011-0578 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0578 [ 19 ] CVE-2011-0579 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0579 [ 20 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 21 ] CVE-2011-0607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0607 [ 22 ] CVE-2011-0608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0608 [ 23 ] CVE-2011-0609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0609 [ 24 ] CVE-2011-0611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0611 [ 25 ] CVE-2011-0618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0618 [ 26 ] CVE-2011-0619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0619 [ 27 ] CVE-2011-0620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0620 [ 28 ] CVE-2011-0621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0621 [ 29 ] CVE-2011-0622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0622 [ 30 ] CVE-2011-0623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0623 [ 31 ] CVE-2011-0624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0624 [ 32 ] CVE-2011-0625 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0625 [ 33 ] CVE-2011-0626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0626 [ 34 ] CVE-2011-0627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0627 [ 35 ] CVE-2011-0628 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0628 [ 36 ] CVE-2011-2107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2107 [ 37 ] CVE-2011-2110 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2110 [ 38 ] CVE-2011-2125 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 39 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 40 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 41 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 42 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 43 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 44 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 45 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 46 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 47 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 48 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 49 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 50 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 51 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 52 ] CVE-2011-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2426 [ 53 ] CVE-2011-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2427 [ 54 ] CVE-2011-2428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2428 [ 55 ] CVE-2011-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2429 [ 56 ] CVE-2011-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2430 [ 57 ] CVE-2011-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2444
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201110-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201106-0026",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "9.0.124.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.2.152.33"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.8,
"vendor": "adobe",
"version": "10.3.181.16"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.246.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.154.25"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.95.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.153.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.28.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.260.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.277.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.85.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.31.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.48.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.106.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.95.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.22.87"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.151.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.159.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.42.34"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.115.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.156.12"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.154.13"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.3.181.14"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.32.18"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.12.36"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.152.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.82.76"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.105.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.47.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.45.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.92.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.102.64"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.2.157.51"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.53.64"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.159.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.15.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.0.584"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.262.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.35.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.68.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.20.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.2.152"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.21.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.24.0"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.114.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.28"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.19.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.63"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.22.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.283.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.2.152.32"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.45.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.12.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.155.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.33.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.61.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.20"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.112.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.18d60"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.39.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.69.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.24.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.92.8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.67.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.14.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.73.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.125.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.25"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.53.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.42.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.2"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.3.185.22"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.52.14.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.66.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.52.15"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.70.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.125.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.79"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.60.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.34.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.31"
},
{
"model": "flash player",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.181.16 for chrome users"
},
{
"model": "flash player",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.181.16 network distribution"
},
{
"model": "flash player",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "10.3.185.22 for android"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux server supplementary eus",
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.6.z (server)"
},
{
"model": "rhel supplementary long life",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.6 (server)"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.307.6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1004"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "3.0.195.21"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375127"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1033"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1044"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.28"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.34"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.322.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.50"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.391.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.50"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.14"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.306.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1012"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1039"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.539.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.434.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.529.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1031"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.399.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.203"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.365.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.105"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.474.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.335.2"
},
{
"model": "chrome beta",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.249.78"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.326.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.317.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.64"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.499.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.47255"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.408.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.11"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.76"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.40"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.39"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.447.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.307.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.507.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.366.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.35"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.213"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.306"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.530.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.348.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.2460"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.458.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.208"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1010"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.507.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.2.149.27"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.18"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.342.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.307.11"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.366.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.18"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.12"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.15"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.82"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.22"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.395.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.28"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.13"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.127"
},
{
"model": "solaris express",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "11"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.25"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1051"
},
{
"model": "in motion blackberry playbook tablet software",
"scope": "ne",
"trust": 0.3,
"vendor": "research",
"version": "1.0.5.2342"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.225"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1061"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.418.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.385.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.319.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.408.6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.20"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.366.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.535.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.445.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.514.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.443.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.296.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.107"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.219"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.374.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.275.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.417.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.23"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.218"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.21"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.217"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.57"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.27"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.342.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1043"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.418.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1049"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.71"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.407.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.185.21"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1057"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.518.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.346.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.421.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.51"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.390.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.38"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.382.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "3.0.195.27"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.35"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.438.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.39"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.536.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.20"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.23"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.462.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.12"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.368.0"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.209"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.37"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.46"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.77"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.307.10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.226"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.87"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.46"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.126"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.481.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.489.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.37"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.393.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.362.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.531.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.26"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.408.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.423.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.8"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.418.9"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.48"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.323.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.356.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.93"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.23"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.370.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.380.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.447.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.216"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.408.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.344"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.512.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.419.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.408.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.66"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.48"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.361.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1018"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.58"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.222.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.4.154.22"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.437.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.483.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.467.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.435.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.200"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.278.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.413.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.452.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1017"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.64"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.537.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.302.0"
},
{
"model": "freeflow print server 73.c0.41",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.379.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.513.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.453.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.2.149.29"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "3.0.195.25"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1062"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.30"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.490.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1020"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.57"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.469.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1042"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1058"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.158.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.152.21"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.49"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.334.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.408.9"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.307.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.280"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.55"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.52"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.303"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.506.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1054"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.458.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.404.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.414.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.53"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.494.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.335.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.484.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1030"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.85"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.328.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.342.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.27"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.360.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.211"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.185.22"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.51.66"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.18"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.482.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.479.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.27"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.381.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.19"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.15"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.104"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.394.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "3.0.195.38"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.41"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.511.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.437.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.503.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.415.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.364.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.521.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.507.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.520.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.349.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1022"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.528.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.408.7"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.458.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.450.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.350.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.418.7"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.322.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.476.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.2491064"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.61"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.17"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.20"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.63"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.35"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.354.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.345.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.325.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.215"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1026"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.222.12"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "3.0.195.37"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "3.0.195.33"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.31"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.335.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.24"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.369.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.22"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.431.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.347.0"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.185.23"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "3.0.195.24"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "3.0.195.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.498.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.412.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.83"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.34"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.16"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1038"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.307.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.42"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.406.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.302"
},
{
"model": "chrome",
"scope": "ne",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.77"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.310"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.515.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.416.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.63"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.55"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.59"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.445.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.409.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.329.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1006"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.68"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.315.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.34"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.499.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.32"
},
{
"model": "freeflow print server 73.b3.61",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.54"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.277.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.47"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3218"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.384.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.69"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.170.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.29"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.350.1"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.408.10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.13"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.157.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.26"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.422.0"
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.511.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.3.154.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.61"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.36"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.529.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.503.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.24"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.9"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.299.0"
},
{
"model": "chrome beta",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "3.0.193.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.33"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.371.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.408.8"
},
{
"model": "chrome beta",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.169.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.272.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.169.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.411.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.288.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.452.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.202"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.496.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.363.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.294.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.223.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.367.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1016"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1045"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.223.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "3.0.195.36"
},
{
"model": "chrome beta",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "3.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.454.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.43"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.28"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.453.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.466.6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.337.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.301.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.68"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.507.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.96"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.366.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.36"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.43"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.91"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1032"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.42"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.80"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.473.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.441.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.8"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.60"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.549.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1040"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.157.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.88"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.466.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.314.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.342.6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.207"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.16"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.440.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.426.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.343.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.355.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.327.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.477.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1055"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.22"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.67"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.65"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.401.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.516.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.335.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.356.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.430.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.493.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.11"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.457.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.21"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.29"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.28"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.308.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.92"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.342.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.401.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.495.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.40"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1019"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.2491036"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.102.65"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.522.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.30"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.356.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.94"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.341.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.223"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.95"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.57"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.54"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.2.152.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.46"
},
{
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.75"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.338.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.451.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.450.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.59"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.84"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.418.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.322.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.36"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.222.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1015"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.398.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "3.0.195.32"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.404.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.531.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.480.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.466.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.536.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.418.6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.94"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.19"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.28"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.466.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.30"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.427.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.204"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.342.7"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.466.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375125"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.551.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.128"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.18"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1024"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.19"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.301"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.43"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.222.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.276.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.544.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.500.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.39"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.307.8"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1041"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1021"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.14"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.336.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.305.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.61"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1034"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.38"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.222"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.98"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.342.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.262"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.317.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.65"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.320.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.21"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.65"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.16"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.12"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.31"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.37"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.17"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.224.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.366.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.33"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.339.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.307.7"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.342.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.18"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.335.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.424.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.39"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1035"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.288.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.478.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.100"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.14"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.540.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.465.2"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.3.181.23"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.223.8"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.542.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.59"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.62"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.223.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.37599"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.330.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.289.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1014"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.212.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.529.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1001"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.492.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.510.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.3.1549"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.410.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.79"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.27"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1056"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.45"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.547.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.536.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.292.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.38"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.405.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.212.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.418.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.2.153.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.37"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.9"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.31"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.49"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1029"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.223.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.223.7"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.378.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.13"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.2.149.30"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.62"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.551.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1037"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.16"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.360.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.466.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1060"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.249.78"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.547.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.418.8"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.300.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.509.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.387.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.27"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.382.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.97"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.290.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.40"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.386.0"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.425.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.485.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.486.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.450.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.48"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.9"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.372.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.514.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.450.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.392.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.403.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.221.8"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.45"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.307.5"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.212"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.302.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1063"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.29"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.72"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.206"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.304.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.289.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.360.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1028"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.133"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.26"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.51"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.4.154.31"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.487.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.302.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.19"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1046"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.303.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.404.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.2491059"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.332.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.25"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.159.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.220"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.101"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.44"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.73"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.41"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.12.35"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.60"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.275.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.340.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1013"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.436.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1023"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.373.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.44"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.369.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.397.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.353.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.511.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.531.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.408.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.89"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.70"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.20"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.43"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.491.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.300"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.56"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.535.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.470.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.461.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.437.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.446.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.43"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.321.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.15"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.357.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.459.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.541.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.221"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.536.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.81"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.333.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.313.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.475.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.524.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.351.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.102"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "1.0.154.42"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.17"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.307"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.471.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1027"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.396.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.450.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.415.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.428.0"
},
{
"model": "in motion blackberry playbook tablet software",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "1.0.5.2304"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.42"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.309.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.32"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.205"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.16"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.447.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.460.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.4.154.33"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.344.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.307.9"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.204"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.342.9"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1008"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.13"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.156.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.25"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.466.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1053"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.455.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.38"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.488.0"
},
{
"model": "acrobat professional extended",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.526.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.21"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.449.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "3.0.190.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.505.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.400.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.497.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.287.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.286.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.33"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.103"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.302.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.224"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.369.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.52"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.444.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.437.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.71"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.358.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.223.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.548.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.58"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.360.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.24"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1007"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1047"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.456.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1052"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.36"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.17"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.308"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.7"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.84"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.210"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.550.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.525.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.8"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.490.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.53"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.317.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1009"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.74"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.495.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.432.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.249.89"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.314.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.500.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.309"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.214"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.324.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1048"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.30"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1050"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.47"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.433.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.408.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.342.8"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.416.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.52"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.4.154.18"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.452"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.201"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "2.0.172.31"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.11"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.32"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.22"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.672.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.14"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.43"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "3.0.182.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.78"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.354.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.504.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.316.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.44"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.90"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.418.3"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.304"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.305"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.464.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.271.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.7"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.237"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.53"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.41"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.418.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.3.154.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.359.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.383.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.376.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.465.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.205"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.306.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1025"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.33"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.0.295.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.536.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.37586"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.538.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.519.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.56"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.318.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.249.1011"
}
],
"sources": [
{
"db": "BID",
"id": "48107"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001710"
},
{
"db": "CNNVD",
"id": "CNNVD-201106-043"
},
{
"db": "NVD",
"id": "CVE-2011-2107"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:flash_player",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_server_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_server_supplementary_eus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_workstation_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary_long_life",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001710"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Google",
"sources": [
{
"db": "BID",
"id": "48107"
}
],
"trust": 0.3
},
"cve": "CVE-2011-2107",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2011-2107",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-50052",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-2107",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2011-2107",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201106-043",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-50052",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50052"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001710"
},
{
"db": "CNNVD",
"id": "CNNVD-201106-043"
},
{
"db": "NVD",
"id": "CVE-2011-2107"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.181.22 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.22 and earlier on Android, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a \"universal cross-site scripting vulnerability.\". \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. \nThe following versions are vulnerable:\nAdobe Flash Player 10.3.181.16 and prior versions for Windows, Macintosh, Linux and Solaris operating systems\nAdobe Flash Player 10.3.185.22 and prior versions for Android\nUPDATE (June 7, 2011): The vendor indicates there may be an impact related to the \u0027Authplay.dll\u0027 component of Adobe Reader and Acrobat X 10.0.3, Reader 9.x and 10.x, and Acrobat 9.x and 10.x. We will update this BID when additional details emerge. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: flash-plugin security update\nAdvisory ID: RHSA-2011:0850-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2011-0850.html\nIssue date: 2011-06-06\nCVE Names: CVE-2011-2107 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes one security issue is now \navailable for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for each \nvulnerability from the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. This \nvulnerability is detailed on the Adobe security page APSB11-13, listed in \nthe References section. (CVE-2011-2107)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 10.3.181.22\n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\n5. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-10.3.181.22-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-10.3.181.22-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-10.3.181.22-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-10.3.181.22-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-10.3.181.22-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-10.3.181.22-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-10.3.181.22-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-10.3.181.22-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-10.3.181.22-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-10.3.181.22-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and \ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2011-2107.html\nhttps://access.redhat.com/security/updates/classification/#important\nhttp://www.adobe.com/support/security/bulletins/apsb11-13.html\n\n8. Contact:\n\nThe Red Hat security contact is \u0026lt;secalert@redhat.com\u0026gt;. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2011 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFN7OqAXlSAg2UNWIIRApgjAKCldmXlUbDzD/uUwi8XnweoaBZ00gCeIzcZ\n1XCuXnfYCW/M6oYmVu+sw+U=\n=AUfZ\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201110-11\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Flash Player: Multiple vulnerabilities\n Date: October 13, 2011\n Bugs: #354207, #359019, #363179, #367031, #370215, #372899,\n #378637, #384017\n ID: 201110-11\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Flash Player might allow remote\nattackers to execute arbitrary code or cause a Denial of Service. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \n\nImpact\n======\n\nBy enticing a user to open a specially crafted SWF file a remote\nattacker could cause a Denial of Service or the execution of arbitrary\ncode with the privileges of the user running the application. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-10.3.183.10\"\n\nReferences\n==========\n\n[ 1 ] APSA11-01\n http://www.adobe.com/support/security/advisories/apsa11-01.html\n[ 2 ] APSA11-02\n http://www.adobe.com/support/security/advisories/apsa11-02.html\n[ 3 ] APSB11-02\n http://www.adobe.com/support/security/bulletins/apsb11-02.html\n[ 4 ] APSB11-12\n http://www.adobe.com/support/security/bulletins/apsb11-12.html\n[ 5 ] APSB11-13\n http://www.adobe.com/support/security/bulletins/apsb11-13.html\n[ 6 ] APSB11-21\n https://www.adobe.com/support/security/bulletins/apsb11-21.html\n[ 7 ] APSB11-26\n https://www.adobe.com/support/security/bulletins/apsb11-26.html\n[ 8 ] CVE-2011-0558\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0558\n[ 9 ] CVE-2011-0559\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0559\n[ 10 ] CVE-2011-0560\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0560\n[ 11 ] CVE-2011-0561\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0561\n[ 12 ] CVE-2011-0571\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0571\n[ 13 ] CVE-2011-0572\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0572\n[ 14 ] CVE-2011-0573\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0573\n[ 15 ] CVE-2011-0574\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0574\n[ 16 ] CVE-2011-0575\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0575\n[ 17 ] CVE-2011-0577\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0577\n[ 18 ] CVE-2011-0578\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0578\n[ 19 ] CVE-2011-0579\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0579\n[ 20 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 21 ] CVE-2011-0607\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0607\n[ 22 ] CVE-2011-0608\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0608\n[ 23 ] CVE-2011-0609\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0609\n[ 24 ] CVE-2011-0611\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0611\n[ 25 ] CVE-2011-0618\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0618\n[ 26 ] CVE-2011-0619\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0619\n[ 27 ] CVE-2011-0620\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0620\n[ 28 ] CVE-2011-0621\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0621\n[ 29 ] CVE-2011-0622\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0622\n[ 30 ] CVE-2011-0623\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0623\n[ 31 ] CVE-2011-0624\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0624\n[ 32 ] CVE-2011-0625\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0625\n[ 33 ] CVE-2011-0626\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0626\n[ 34 ] CVE-2011-0627\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0627\n[ 35 ] CVE-2011-0628\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0628\n[ 36 ] CVE-2011-2107\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2107\n[ 37 ] CVE-2011-2110\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2110\n[ 38 ] CVE-2011-2125\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 39 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 40 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 41 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 42 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 43 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 44 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 45 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 46 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 47 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 48 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 49 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 50 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 51 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 52 ] CVE-2011-2426\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2426\n[ 53 ] CVE-2011-2427\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2427\n[ 54 ] CVE-2011-2428\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2428\n[ 55 ] CVE-2011-2429\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2429\n[ 56 ] CVE-2011-2430\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2430\n[ 57 ] CVE-2011-2444\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2444\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201110-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2011 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2107"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001710"
},
{
"db": "BID",
"id": "48107"
},
{
"db": "VULHUB",
"id": "VHN-50052"
},
{
"db": "PACKETSTORM",
"id": "102036"
},
{
"db": "PACKETSTORM",
"id": "105802"
}
],
"trust": 2.16
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-50052",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50052"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-2107",
"trust": 3.0
},
{
"db": "SECUNIA",
"id": "44846",
"trust": 2.5
},
{
"db": "BID",
"id": "48107",
"trust": 2.2
},
{
"db": "SECTRACK",
"id": "1025603",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "44847",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "44872",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "44871",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "44946",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "48308",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1025658",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001710",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201106-043",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "16910",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "102036",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-50052",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "105802",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50052"
},
{
"db": "BID",
"id": "48107"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001710"
},
{
"db": "PACKETSTORM",
"id": "102036"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "CNNVD",
"id": "CNNVD-201106-043"
},
{
"db": "NVD",
"id": "CVE-2011-2107"
}
]
},
"id": "VAR-201106-0026",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-50052"
}
],
"trust": 0.6574074
},
"last_update_date": "2024-09-19T21:01:06.100000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-13",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-13.html"
},
{
"title": "APSB11-13 (cpsid_90656)",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/906/cpsid_90656.html"
},
{
"title": "APSB11-13",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb11-13.html"
},
{
"title": "RHSA-2011:0850",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2011-0850.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001710"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50052"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001710"
},
{
"db": "NVD",
"id": "CVE-2011-2107"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://secunia.com/advisories/44846"
},
{
"trust": 2.2,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-13.html"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/48107"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/44847"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/44871"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/44872"
},
{
"trust": 1.4,
"url": "http://googlechromereleases.blogspot.com/2011/06/stable-channel-update.html"
},
{
"trust": 1.4,
"url": "http://www.blackberry.com/btsc/kb27240"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a13762"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2011-0850.html"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1025603"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1025658"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/44946"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/48308"
},
{
"trust": 1.1,
"url": "https://hermes.opensuse.org/messages/8704566"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67838"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2107"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2107"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id/1025603"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/16910"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_adobe_flashplayer"
},
{
"trust": 0.3,
"url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_adobe_flashplayer2"
},
{
"trust": 0.3,
"url": "http://www.xerox.com/download/security/security-bulletin/1284333-14afb-4baadb5bccb00/cert_xrx12-002_v1.1.pdf"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-0850.html"
},
{
"trust": 0.1,
"url": "http://kbase.redhat.com/faq/docs/doc-11259"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2107.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2107"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0579"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0574"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0625"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0575"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0558"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0572"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2444"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0623"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0560"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0620"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0621"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0560"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2107"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2429"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2110"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0628"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0574"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0573"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0575"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0571"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0559"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb11-21.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2426"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0620"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0579"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0578"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0611"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-12.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0573"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0561"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0572"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0619"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0561"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0558"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0578"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0623"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0621"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0577"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0627"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2428"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa11-02.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0619"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb11-26.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0628"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0607"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2430"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2427"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201110-11.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0559"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0625"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa11-01.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0571"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0611"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0577"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50052"
},
{
"db": "BID",
"id": "48107"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001710"
},
{
"db": "PACKETSTORM",
"id": "102036"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "CNNVD",
"id": "CNNVD-201106-043"
},
{
"db": "NVD",
"id": "CVE-2011-2107"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-50052"
},
{
"db": "BID",
"id": "48107"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001710"
},
{
"db": "PACKETSTORM",
"id": "102036"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "CNNVD",
"id": "CNNVD-201106-043"
},
{
"db": "NVD",
"id": "CVE-2011-2107"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-06-09T00:00:00",
"db": "VULHUB",
"id": "VHN-50052"
},
{
"date": "2011-06-05T00:00:00",
"db": "BID",
"id": "48107"
},
{
"date": "2011-06-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001710"
},
{
"date": "2011-06-07T01:41:09",
"db": "PACKETSTORM",
"id": "102036"
},
{
"date": "2011-10-14T06:16:06",
"db": "PACKETSTORM",
"id": "105802"
},
{
"date": "2011-06-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201106-043"
},
{
"date": "2011-06-09T02:38:36.213000",
"db": "NVD",
"id": "CVE-2011-2107"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-50052"
},
{
"date": "2015-03-19T09:10:00",
"db": "BID",
"id": "48107"
},
{
"date": "2011-06-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001710"
},
{
"date": "2011-06-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201106-043"
},
{
"date": "2018-10-30T16:26:24.687000",
"db": "NVD",
"id": "CVE-2011-2107"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "CNNVD",
"id": "CNNVD-201106-043"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001710"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201106-043"
}
],
"trust": 0.6
}
}
var-201510-0357
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted set of fields, a different vulnerability than CVE-2015-6685, CVE-2015-6693, CVE-2015-6694, CVE-2015-6695, and CVE-2015-7622. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The flaw exists within the handling of specific fields. A specially crafted PDF file with a specific combination of fields can force a dangling pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code under the context of the current process. Adobe Acrobat and Reader are prone to multiple memory-corruption vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Security flaws exist in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0357",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-466"
},
{
"db": "BID",
"id": "77069"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005243"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-199"
},
{
"db": "NVD",
"id": "CVE-2015-6686"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005243"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Brian Gorenc - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-466"
}
],
"trust": 0.7
},
"cve": "CVE-2015-6686",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6686",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.7,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-6686",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84647",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6686",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6686",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-6686",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-199",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-84647",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-466"
},
{
"db": "VULHUB",
"id": "VHN-84647"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005243"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-199"
},
{
"db": "NVD",
"id": "CVE-2015-6686"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted set of fields, a different vulnerability than CVE-2015-6685, CVE-2015-6693, CVE-2015-6694, CVE-2015-6695, and CVE-2015-7622. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The flaw exists within the handling of specific fields. A specially crafted PDF file with a specific combination of fields can force a dangling pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code under the context of the current process. Adobe Acrobat and Reader are prone to multiple memory-corruption vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Security flaws exist in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6686"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005243"
},
{
"db": "ZDI",
"id": "ZDI-15-466"
},
{
"db": "BID",
"id": "77069"
},
{
"db": "VULHUB",
"id": "VHN-84647"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6686",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-466",
"trust": 2.7
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005243",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2958",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-199",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-15-471",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-472",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-467",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-473",
"trust": 0.3
},
{
"db": "BID",
"id": "77069",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84647",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-466"
},
{
"db": "VULHUB",
"id": "VHN-84647"
},
{
"db": "BID",
"id": "77069"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005243"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-199"
},
{
"db": "NVD",
"id": "CVE-2015-6686"
}
]
},
"id": "VAR-201510-0357",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84647"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:32.537000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product Buffer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58048"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-466"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005243"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-199"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84647"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005243"
},
{
"db": "NVD",
"id": "CVE-2015-6686"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-466"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6686"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6686"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-467/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-466/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-473/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-471/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-472/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-466"
},
{
"db": "VULHUB",
"id": "VHN-84647"
},
{
"db": "BID",
"id": "77069"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005243"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-199"
},
{
"db": "NVD",
"id": "CVE-2015-6686"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-466"
},
{
"db": "VULHUB",
"id": "VHN-84647"
},
{
"db": "BID",
"id": "77069"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005243"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-199"
},
{
"db": "NVD",
"id": "CVE-2015-6686"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-466"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84647"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77069"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005243"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-199"
},
{
"date": "2015-10-14T23:59:07.733000",
"db": "NVD",
"id": "CVE-2015-6686"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-466"
},
{
"date": "2020-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-84647"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77069"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005243"
},
{
"date": "2020-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-199"
},
{
"date": "2021-09-08T17:19:31.513000",
"db": "NVD",
"id": "CVE-2015-6686"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-199"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005243"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-199"
}
],
"trust": 0.6
}
}
var-201505-0295
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3068, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073, and CVE-2015-3074. This vulnerability CVE-2015-3060 , CVE-2015-3061 , CVE-2015-3062 , CVE-2015-3063 , CVE-2015-3064 , CVE-2015-3065 , CVE-2015-3066 , CVE-2015-3067 , CVE-2015-3068 , CVE-2015-3071 , CVE-2015-3072 , CVE-2015-3073 and CVE-2015-3074 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlBy the attacker, JavaScript API May limit the execution limit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the AFNSimple_Calculate function. By creating a specially crafted PDF with specific JavaScript instructions, it is possible to bypass the JavaScript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Reader and Acrobat are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201505-0295",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat pro",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-205"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002647"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-182"
},
{
"db": "NVD",
"id": "CVE-2015-3069"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002647"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dave Weinstein - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-205"
}
],
"trust": 0.7
},
"cve": "CVE-2015-3069",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3069",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-3069",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-81030",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3069",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-3069",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-3069",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-182",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-81030",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-205"
},
{
"db": "VULHUB",
"id": "VHN-81030"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002647"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-182"
},
{
"db": "NVD",
"id": "CVE-2015-3069"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3068, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073, and CVE-2015-3074. This vulnerability CVE-2015-3060 , CVE-2015-3061 , CVE-2015-3062 , CVE-2015-3063 , CVE-2015-3064 , CVE-2015-3065 , CVE-2015-3066 , CVE-2015-3067 , CVE-2015-3068 , CVE-2015-3071 , CVE-2015-3072 , CVE-2015-3073 and CVE-2015-3074 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlBy the attacker, JavaScript API May limit the execution limit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the AFNSimple_Calculate function. By creating a specially crafted PDF with specific JavaScript instructions, it is possible to bypass the JavaScript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Reader and Acrobat are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3069"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002647"
},
{
"db": "ZDI",
"id": "ZDI-15-205"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "VULHUB",
"id": "VHN-81030"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3069",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-205",
"trust": 1.8
},
{
"db": "BID",
"id": "74604",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1032284",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002647",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2696",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201505-182",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-81030",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-205"
},
{
"db": "VULHUB",
"id": "VHN-81030"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002647"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-182"
},
{
"db": "NVD",
"id": "CVE-2015-3069"
}
]
},
"id": "VAR-201505-0295",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81030"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:34:03.541000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-10",
"trust": 1.5,
"url": "http://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb15-10.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150514.html"
},
{
"title": "AdbeRdrUpd10114",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55534"
},
{
"title": "AcrobatUpd10114",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55538"
},
{
"title": "AdbeRdrUpd11011",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55533"
},
{
"title": "AcrobatUpd11011",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55537"
},
{
"title": "AdbeRdrUpd10114",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55532"
},
{
"title": "AcrobatUpd10114",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55536"
},
{
"title": "AdbeRdrUpd11011",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55535"
},
{
"title": "AcrobatUpd11011",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55539"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-205"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002647"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-182"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-284",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81030"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002647"
},
{
"db": "NVD",
"id": "CVE-2015-3069"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/74604"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-205"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032284"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3069"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150513-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3069"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=16279"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-205"
},
{
"db": "VULHUB",
"id": "VHN-81030"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002647"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-182"
},
{
"db": "NVD",
"id": "CVE-2015-3069"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-205"
},
{
"db": "VULHUB",
"id": "VHN-81030"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002647"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-182"
},
{
"db": "NVD",
"id": "CVE-2015-3069"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-205"
},
{
"date": "2015-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-81030"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74604"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002647"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-182"
},
{
"date": "2015-05-13T11:00:03.873000",
"db": "NVD",
"id": "CVE-2015-3069"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-205"
},
{
"date": "2017-01-05T00:00:00",
"db": "VULHUB",
"id": "VHN-81030"
},
{
"date": "2015-05-15T01:17:00",
"db": "BID",
"id": "74604"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002647"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-182"
},
{
"date": "2017-01-05T20:06:04.090000",
"db": "NVD",
"id": "CVE-2015-3069"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-182"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat In JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002647"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "74604"
}
],
"trust": 0.3
}
}
var-201510-0345
Vulnerability from variot
Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-6698. This vulnerability CVE-2015-6698 and CVE-2015-8458 Is a different vulnerability.An attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within AGM.dll. A specially crafted PDF with multiple layers can force a dangling pointer to be reused after it has been freed. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0345",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-569"
},
{
"db": "BID",
"id": "77068"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005253"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-209"
},
{
"db": "NVD",
"id": "CVE-2015-6696"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005253"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jaanus Kp Clarified Security",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-569"
}
],
"trust": 0.7
},
"cve": "CVE-2015-6696",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6696",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-6696",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84657",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6696",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6696",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-6696",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-209",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-84657",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2015-6696",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-569"
},
{
"db": "VULHUB",
"id": "VHN-84657"
},
{
"db": "VULMON",
"id": "CVE-2015-6696"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005253"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-209"
},
{
"db": "NVD",
"id": "CVE-2015-6696"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-6698. This vulnerability CVE-2015-6698 and CVE-2015-8458 Is a different vulnerability.An attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within AGM.dll. A specially crafted PDF with multiple layers can force a dangling pointer to be reused after it has been freed. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6696"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005253"
},
{
"db": "ZDI",
"id": "ZDI-15-569"
},
{
"db": "BID",
"id": "77068"
},
{
"db": "VULHUB",
"id": "VHN-84657"
},
{
"db": "VULMON",
"id": "CVE-2015-6696"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6696",
"trust": 3.6
},
{
"db": "ZDI",
"id": "ZDI-15-569",
"trust": 2.5
},
{
"db": "BID",
"id": "77068",
"trust": 2.1
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005253",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3002",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-209",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-84657",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-6696",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-569"
},
{
"db": "VULHUB",
"id": "VHN-84657"
},
{
"db": "VULMON",
"id": "CVE-2015-6696"
},
{
"db": "BID",
"id": "77068"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005253"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-209"
},
{
"db": "NVD",
"id": "CVE-2015-6696"
}
]
},
"id": "VAR-201510-0345",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84657"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:36.167000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product-based patch-based buffer overflow vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58058"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-569"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005253"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-209"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84657"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005253"
},
{
"db": "NVD",
"id": "CVE-2015-6696"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/77068"
},
{
"trust": 1.8,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-569"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6696"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6696"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=42121"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-569"
},
{
"db": "VULHUB",
"id": "VHN-84657"
},
{
"db": "VULMON",
"id": "CVE-2015-6696"
},
{
"db": "BID",
"id": "77068"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005253"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-209"
},
{
"db": "NVD",
"id": "CVE-2015-6696"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-569"
},
{
"db": "VULHUB",
"id": "VHN-84657"
},
{
"db": "VULMON",
"id": "CVE-2015-6696"
},
{
"db": "BID",
"id": "77068"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005253"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-209"
},
{
"db": "NVD",
"id": "CVE-2015-6696"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-16T00:00:00",
"db": "ZDI",
"id": "ZDI-15-569"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84657"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULMON",
"id": "CVE-2015-6696"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77068"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005253"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-209"
},
{
"date": "2015-10-14T23:59:18.207000",
"db": "NVD",
"id": "CVE-2015-6696"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-16T00:00:00",
"db": "ZDI",
"id": "ZDI-15-569"
},
{
"date": "2020-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-84657"
},
{
"date": "2020-05-13T00:00:00",
"db": "VULMON",
"id": "CVE-2015-6696"
},
{
"date": "2015-12-07T22:23:00",
"db": "BID",
"id": "77068"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005253"
},
{
"date": "2020-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-209"
},
{
"date": "2021-09-08T17:19:31.750000",
"db": "NVD",
"id": "CVE-2015-6696"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-209"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Heap-based buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005253"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-209"
}
],
"trust": 0.6
}
}
var-201505-0314
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073, and CVE-2015-3074. This vulnerability CVE-2015-3060 , CVE-2015-3061 , CVE-2015-3062 , CVE-2015-3064 , CVE-2015-3065 , CVE-2015-3066 , CVE-2015-3067 , CVE-2015-3068 , CVE-2015-3069 , CVE-2015-3071 , CVE-2015-3072 , CVE-2015-3073 and CVE-2015-3074 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlBy the attacker, JavaScript API May limit the execution limit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the app.Monitors().select method. By creating a specially crafted PDF with specific JavaScript instructions, it is possible to bypass the JavaScript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Reader and Acrobat are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201505-0314",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-203"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002641"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-176"
},
{
"db": "NVD",
"id": "CVE-2015-3063"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002641"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Brian Gorenc - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-203"
}
],
"trust": 0.7
},
"cve": "CVE-2015-3063",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3063",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-3063",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-81024",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3063",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-3063",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-3063",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-176",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-81024",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-203"
},
{
"db": "VULHUB",
"id": "VHN-81024"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002641"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-176"
},
{
"db": "NVD",
"id": "CVE-2015-3063"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073, and CVE-2015-3074. This vulnerability CVE-2015-3060 , CVE-2015-3061 , CVE-2015-3062 , CVE-2015-3064 , CVE-2015-3065 , CVE-2015-3066 , CVE-2015-3067 , CVE-2015-3068 , CVE-2015-3069 , CVE-2015-3071 , CVE-2015-3072 , CVE-2015-3073 and CVE-2015-3074 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlBy the attacker, JavaScript API May limit the execution limit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the app.Monitors().select method. By creating a specially crafted PDF with specific JavaScript instructions, it is possible to bypass the JavaScript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Reader and Acrobat are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3063"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002641"
},
{
"db": "ZDI",
"id": "ZDI-15-203"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "VULHUB",
"id": "VHN-81024"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3063",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-203",
"trust": 1.8
},
{
"db": "BID",
"id": "74604",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1032284",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002641",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2697",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201505-176",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-81024",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-203"
},
{
"db": "VULHUB",
"id": "VHN-81024"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002641"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-176"
},
{
"db": "NVD",
"id": "CVE-2015-3063"
}
]
},
"id": "VAR-201505-0314",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81024"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:34:03.230000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-10",
"trust": 1.5,
"url": "http://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb15-10.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150514.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-203"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002641"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-284",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81024"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002641"
},
{
"db": "NVD",
"id": "CVE-2015-3063"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/74604"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-203"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032284"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3063"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150513-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3063"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=16279"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-203"
},
{
"db": "VULHUB",
"id": "VHN-81024"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002641"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-176"
},
{
"db": "NVD",
"id": "CVE-2015-3063"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-203"
},
{
"db": "VULHUB",
"id": "VHN-81024"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002641"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-176"
},
{
"db": "NVD",
"id": "CVE-2015-3063"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-203"
},
{
"date": "2015-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-81024"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74604"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002641"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-176"
},
{
"date": "2015-05-13T10:59:58.137000",
"db": "NVD",
"id": "CVE-2015-3063"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-203"
},
{
"date": "2017-01-05T00:00:00",
"db": "VULHUB",
"id": "VHN-81024"
},
{
"date": "2015-05-15T01:17:00",
"db": "BID",
"id": "74604"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002641"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-176"
},
{
"date": "2017-01-05T19:54:33.387000",
"db": "NVD",
"id": "CVE-2015-3063"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-176"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat In JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002641"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "74604"
}
],
"trust": 0.3
}
}
var-201601-0599
Vulnerability from variot
The AcroForm plugin in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946. This vulnerability CVE-2016-0931 , CVE-2016-0933 , CVE-2016-0936 , CVE-2016-0939 , CVE-2016-0942 , CVE-2016-0944 , CVE-2016-0945 ,and CVE-2016-0946 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the AcroForm plugin. A specially crafted PDF file can force Adobe Reader DC to read memory past the end of an allocated object. Adobe Acrobat and Reader are prone to multiple memory-corruption vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A security vulnerability exists in the AcroForm plug-in for several Adobe products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201601-0599",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.14 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30119 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20056 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30119 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20056 (windows/macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.14 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.13"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-013"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001040"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-238"
},
{
"db": "NVD",
"id": "CVE-2016-0938"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001040"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jaanus Kp Clarified Security",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-013"
}
],
"trust": 0.7
},
"cve": "CVE-2016-0938",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0938",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0938",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-88448",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2016-0938",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-0938",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-0938",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2016-0938",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-238",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-88448",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-013"
},
{
"db": "VULHUB",
"id": "VHN-88448"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001040"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-238"
},
{
"db": "NVD",
"id": "CVE-2016-0938"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The AcroForm plugin in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946. This vulnerability CVE-2016-0931 , CVE-2016-0933 , CVE-2016-0936 , CVE-2016-0939 , CVE-2016-0942 , CVE-2016-0944 , CVE-2016-0945 ,and CVE-2016-0946 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the AcroForm plugin. A specially crafted PDF file can force Adobe Reader DC to read memory past the end of an allocated object. Adobe Acrobat and Reader are prone to multiple memory-corruption vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A security vulnerability exists in the AcroForm plug-in for several Adobe products",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0938"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001040"
},
{
"db": "ZDI",
"id": "ZDI-16-013"
},
{
"db": "BID",
"id": "80361"
},
{
"db": "VULHUB",
"id": "VHN-88448"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0938",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-16-013",
"trust": 2.7
},
{
"db": "SECTRACK",
"id": "1034646",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001040",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3265",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201601-238",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-014",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-015",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-009",
"trust": 0.3
},
{
"db": "BID",
"id": "80361",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-88448",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-013"
},
{
"db": "VULHUB",
"id": "VHN-88448"
},
{
"db": "BID",
"id": "80361"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001040"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-238"
},
{
"db": "NVD",
"id": "CVE-2016-0938"
}
]
},
"id": "VAR-201601-0599",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88448"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:32:58.223000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-02",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
},
{
"title": "APSB16-02",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb16-02.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160114.html"
},
{
"title": "Multiple Adobe Product Buffer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59585"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-013"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001040"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-238"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88448"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001040"
},
{
"db": "NVD",
"id": "CVE-2016-0938"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
},
{
"trust": 1.7,
"url": "http://zerodayinitiative.com/advisories/zdi-16-013"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1034646"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0938"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160113-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160003.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0938"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17575"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
},
{
"trust": 0.3,
"url": "https://helpx.adobe.com/security/products/reader/apsb16-02.html"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-009/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-013/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-014/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-015/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-013"
},
{
"db": "VULHUB",
"id": "VHN-88448"
},
{
"db": "BID",
"id": "80361"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001040"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-238"
},
{
"db": "NVD",
"id": "CVE-2016-0938"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-16-013"
},
{
"db": "VULHUB",
"id": "VHN-88448"
},
{
"db": "BID",
"id": "80361"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001040"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-238"
},
{
"db": "NVD",
"id": "CVE-2016-0938"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-12T00:00:00",
"db": "ZDI",
"id": "ZDI-16-013"
},
{
"date": "2016-01-14T00:00:00",
"db": "VULHUB",
"id": "VHN-88448"
},
{
"date": "2016-01-12T00:00:00",
"db": "BID",
"id": "80361"
},
{
"date": "2016-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001040"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-238"
},
{
"date": "2016-01-14T05:59:07.060000",
"db": "NVD",
"id": "CVE-2016-0938"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-12T00:00:00",
"db": "ZDI",
"id": "ZDI-16-013"
},
{
"date": "2016-12-07T00:00:00",
"db": "VULHUB",
"id": "VHN-88448"
},
{
"date": "2016-01-14T23:58:00",
"db": "BID",
"id": "80361"
},
{
"date": "2016-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001040"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-238"
},
{
"date": "2016-12-07T23:43:29.143000",
"db": "NVD",
"id": "CVE-2016-0938"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-238"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of AcroForm Vulnerability to execute arbitrary code in plug-in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001040"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-238"
}
],
"trust": 0.6
}
}
var-201505-0311
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, and CVE-2015-3073. This vulnerability CVE-2015-3060 , CVE-2015-3061 , CVE-2015-3062 , CVE-2015-3063 , CVE-2015-3064 , CVE-2015-3065 , CVE-2015-3066 , CVE-2015-3067 , CVE-2015-3068 , CVE-2015-3069 , CVE-2015-3071 , CVE-2015-3072 and CVE-2015-3073 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlBy the attacker, JavaScript API May limit the execution limit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within ScriptBridgeUtils. By creating a specially crafted PDF with specific JavaScript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Reader and Acrobat are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201505-0311",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-198"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002652"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-187"
},
{
"db": "NVD",
"id": "CVE-2015-3074"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002652"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lokihardt@ASRT",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-198"
}
],
"trust": 0.7
},
"cve": "CVE-2015-3074",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3074",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-3074",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-81035",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3074",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-3074",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-3074",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-187",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-81035",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-198"
},
{
"db": "VULHUB",
"id": "VHN-81035"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002652"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-187"
},
{
"db": "NVD",
"id": "CVE-2015-3074"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, and CVE-2015-3073. This vulnerability CVE-2015-3060 , CVE-2015-3061 , CVE-2015-3062 , CVE-2015-3063 , CVE-2015-3064 , CVE-2015-3065 , CVE-2015-3066 , CVE-2015-3067 , CVE-2015-3068 , CVE-2015-3069 , CVE-2015-3071 , CVE-2015-3072 and CVE-2015-3073 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlBy the attacker, JavaScript API May limit the execution limit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within ScriptBridgeUtils. By creating a specially crafted PDF with specific JavaScript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Reader and Acrobat are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002652"
},
{
"db": "ZDI",
"id": "ZDI-15-198"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "VULHUB",
"id": "VHN-81035"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3074",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-198",
"trust": 1.8
},
{
"db": "BID",
"id": "74604",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1032284",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002652",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2668",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201505-187",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-81035",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-198"
},
{
"db": "VULHUB",
"id": "VHN-81035"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002652"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-187"
},
{
"db": "NVD",
"id": "CVE-2015-3074"
}
]
},
"id": "VAR-201505-0311",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81035"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:34:06.789000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-10",
"trust": 1.5,
"url": "http://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb15-10.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150514.html"
},
{
"title": "AdbeRdrUpd10114",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55534"
},
{
"title": "AcrobatUpd10114",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55538"
},
{
"title": "AdbeRdrUpd11011",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55533"
},
{
"title": "AcrobatUpd11011",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55537"
},
{
"title": "AdbeRdrUpd10114",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55532"
},
{
"title": "AcrobatUpd10114",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55536"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-198"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002652"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-187"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-284",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81035"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002652"
},
{
"db": "NVD",
"id": "CVE-2015-3074"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/74604"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-198"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032284"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3074"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150513-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3074"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=16279"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-198"
},
{
"db": "VULHUB",
"id": "VHN-81035"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002652"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-187"
},
{
"db": "NVD",
"id": "CVE-2015-3074"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-198"
},
{
"db": "VULHUB",
"id": "VHN-81035"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002652"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-187"
},
{
"db": "NVD",
"id": "CVE-2015-3074"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-198"
},
{
"date": "2015-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-81035"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74604"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002652"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-187"
},
{
"date": "2015-05-13T11:00:08.047000",
"db": "NVD",
"id": "CVE-2015-3074"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-198"
},
{
"date": "2017-01-05T00:00:00",
"db": "VULHUB",
"id": "VHN-81035"
},
{
"date": "2015-05-15T01:17:00",
"db": "BID",
"id": "74604"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002652"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-187"
},
{
"date": "2017-01-05T20:04:10.700000",
"db": "NVD",
"id": "CVE-2015-3074"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-187"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat In JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002652"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "74604"
}
],
"trust": 0.3
}
}
var-201309-0152
Vulnerability from variot
Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3354 and CVE-2013-3355. Adobe Acrobat and Reader are prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Note: This issue is previously discussed in BID 62293 (Adobe Acrobat and Reader APSB13-22 Multiple Remote Code Execution Vulnerabilities), but has been moved to its own record for better documentation. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201309-0152",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.04)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.8)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.04)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.8)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "x10.1.8"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "x10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "x11.0.3"
},
{
"model": "reader xi",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat xi",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
}
],
"sources": [
{
"db": "BID",
"id": "62431"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004077"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-147"
},
{
"db": "NVD",
"id": "CVE-2013-3352"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004077"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mateusz Jurczyk and Gynvael Coldwind of the Google Security Team",
"sources": [
{
"db": "BID",
"id": "62431"
}
],
"trust": 0.3
},
"cve": "CVE-2013-3352",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2013-3352",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-63354",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-3352",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2013-3352",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201309-147",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-63354",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63354"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004077"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-147"
},
{
"db": "NVD",
"id": "CVE-2013-3352"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3354 and CVE-2013-3355. Adobe Acrobat and Reader are prone to a memory-corruption vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. \nNote: This issue is previously discussed in BID 62293 (Adobe Acrobat and Reader APSB13-22 Multiple Remote Code Execution Vulnerabilities), but has been moved to its own record for better documentation. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3352"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004077"
},
{
"db": "BID",
"id": "62431"
},
{
"db": "VULHUB",
"id": "VHN-63354"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-3352",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004077",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201309-147",
"trust": 0.7
},
{
"db": "BID",
"id": "62431",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-63354",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63354"
},
{
"db": "BID",
"id": "62431"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004077"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-147"
},
{
"db": "NVD",
"id": "CVE-2013-3352"
}
]
},
"id": "VAR-201309-0152",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-63354"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T14:28:01.879000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB13-22",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-22.html"
},
{
"title": "APSB13-22 (cq09051858)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/acrobat/kb/cq09051858.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20130912.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004077"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63354"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004077"
},
{
"db": "NVD",
"id": "CVE-2013-3352"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-22.html"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a18590"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3352"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20130911-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2013/at130039.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3352"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=12255"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63354"
},
{
"db": "BID",
"id": "62431"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004077"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-147"
},
{
"db": "NVD",
"id": "CVE-2013-3352"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-63354"
},
{
"db": "BID",
"id": "62431"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004077"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-147"
},
{
"db": "NVD",
"id": "CVE-2013-3352"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-09-12T00:00:00",
"db": "VULHUB",
"id": "VHN-63354"
},
{
"date": "2013-09-10T00:00:00",
"db": "BID",
"id": "62431"
},
{
"date": "2013-09-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004077"
},
{
"date": "2013-09-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201309-147"
},
{
"date": "2013-09-12T13:28:24.480000",
"db": "NVD",
"id": "CVE-2013-3352"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-63354"
},
{
"date": "2013-09-10T00:00:00",
"db": "BID",
"id": "62431"
},
{
"date": "2013-09-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004077"
},
{
"date": "2013-09-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201309-147"
},
{
"date": "2017-09-19T01:36:40.407000",
"db": "NVD",
"id": "CVE-2013-3352"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201309-147"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004077"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201309-147"
}
],
"trust": 0.6
}
}
var-201412-0507
Vulnerability from variot
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8455 and CVE-2014-9165. This vulnerability CVE-2014-8455 and CVE-2014-9165 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. Adobe Reader and Acrobat are prone to a remote code-execution vulnerability. Failed exploit attempts likely result in denial-of-service conditions. The affected products are: Adobe Reader 11.x versions prior to 11.0.10 Adobe Reader 10.x versions prior to 10.1.13 Adobe Acrobat 11.x versions prior to 11.0.10 Adobe Acrobat 10.x versions prior to 10.1.13. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201412-0507",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.01"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.02"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.06"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.03"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.07"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.04"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.13)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.13)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.10)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.10)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "71562"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005929"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-229"
},
{
"db": "NVD",
"id": "CVE-2014-8454"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005929"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Corbin Souffrant, Armin Buescher and Dan Caselden of FireEye.",
"sources": [
{
"db": "BID",
"id": "71562"
}
],
"trust": 0.3
},
"cve": "CVE-2014-8454",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-8454",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-76399",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-8454",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-8454",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201412-229",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-76399",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76399"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005929"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-229"
},
{
"db": "NVD",
"id": "CVE-2014-8454"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8455 and CVE-2014-9165. This vulnerability CVE-2014-8455 and CVE-2014-9165 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. Adobe Reader and Acrobat are prone to a remote code-execution vulnerability. Failed exploit attempts likely result in denial-of-service conditions. \nThe affected products are:\nAdobe Reader 11.x versions prior to 11.0.10\nAdobe Reader 10.x versions prior to 10.1.13\nAdobe Acrobat 11.x versions prior to 11.0.10\nAdobe Acrobat 10.x versions prior to 10.1.13. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8454"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005929"
},
{
"db": "BID",
"id": "71562"
},
{
"db": "VULHUB",
"id": "VHN-76399"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-8454",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005929",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201412-229",
"trust": 0.7
},
{
"db": "BID",
"id": "71562",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-76399",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76399"
},
{
"db": "BID",
"id": "71562"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005929"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-229"
},
{
"db": "NVD",
"id": "CVE-2014-8454"
}
]
},
"id": "VAR-201412-0507",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-76399"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T14:46:38.619000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb14-28.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005929"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005929"
},
{
"db": "NVD",
"id": "CVE-2014-8454"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8454"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20141210-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140053.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8454"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=15071"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/reader/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76399"
},
{
"db": "BID",
"id": "71562"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005929"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-229"
},
{
"db": "NVD",
"id": "CVE-2014-8454"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-76399"
},
{
"db": "BID",
"id": "71562"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005929"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-229"
},
{
"db": "NVD",
"id": "CVE-2014-8454"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-10T00:00:00",
"db": "VULHUB",
"id": "VHN-76399"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71562"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005929"
},
{
"date": "2014-12-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-229"
},
{
"date": "2014-12-10T21:59:25.413000",
"db": "NVD",
"id": "CVE-2014-8454"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-76399"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71562"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005929"
},
{
"date": "2014-12-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-229"
},
{
"date": "2014-12-12T01:31:45.283000",
"db": "NVD",
"id": "CVE-2014-8454"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-229"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005929"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "71562"
}
],
"trust": 0.3
}
}
var-201102-0066
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a font. Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Adobe Reader and Acrobat versions prior to 9.4.2 and 10.0.1 are affected.
For more information: SA43207
SOLUTION: Updated packages are available via Red Hat Network. ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA43207
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43207/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
RELEASE DATE: 2011-02-09
DISCUSS ADVISORY: http://secunia.com/advisories/43207/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43207/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader / Acrobat, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks and compromise a user's system.
2) An unspecified error can be exploited to corrupt memory.
3) An unspecified error related to file permissions in Windows-based versions can be exploited to gain escalated privileges.
4) An unspecified error may allow code execution.
5) An unspecified error when parsing images can be exploited to corrupt memory.
6) An error in AcroRd32.dll when parsing certain images can be exploited to corrupt memory.
7) An unspecified error in the Macintosh-based versions may allow code execution.
9) An unspecified error may allow code execution.
10) A input validation error may allow code execution.
11) An input validation error can be exploited to conduct cross-site scripting attacks.
13) An unspecified error can be exploited to corrupt memory.
14) A boundary error when decoding U3D image data in an IFF file can be exploited to cause a buffer overflow.
15) A boundary error when decoding U3D image data in a RGBA file can be exploited to cause a buffer overflow.
16) A boundary error when decoding U3D image data in a BMP file can be exploited to cause a buffer overflow.
17) A boundary error when decoding U3D image data in a PSD file can be exploited to cause a buffer overflow.
18) An input validation error when parsing fonts may allow code execution.
19) A boundary error when decoding U3D image data in a FLI file can be exploited to cause a buffer overflow.
20) An error in 2d.dll when parsing height and width values of RLE_8 compressed BMP files can be exploited to cause a heap-based buffer overflow.
21) An integer overflow in ACE.dll when parsing certain ICC data can be exploited to cause a buffer overflow.
22) A boundary error in rt3d.dll when parsing bits per pixel and number of colors if 4/8-bit RLE compressed BMP files can be exploited to cause a heap-based buffer overflow.
23) An error in the U3D implementation when handling the Parent Node count can be exploited to cause a buffer overflow.
24) A boundary error when processing JPEG files embedded in a PDF file can be exploited to corrupt heap memory.
25) An unspecified error when parsing images may allow code execution.
26) An input validation error can be exploited to conduct cross-site scripting attacks.
27) An unspecified error in the Macintosh-based versions may allow code execution.
28) A boundary error in rt3d.dll when parsing certain files can be exploited to cause a stack-based buffer overflow.
29) An integer overflow in the U3D implementation when parsing a ILBM texture file can be exploited to cause a buffer overflow.
30) Some vulnerabilities are caused due to vulnerabilities in the bundled version of Adobe Flash Player.
For more information: SA43267
The vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1 and prior, and 10.0 and prior.
SOLUTION: Update to version 8.2.6, 9.4.2, or 10.0.1.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: 2) Bing Liu, Fortinet's FortiGuard Labs. 6) Abdullah Ada via ZDI. 8) Haifei Li, Fortinet's FortiGuard Labs. 14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. 21) Sebastian Apelt via ZDI. 23) el via ZDI. 14) Sean Larsson, iDefense Labs. 28) An anonymous person via ZDI.
The vendor also credits: 1) Mitja Kolsek, ACROS Security. 3) Matthew Pun. 4, 5, 18) Tavis Ormandy, Google Security Team. 7) James Quirk. 9) Brett Gervasoni, Sense of Security. 10) Joe Schatz. 11, 26) Billy Rios, Google Security Team. 12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. 13) CESG. 25) Will Dormann, CERT. 27) Marc Schoenefeld, Red Hat Security Response Team.
ORIGINAL ADVISORY: Adobe (APSB11-03) http://www.adobe.com/support/security/bulletins/apsb11-03.html http://www.adobe.com/support/security/bulletins/apsb11-02.html
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-065/ http://www.zerodayinitiative.com/advisories/ZDI-11-066/ http://www.zerodayinitiative.com/advisories/ZDI-11-067/ http://www.zerodayinitiative.com/advisories/ZDI-11-068/ http://www.zerodayinitiative.com/advisories/ZDI-11-069/ http://www.zerodayinitiative.com/advisories/ZDI-11-070/ http://www.zerodayinitiative.com/advisories/ZDI-11-071/ http://www.zerodayinitiative.com/advisories/ZDI-11-072/ http://www.zerodayinitiative.com/advisories/ZDI-11-073/ http://www.zerodayinitiative.com/advisories/ZDI-11-074/ http://www.zerodayinitiative.com/advisories/ZDI-11-075/ http://www.zerodayinitiative.com/advisories/ZDI-11-077/
FortiGuard Labs: http://www.fortiguard.com/advisory/FGA-2011-06.html
iDefense: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201201-19
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: January 30, 2012 Bugs: #354211, #382969, #393481 ID: 201201-19
Synopsis
Multiple vulnerabilities in Adobe Reader might allow remote attackers to execute arbitrary code or conduct various other attacks.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.4.7 >= 9.4.7=20
Description
Multiple vulnerabilities have been discovered in Adobe Reader. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open a specially crafted PDF file using Adobe Reader, possibly resulting in the remote execution of arbitrary code, a Denial of Service, or other impact.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.7"
References
[ 1 ] CVE-2010-4091 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091 [ 2 ] CVE-2011-0562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562 [ 3 ] CVE-2011-0563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563 [ 4 ] CVE-2011-0565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565 [ 5 ] CVE-2011-0566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566 [ 6 ] CVE-2011-0567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567 [ 7 ] CVE-2011-0570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570 [ 8 ] CVE-2011-0585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585 [ 9 ] CVE-2011-0586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586 [ 10 ] CVE-2011-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587 [ 11 ] CVE-2011-0588 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588 [ 12 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 13 ] CVE-2011-0590 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590 [ 14 ] CVE-2011-0591 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591 [ 15 ] CVE-2011-0592 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592 [ 16 ] CVE-2011-0593 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593 [ 17 ] CVE-2011-0594 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594 [ 18 ] CVE-2011-0595 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595 [ 19 ] CVE-2011-0596 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596 [ 20 ] CVE-2011-0598 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598 [ 21 ] CVE-2011-0599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599 [ 22 ] CVE-2011-0600 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600 [ 23 ] CVE-2011-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602 [ 24 ] CVE-2011-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603 [ 25 ] CVE-2011-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604 [ 26 ] CVE-2011-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605 [ 27 ] CVE-2011-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606 [ 28 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 29 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 30 ] CVE-2011-2135 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 31 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 32 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 33 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 34 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 35 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 36 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 37 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 38 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 39 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 40 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 41 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 42 ] CVE-2011-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431 [ 43 ] CVE-2011-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432 [ 44 ] CVE-2011-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433 [ 45 ] CVE-2011-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434 [ 46 ] CVE-2011-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435 [ 47 ] CVE-2011-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436 [ 48 ] CVE-2011-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437 [ 49 ] CVE-2011-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438 [ 50 ] CVE-2011-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439 [ 51 ] CVE-2011-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440 [ 52 ] CVE-2011-2441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441 [ 53 ] CVE-2011-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442 [ 54 ] CVE-2011-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462 [ 55 ] CVE-2011-4369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201201-19.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0066",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat professional extended",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
}
],
"sources": [
{
"db": "BID",
"id": "46216"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001206"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-141"
},
{
"db": "NVD",
"id": "CVE-2011-0594"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_server_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_workstation_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001206"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tavis Ormandy of the Google Security Team",
"sources": [
{
"db": "BID",
"id": "46216"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-141"
}
],
"trust": 0.9
},
"cve": "CVE-2011-0594",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2011-0594",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-48539",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-0594",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-0594",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-141",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-48539",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48539"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001206"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-141"
},
{
"db": "NVD",
"id": "CVE-2011-0594"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a font. Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. \nAdobe Reader and Acrobat versions prior to 9.4.2 and 10.0.1 are affected. \n\nFor more information:\nSA43207\n\nSOLUTION:\nUpdated packages are available via Red Hat Network. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA43207\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43207/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nRELEASE DATE:\n2011-02-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43207/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43207/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader /\nAcrobat, which can be exploited by malicious, local users to gain\nescalated privileges and by malicious people to conduct cross-site\nscripting attacks and compromise a user\u0027s system. \n\n2) An unspecified error can be exploited to corrupt memory. \n\n3) An unspecified error related to file permissions in Windows-based\nversions can be exploited to gain escalated privileges. \n\n4) An unspecified error may allow code execution. \n\n5) An unspecified error when parsing images can be exploited to\ncorrupt memory. \n\n6) An error in AcroRd32.dll when parsing certain images can be\nexploited to corrupt memory. \n\n7) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n9) An unspecified error may allow code execution. \n\n10) A input validation error may allow code execution. \n\n11) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n13) An unspecified error can be exploited to corrupt memory. \n\n14) A boundary error when decoding U3D image data in an IFF file can\nbe exploited to cause a buffer overflow. \n\n15) A boundary error when decoding U3D image data in a RGBA file can\nbe exploited to cause a buffer overflow. \n\n16) A boundary error when decoding U3D image data in a BMP file can\nbe exploited to cause a buffer overflow. \n\n17) A boundary error when decoding U3D image data in a PSD file can\nbe exploited to cause a buffer overflow. \n\n18) An input validation error when parsing fonts may allow code\nexecution. \n\n19) A boundary error when decoding U3D image data in a FLI file can\nbe exploited to cause a buffer overflow. \n\n20) An error in 2d.dll when parsing height and width values of RLE_8\ncompressed BMP files can be exploited to cause a heap-based buffer\noverflow. \n\n21) An integer overflow in ACE.dll when parsing certain ICC data can\nbe exploited to cause a buffer overflow. \n\n22) A boundary error in rt3d.dll when parsing bits per pixel and\nnumber of colors if 4/8-bit RLE compressed BMP files can be exploited\nto cause a heap-based buffer overflow. \n\n23) An error in the U3D implementation when handling the Parent Node\ncount can be exploited to cause a buffer overflow. \n\n24) A boundary error when processing JPEG files embedded in a PDF\nfile can be exploited to corrupt heap memory. \n\n25) An unspecified error when parsing images may allow code\nexecution. \n\n26) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n27) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n28) A boundary error in rt3d.dll when parsing certain files can be\nexploited to cause a stack-based buffer overflow. \n\n29) An integer overflow in the U3D implementation when parsing a ILBM\ntexture file can be exploited to cause a buffer overflow. \n\n30) Some vulnerabilities are caused due to vulnerabilities in the\nbundled version of Adobe Flash Player. \n\nFor more information:\nSA43267\n\nThe vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1\nand prior, and 10.0 and prior. \n\nSOLUTION:\nUpdate to version 8.2.6, 9.4.2, or 10.0.1. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\n2) Bing Liu, Fortinet\u0027s FortiGuard Labs. \n6) Abdullah Ada via ZDI. \n8) Haifei Li, Fortinet\u0027s FortiGuard Labs. \n14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. \n21) Sebastian Apelt via ZDI. \n23) el via ZDI. \n14) Sean Larsson, iDefense Labs. \n28) An anonymous person via ZDI. \n\nThe vendor also credits:\n1) Mitja Kolsek, ACROS Security. \n3) Matthew Pun. \n4, 5, 18) Tavis Ormandy, Google Security Team. \n7) James Quirk. \n9) Brett Gervasoni, Sense of Security. \n10) Joe Schatz. \n11, 26) Billy Rios, Google Security Team. \n12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. \n13) CESG. \n25) Will Dormann, CERT. \n27) Marc Schoenefeld, Red Hat Security Response Team. \n\nORIGINAL ADVISORY:\nAdobe (APSB11-03)\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-02.html\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-065/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-066/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-067/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-068/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-069/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-070/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-071/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-072/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-073/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-074/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-075/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-077/\n\nFortiGuard Labs:\nhttp://www.fortiguard.com/advisory/FGA-2011-06.html\n\niDefense:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201201-19\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: January 30, 2012\n Bugs: #354211, #382969, #393481\n ID: 201201-19\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might allow remote attackers\nto execute arbitrary code or conduct various other attacks. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/acroread \u003c 9.4.7 \u003e= 9.4.7=20\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Adobe Reader. Please\nreview the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could entice a user to open a specially crafted PDF\nfile using Adobe Reader, possibly resulting in the remote execution of\narbitrary code, a Denial of Service, or other impact. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.4.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-4091\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091\n[ 2 ] CVE-2011-0562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562\n[ 3 ] CVE-2011-0563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563\n[ 4 ] CVE-2011-0565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565\n[ 5 ] CVE-2011-0566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566\n[ 6 ] CVE-2011-0567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567\n[ 7 ] CVE-2011-0570\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570\n[ 8 ] CVE-2011-0585\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585\n[ 9 ] CVE-2011-0586\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586\n[ 10 ] CVE-2011-0587\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587\n[ 11 ] CVE-2011-0588\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588\n[ 12 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 13 ] CVE-2011-0590\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590\n[ 14 ] CVE-2011-0591\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591\n[ 15 ] CVE-2011-0592\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592\n[ 16 ] CVE-2011-0593\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593\n[ 17 ] CVE-2011-0594\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594\n[ 18 ] CVE-2011-0595\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595\n[ 19 ] CVE-2011-0596\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596\n[ 20 ] CVE-2011-0598\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598\n[ 21 ] CVE-2011-0599\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599\n[ 22 ] CVE-2011-0600\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600\n[ 23 ] CVE-2011-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602\n[ 24 ] CVE-2011-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603\n[ 25 ] CVE-2011-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604\n[ 26 ] CVE-2011-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605\n[ 27 ] CVE-2011-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606\n[ 28 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 29 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 30 ] CVE-2011-2135\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 31 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 32 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 33 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 34 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 35 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 36 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 37 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 38 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 39 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 40 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 41 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 42 ] CVE-2011-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431\n[ 43 ] CVE-2011-2432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432\n[ 44 ] CVE-2011-2433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433\n[ 45 ] CVE-2011-2434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434\n[ 46 ] CVE-2011-2435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435\n[ 47 ] CVE-2011-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436\n[ 48 ] CVE-2011-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437\n[ 49 ] CVE-2011-2438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438\n[ 50 ] CVE-2011-2439\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439\n[ 51 ] CVE-2011-2440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440\n[ 52 ] CVE-2011-2441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441\n[ 53 ] CVE-2011-2442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442\n[ 54 ] CVE-2011-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462\n[ 55 ] CVE-2011-4369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201201-19.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0594"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001206"
},
{
"db": "BID",
"id": "46216"
},
{
"db": "VULHUB",
"id": "VHN-48539"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-0594",
"trust": 2.9
},
{
"db": "BID",
"id": "46216",
"trust": 2.2
},
{
"db": "VUPEN",
"id": "ADV-2011-0337",
"trust": 1.9
},
{
"db": "SECTRACK",
"id": "1025033",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "43470",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2011-0492",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "43207",
"trust": 1.0
},
{
"db": "XF",
"id": "65299",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001206",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201102-141",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-48539",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99246",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-074",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-071",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-070",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-066",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-067",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-077",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-073",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-072",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-065",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-068",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-075",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-069",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98320",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109194",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48539"
},
{
"db": "BID",
"id": "46216"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001206"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-141"
},
{
"db": "NVD",
"id": "CVE-2011-0594"
}
]
},
"id": "VAR-201102-0066",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48539"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:46:46.075000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-03",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"title": "cpsid_89065",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/890/cpsid_89065.html"
},
{
"title": "RHSA-2011:0301",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2011-0301.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001206"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48539"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001206"
},
{
"db": "NVD",
"id": "CVE-2011-0594"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/46216"
},
{
"trust": 1.9,
"url": "http://www.securitytracker.com/id?1025033"
},
{
"trust": 1.9,
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12444"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2011-0301.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/43470"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2011/0492"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65299"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0594"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/65299"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2011/at110004.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0594"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/43207"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/vim/section_179/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/#comments"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-0301.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43470"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-066/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-068/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/#comments"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-065/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-072/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-073/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-069/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-075/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-070/"
},
{
"trust": 0.1,
"url": "http://www.fortiguard.com/advisory/fga-2011-06.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-077/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-067/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-071/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-074/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48539"
},
{
"db": "BID",
"id": "46216"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001206"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-141"
},
{
"db": "NVD",
"id": "CVE-2011-0594"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-48539"
},
{
"db": "BID",
"id": "46216"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001206"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-141"
},
{
"db": "NVD",
"id": "CVE-2011-0594"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-48539"
},
{
"date": "2011-02-08T00:00:00",
"db": "BID",
"id": "46216"
},
{
"date": "2011-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001206"
},
{
"date": "2011-03-14T11:37:12",
"db": "PACKETSTORM",
"id": "99246"
},
{
"date": "2011-02-09T03:30:01",
"db": "PACKETSTORM",
"id": "98320"
},
{
"date": "2012-01-31T00:07:37",
"db": "PACKETSTORM",
"id": "109194"
},
{
"date": "2011-02-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-141"
},
{
"date": "2011-02-10T18:00:58.583000",
"db": "NVD",
"id": "CVE-2011-0594"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-48539"
},
{
"date": "2015-03-19T08:46:00",
"db": "BID",
"id": "46216"
},
{
"date": "2011-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001206"
},
{
"date": "2011-02-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-141"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2011-0594"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-141"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001206"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-141"
}
],
"trust": 0.6
}
}
var-201505-0292
Vulnerability from variot
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3053, CVE-2015-3054, CVE-2015-3055, and CVE-2015-3075. This vulnerability CVE-2015-3053 , CVE-2015-3054 , CVE-2015-3055 ,and CVE-2015-3075 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of Text Annotations. A specially crafted Text Annotation can force a dangling pointer to be reused after it has been freed. Failed exploit attempts will likely result in denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201505-0292",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-212"
},
{
"db": "BID",
"id": "74602"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002637"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-172"
},
{
"db": "NVD",
"id": "CVE-2015-3059"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002637"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "bilou",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-212"
}
],
"trust": 0.7
},
"cve": "CVE-2015-3059",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3059",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-3059",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-81020",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3059",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-3059",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-3059",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-172",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-81020",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-212"
},
{
"db": "VULHUB",
"id": "VHN-81020"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002637"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-172"
},
{
"db": "NVD",
"id": "CVE-2015-3059"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3053, CVE-2015-3054, CVE-2015-3055, and CVE-2015-3075. This vulnerability CVE-2015-3053 , CVE-2015-3054 , CVE-2015-3055 ,and CVE-2015-3075 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of Text Annotations. A specially crafted Text Annotation can force a dangling pointer to be reused after it has been freed. Failed exploit attempts will likely result in denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3059"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002637"
},
{
"db": "ZDI",
"id": "ZDI-15-212"
},
{
"db": "BID",
"id": "74602"
},
{
"db": "VULHUB",
"id": "VHN-81020"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3059",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-212",
"trust": 1.8
},
{
"db": "BID",
"id": "74602",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1032284",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002637",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2715",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201505-172",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-81020",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-212"
},
{
"db": "VULHUB",
"id": "VHN-81020"
},
{
"db": "BID",
"id": "74602"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002637"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-172"
},
{
"db": "NVD",
"id": "CVE-2015-3059"
}
]
},
"id": "VAR-201505-0292",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81020"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:34:03.352000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-10",
"trust": 1.5,
"url": "http://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb15-10.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150514.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-212"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002637"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81020"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002637"
},
{
"db": "NVD",
"id": "CVE-2015-3059"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/74602"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-212"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032284"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3059"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150513-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3059"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=16279"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-212"
},
{
"db": "VULHUB",
"id": "VHN-81020"
},
{
"db": "BID",
"id": "74602"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002637"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-172"
},
{
"db": "NVD",
"id": "CVE-2015-3059"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-212"
},
{
"db": "VULHUB",
"id": "VHN-81020"
},
{
"db": "BID",
"id": "74602"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002637"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-172"
},
{
"db": "NVD",
"id": "CVE-2015-3059"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-212"
},
{
"date": "2015-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-81020"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74602"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002637"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-172"
},
{
"date": "2015-05-13T10:59:54.590000",
"db": "NVD",
"id": "CVE-2015-3059"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-212"
},
{
"date": "2017-01-05T00:00:00",
"db": "VULHUB",
"id": "VHN-81020"
},
{
"date": "2015-05-15T00:10:00",
"db": "BID",
"id": "74602"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002637"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-172"
},
{
"date": "2017-01-05T20:09:25.163000",
"db": "NVD",
"id": "CVE-2015-3059"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-172"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002637"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "74602"
}
],
"trust": 0.3
}
}
var-201102-0022
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image, a different vulnerability than CVE-2011-0567 and CVE-2011-0603. Adobe Reader and Acrobat Any code that could be executed or service disruption (DoS) There is a vulnerability that becomes a condition. This vulnerability CVE-2011-0567 and CVE-2011-0603 Is a different vulnerability.Arbitrary code execution or service disruption via a crafted image by a third party (DoS) There is a possibility of being put into a state. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Adobe Reader and Acrobat versions prior to 9.4.2 and 10.0.1 are affected.
For more information: SA43207
SOLUTION: Updated packages are available via Red Hat Network. ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA43207
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43207/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
RELEASE DATE: 2011-02-09
DISCUSS ADVISORY: http://secunia.com/advisories/43207/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43207/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader / Acrobat, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks and compromise a user's system.
2) An unspecified error can be exploited to corrupt memory.
3) An unspecified error related to file permissions in Windows-based versions can be exploited to gain escalated privileges.
4) An unspecified error may allow code execution.
5) An unspecified error when parsing images can be exploited to corrupt memory.
6) An error in AcroRd32.dll when parsing certain images can be exploited to corrupt memory.
7) An unspecified error in the Macintosh-based versions may allow code execution.
9) An unspecified error may allow code execution.
10) A input validation error may allow code execution.
11) An input validation error can be exploited to conduct cross-site scripting attacks.
13) An unspecified error can be exploited to corrupt memory.
14) A boundary error when decoding U3D image data in an IFF file can be exploited to cause a buffer overflow.
15) A boundary error when decoding U3D image data in a RGBA file can be exploited to cause a buffer overflow.
16) A boundary error when decoding U3D image data in a BMP file can be exploited to cause a buffer overflow.
17) A boundary error when decoding U3D image data in a PSD file can be exploited to cause a buffer overflow.
18) An input validation error when parsing fonts may allow code execution.
19) A boundary error when decoding U3D image data in a FLI file can be exploited to cause a buffer overflow.
20) An error in 2d.dll when parsing height and width values of RLE_8 compressed BMP files can be exploited to cause a heap-based buffer overflow.
21) An integer overflow in ACE.dll when parsing certain ICC data can be exploited to cause a buffer overflow.
22) A boundary error in rt3d.dll when parsing bits per pixel and number of colors if 4/8-bit RLE compressed BMP files can be exploited to cause a heap-based buffer overflow.
23) An error in the U3D implementation when handling the Parent Node count can be exploited to cause a buffer overflow.
24) A boundary error when processing JPEG files embedded in a PDF file can be exploited to corrupt heap memory.
25) An unspecified error when parsing images may allow code execution.
26) An input validation error can be exploited to conduct cross-site scripting attacks.
27) An unspecified error in the Macintosh-based versions may allow code execution.
28) A boundary error in rt3d.dll when parsing certain files can be exploited to cause a stack-based buffer overflow.
29) An integer overflow in the U3D implementation when parsing a ILBM texture file can be exploited to cause a buffer overflow.
30) Some vulnerabilities are caused due to vulnerabilities in the bundled version of Adobe Flash Player.
For more information: SA43267
The vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1 and prior, and 10.0 and prior.
SOLUTION: Update to version 8.2.6, 9.4.2, or 10.0.1.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: 2) Bing Liu, Fortinet's FortiGuard Labs. 6) Abdullah Ada via ZDI. 8) Haifei Li, Fortinet's FortiGuard Labs. 14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. 21) Sebastian Apelt via ZDI. 23) el via ZDI. 14) Sean Larsson, iDefense Labs. 28) An anonymous person via ZDI.
The vendor also credits: 1) Mitja Kolsek, ACROS Security. 3) Matthew Pun. 4, 5, 18) Tavis Ormandy, Google Security Team. 7) James Quirk. 9) Brett Gervasoni, Sense of Security. 10) Joe Schatz. 11, 26) Billy Rios, Google Security Team. 12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. 13) CESG. 25) Will Dormann, CERT. 27) Marc Schoenefeld, Red Hat Security Response Team.
ORIGINAL ADVISORY: Adobe (APSB11-03) http://www.adobe.com/support/security/bulletins/apsb11-03.html http://www.adobe.com/support/security/bulletins/apsb11-02.html
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-065/ http://www.zerodayinitiative.com/advisories/ZDI-11-066/ http://www.zerodayinitiative.com/advisories/ZDI-11-067/ http://www.zerodayinitiative.com/advisories/ZDI-11-068/ http://www.zerodayinitiative.com/advisories/ZDI-11-069/ http://www.zerodayinitiative.com/advisories/ZDI-11-070/ http://www.zerodayinitiative.com/advisories/ZDI-11-071/ http://www.zerodayinitiative.com/advisories/ZDI-11-072/ http://www.zerodayinitiative.com/advisories/ZDI-11-073/ http://www.zerodayinitiative.com/advisories/ZDI-11-074/ http://www.zerodayinitiative.com/advisories/ZDI-11-075/ http://www.zerodayinitiative.com/advisories/ZDI-11-077/
FortiGuard Labs: http://www.fortiguard.com/advisory/FGA-2011-06.html
iDefense: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201201-19
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: January 30, 2012 Bugs: #354211, #382969, #393481 ID: 201201-19
Synopsis
Multiple vulnerabilities in Adobe Reader might allow remote attackers to execute arbitrary code or conduct various other attacks.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.4.7 >= 9.4.7=20
Description
Multiple vulnerabilities have been discovered in Adobe Reader. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.7"
References
[ 1 ] CVE-2010-4091 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091 [ 2 ] CVE-2011-0562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562 [ 3 ] CVE-2011-0563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563 [ 4 ] CVE-2011-0565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565 [ 5 ] CVE-2011-0566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566 [ 6 ] CVE-2011-0567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567 [ 7 ] CVE-2011-0570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570 [ 8 ] CVE-2011-0585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585 [ 9 ] CVE-2011-0586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586 [ 10 ] CVE-2011-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587 [ 11 ] CVE-2011-0588 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588 [ 12 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 13 ] CVE-2011-0590 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590 [ 14 ] CVE-2011-0591 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591 [ 15 ] CVE-2011-0592 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592 [ 16 ] CVE-2011-0593 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593 [ 17 ] CVE-2011-0594 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594 [ 18 ] CVE-2011-0595 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595 [ 19 ] CVE-2011-0596 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596 [ 20 ] CVE-2011-0598 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598 [ 21 ] CVE-2011-0599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599 [ 22 ] CVE-2011-0600 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600 [ 23 ] CVE-2011-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602 [ 24 ] CVE-2011-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603 [ 25 ] CVE-2011-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604 [ 26 ] CVE-2011-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605 [ 27 ] CVE-2011-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606 [ 28 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 29 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 30 ] CVE-2011-2135 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 31 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 32 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 33 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 34 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 35 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 36 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 37 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 38 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 39 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 40 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 41 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 42 ] CVE-2011-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431 [ 43 ] CVE-2011-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432 [ 44 ] CVE-2011-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433 [ 45 ] CVE-2011-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434 [ 46 ] CVE-2011-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435 [ 47 ] CVE-2011-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436 [ 48 ] CVE-2011-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437 [ 49 ] CVE-2011-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438 [ 50 ] CVE-2011-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439 [ 51 ] CVE-2011-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440 [ 52 ] CVE-2011-2441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441 [ 53 ] CVE-2011-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442 [ 54 ] CVE-2011-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462 [ 55 ] CVE-2011-4369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201201-19.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0022",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat professional extended",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
}
],
"sources": [
{
"db": "BID",
"id": "46198"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001193"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-154"
},
{
"db": "NVD",
"id": "CVE-2011-0566"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001193"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tavis Ormandy of the Google Security Team",
"sources": [
{
"db": "BID",
"id": "46198"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-154"
}
],
"trust": 0.9
},
"cve": "CVE-2011-0566",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2011-0566",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-48511",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-0566",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-0566",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-154",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-48511",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2011-0566",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48511"
},
{
"db": "VULMON",
"id": "CVE-2011-0566"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001193"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-154"
},
{
"db": "NVD",
"id": "CVE-2011-0566"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image, a different vulnerability than CVE-2011-0567 and CVE-2011-0603. Adobe Reader and Acrobat Any code that could be executed or service disruption (DoS) There is a vulnerability that becomes a condition. This vulnerability CVE-2011-0567 and CVE-2011-0603 Is a different vulnerability.Arbitrary code execution or service disruption via a crafted image by a third party (DoS) There is a possibility of being put into a state. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. \nAdobe Reader and Acrobat versions prior to 9.4.2 and 10.0.1 are affected. \n\nFor more information:\nSA43207\n\nSOLUTION:\nUpdated packages are available via Red Hat Network. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA43207\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43207/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nRELEASE DATE:\n2011-02-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43207/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43207/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader /\nAcrobat, which can be exploited by malicious, local users to gain\nescalated privileges and by malicious people to conduct cross-site\nscripting attacks and compromise a user\u0027s system. \n\n2) An unspecified error can be exploited to corrupt memory. \n\n3) An unspecified error related to file permissions in Windows-based\nversions can be exploited to gain escalated privileges. \n\n4) An unspecified error may allow code execution. \n\n5) An unspecified error when parsing images can be exploited to\ncorrupt memory. \n\n6) An error in AcroRd32.dll when parsing certain images can be\nexploited to corrupt memory. \n\n7) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n9) An unspecified error may allow code execution. \n\n10) A input validation error may allow code execution. \n\n11) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n13) An unspecified error can be exploited to corrupt memory. \n\n14) A boundary error when decoding U3D image data in an IFF file can\nbe exploited to cause a buffer overflow. \n\n15) A boundary error when decoding U3D image data in a RGBA file can\nbe exploited to cause a buffer overflow. \n\n16) A boundary error when decoding U3D image data in a BMP file can\nbe exploited to cause a buffer overflow. \n\n17) A boundary error when decoding U3D image data in a PSD file can\nbe exploited to cause a buffer overflow. \n\n18) An input validation error when parsing fonts may allow code\nexecution. \n\n19) A boundary error when decoding U3D image data in a FLI file can\nbe exploited to cause a buffer overflow. \n\n20) An error in 2d.dll when parsing height and width values of RLE_8\ncompressed BMP files can be exploited to cause a heap-based buffer\noverflow. \n\n21) An integer overflow in ACE.dll when parsing certain ICC data can\nbe exploited to cause a buffer overflow. \n\n22) A boundary error in rt3d.dll when parsing bits per pixel and\nnumber of colors if 4/8-bit RLE compressed BMP files can be exploited\nto cause a heap-based buffer overflow. \n\n23) An error in the U3D implementation when handling the Parent Node\ncount can be exploited to cause a buffer overflow. \n\n24) A boundary error when processing JPEG files embedded in a PDF\nfile can be exploited to corrupt heap memory. \n\n25) An unspecified error when parsing images may allow code\nexecution. \n\n26) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n27) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n28) A boundary error in rt3d.dll when parsing certain files can be\nexploited to cause a stack-based buffer overflow. \n\n29) An integer overflow in the U3D implementation when parsing a ILBM\ntexture file can be exploited to cause a buffer overflow. \n\n30) Some vulnerabilities are caused due to vulnerabilities in the\nbundled version of Adobe Flash Player. \n\nFor more information:\nSA43267\n\nThe vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1\nand prior, and 10.0 and prior. \n\nSOLUTION:\nUpdate to version 8.2.6, 9.4.2, or 10.0.1. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\n2) Bing Liu, Fortinet\u0027s FortiGuard Labs. \n6) Abdullah Ada via ZDI. \n8) Haifei Li, Fortinet\u0027s FortiGuard Labs. \n14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. \n21) Sebastian Apelt via ZDI. \n23) el via ZDI. \n14) Sean Larsson, iDefense Labs. \n28) An anonymous person via ZDI. \n\nThe vendor also credits:\n1) Mitja Kolsek, ACROS Security. \n3) Matthew Pun. \n4, 5, 18) Tavis Ormandy, Google Security Team. \n7) James Quirk. \n9) Brett Gervasoni, Sense of Security. \n10) Joe Schatz. \n11, 26) Billy Rios, Google Security Team. \n12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. \n13) CESG. \n25) Will Dormann, CERT. \n27) Marc Schoenefeld, Red Hat Security Response Team. \n\nORIGINAL ADVISORY:\nAdobe (APSB11-03)\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-02.html\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-065/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-066/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-067/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-068/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-069/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-070/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-071/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-072/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-073/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-074/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-075/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-077/\n\nFortiGuard Labs:\nhttp://www.fortiguard.com/advisory/FGA-2011-06.html\n\niDefense:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201201-19\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: January 30, 2012\n Bugs: #354211, #382969, #393481\n ID: 201201-19\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might allow remote attackers\nto execute arbitrary code or conduct various other attacks. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/acroread \u003c 9.4.7 \u003e= 9.4.7=20\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Adobe Reader. Please\nreview the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.4.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-4091\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091\n[ 2 ] CVE-2011-0562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562\n[ 3 ] CVE-2011-0563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563\n[ 4 ] CVE-2011-0565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565\n[ 5 ] CVE-2011-0566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566\n[ 6 ] CVE-2011-0567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567\n[ 7 ] CVE-2011-0570\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570\n[ 8 ] CVE-2011-0585\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585\n[ 9 ] CVE-2011-0586\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586\n[ 10 ] CVE-2011-0587\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587\n[ 11 ] CVE-2011-0588\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588\n[ 12 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 13 ] CVE-2011-0590\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590\n[ 14 ] CVE-2011-0591\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591\n[ 15 ] CVE-2011-0592\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592\n[ 16 ] CVE-2011-0593\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593\n[ 17 ] CVE-2011-0594\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594\n[ 18 ] CVE-2011-0595\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595\n[ 19 ] CVE-2011-0596\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596\n[ 20 ] CVE-2011-0598\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598\n[ 21 ] CVE-2011-0599\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599\n[ 22 ] CVE-2011-0600\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600\n[ 23 ] CVE-2011-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602\n[ 24 ] CVE-2011-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603\n[ 25 ] CVE-2011-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604\n[ 26 ] CVE-2011-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605\n[ 27 ] CVE-2011-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606\n[ 28 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 29 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 30 ] CVE-2011-2135\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 31 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 32 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 33 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 34 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 35 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 36 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 37 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 38 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 39 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 40 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 41 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 42 ] CVE-2011-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431\n[ 43 ] CVE-2011-2432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432\n[ 44 ] CVE-2011-2433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433\n[ 45 ] CVE-2011-2434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434\n[ 46 ] CVE-2011-2435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435\n[ 47 ] CVE-2011-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436\n[ 48 ] CVE-2011-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437\n[ 49 ] CVE-2011-2438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438\n[ 50 ] CVE-2011-2439\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439\n[ 51 ] CVE-2011-2440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440\n[ 52 ] CVE-2011-2441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441\n[ 53 ] CVE-2011-2442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442\n[ 54 ] CVE-2011-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462\n[ 55 ] CVE-2011-4369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201201-19.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0566"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001193"
},
{
"db": "BID",
"id": "46198"
},
{
"db": "VULHUB",
"id": "VHN-48511"
},
{
"db": "VULMON",
"id": "CVE-2011-0566"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-0566",
"trust": 3.0
},
{
"db": "BID",
"id": "46198",
"trust": 2.3
},
{
"db": "VUPEN",
"id": "ADV-2011-0337",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1025033",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "43470",
"trust": 1.3
},
{
"db": "VUPEN",
"id": "ADV-2011-0492",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "43207",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001193",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201102-154",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-48511",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2011-0566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99246",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-074",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-071",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-070",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-066",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-067",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-077",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-073",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-072",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-065",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-068",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-075",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-069",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98320",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109194",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48511"
},
{
"db": "VULMON",
"id": "CVE-2011-0566"
},
{
"db": "BID",
"id": "46198"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001193"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-154"
},
{
"db": "NVD",
"id": "CVE-2011-0566"
}
]
},
"id": "VAR-201102-0022",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48511"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:11:04.554000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-03",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"title": "cpsid_89065",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/890/cpsid_89065.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001193"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48511"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001193"
},
{
"db": "NVD",
"id": "CVE-2011-0566"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"trust": 2.1,
"url": "http://www.securityfocus.com/bid/46198"
},
{
"trust": 2.0,
"url": "http://www.securitytracker.com/id?1025033"
},
{
"trust": 2.0,
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12630"
},
{
"trust": 1.2,
"url": "http://www.redhat.com/support/errata/rhsa-2011-0301.html"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/43470"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2011/0492"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0566"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2011/at110004.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0566"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/43207"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/vim/section_179/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/#comments"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-0301.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43470"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-066/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-068/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/#comments"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-065/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-072/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-073/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-069/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-075/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-070/"
},
{
"trust": 0.1,
"url": "http://www.fortiguard.com/advisory/fga-2011-06.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-077/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-067/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-071/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-074/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48511"
},
{
"db": "VULMON",
"id": "CVE-2011-0566"
},
{
"db": "BID",
"id": "46198"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001193"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-154"
},
{
"db": "NVD",
"id": "CVE-2011-0566"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-48511"
},
{
"db": "VULMON",
"id": "CVE-2011-0566"
},
{
"db": "BID",
"id": "46198"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001193"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-154"
},
{
"db": "NVD",
"id": "CVE-2011-0566"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-48511"
},
{
"date": "2011-02-10T00:00:00",
"db": "VULMON",
"id": "CVE-2011-0566"
},
{
"date": "2011-02-08T00:00:00",
"db": "BID",
"id": "46198"
},
{
"date": "2011-03-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001193"
},
{
"date": "2011-03-14T11:37:12",
"db": "PACKETSTORM",
"id": "99246"
},
{
"date": "2011-02-09T03:30:01",
"db": "PACKETSTORM",
"id": "98320"
},
{
"date": "2012-01-31T00:07:37",
"db": "PACKETSTORM",
"id": "109194"
},
{
"date": "2011-02-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-154"
},
{
"date": "2011-02-10T18:00:58.037000",
"db": "NVD",
"id": "CVE-2011-0566"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-48511"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2011-0566"
},
{
"date": "2015-03-19T09:11:00",
"db": "BID",
"id": "46198"
},
{
"date": "2011-03-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001193"
},
{
"date": "2011-02-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-154"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2011-0566"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-154"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001193"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-154"
}
],
"trust": 0.6
}
}
var-201505-0301
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073, and CVE-2015-3074. This vulnerability CVE-2015-3060 , CVE-2015-3061 , CVE-2015-3062 , CVE-2015-3063 , CVE-2015-3064 , CVE-2015-3065 , CVE-2015-3066 , CVE-2015-3068 , CVE-2015-3069 , CVE-2015-3071 , CVE-2015-3072 , CVE-2015-3073 and CVE-2015-3074 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlBy the attacker, JavaScript API May limit the execution limit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the DynamicAnnotStore enumerate method. By creating a specially crafted PDF with specific JavaScript instructions, it is possible to bypass the JavaScript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Reader and Acrobat are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201505-0301",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-201"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002645"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-180"
},
{
"db": "NVD",
"id": "CVE-2015-3067"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002645"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-201"
}
],
"trust": 0.7
},
"cve": "CVE-2015-3067",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3067",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-3067",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-81028",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3067",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-3067",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-3067",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-180",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-81028",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-201"
},
{
"db": "VULHUB",
"id": "VHN-81028"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002645"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-180"
},
{
"db": "NVD",
"id": "CVE-2015-3067"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073, and CVE-2015-3074. This vulnerability CVE-2015-3060 , CVE-2015-3061 , CVE-2015-3062 , CVE-2015-3063 , CVE-2015-3064 , CVE-2015-3065 , CVE-2015-3066 , CVE-2015-3068 , CVE-2015-3069 , CVE-2015-3071 , CVE-2015-3072 , CVE-2015-3073 and CVE-2015-3074 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlBy the attacker, JavaScript API May limit the execution limit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the DynamicAnnotStore enumerate method. By creating a specially crafted PDF with specific JavaScript instructions, it is possible to bypass the JavaScript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Reader and Acrobat are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3067"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002645"
},
{
"db": "ZDI",
"id": "ZDI-15-201"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "VULHUB",
"id": "VHN-81028"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3067",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-201",
"trust": 1.8
},
{
"db": "BID",
"id": "74604",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1032284",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002645",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2691",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201505-180",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-81028",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-201"
},
{
"db": "VULHUB",
"id": "VHN-81028"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002645"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-180"
},
{
"db": "NVD",
"id": "CVE-2015-3067"
}
]
},
"id": "VAR-201505-0301",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81028"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:34:03.192000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-10",
"trust": 1.5,
"url": "http://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb15-10.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150514.html"
},
{
"title": "AdbeRdrUpd10114",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55534"
},
{
"title": "AcrobatUpd10114",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55538"
},
{
"title": "AdbeRdrUpd11011",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55533"
},
{
"title": "AcrobatUpd11011",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55537"
},
{
"title": "AdbeRdrUpd10114",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55532"
},
{
"title": "AcrobatUpd10114",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55536"
},
{
"title": "AdbeRdrUpd11011",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55535"
},
{
"title": "AcrobatUpd11011",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55539"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-201"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002645"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-180"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-284",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81028"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002645"
},
{
"db": "NVD",
"id": "CVE-2015-3067"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/74604"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-201"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032284"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3067"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150513-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3067"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=16279"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-201"
},
{
"db": "VULHUB",
"id": "VHN-81028"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002645"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-180"
},
{
"db": "NVD",
"id": "CVE-2015-3067"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-201"
},
{
"db": "VULHUB",
"id": "VHN-81028"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002645"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-180"
},
{
"db": "NVD",
"id": "CVE-2015-3067"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-201"
},
{
"date": "2015-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-81028"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74604"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002645"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-180"
},
{
"date": "2015-05-13T11:00:02.157000",
"db": "NVD",
"id": "CVE-2015-3067"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-201"
},
{
"date": "2017-01-05T00:00:00",
"db": "VULHUB",
"id": "VHN-81028"
},
{
"date": "2015-05-15T01:17:00",
"db": "BID",
"id": "74604"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002645"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-180"
},
{
"date": "2017-01-05T19:48:53.937000",
"db": "NVD",
"id": "CVE-2015-3067"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-180"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat In JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002645"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "74604"
}
],
"trust": 0.3
}
}
var-201309-0159
Vulnerability from variot
Integer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-3357. This vulnerability CVE-2013-3357 Is a different vulnerability.An attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the improper bounds checking of a U3D PCX external texture. The application performs insufficient bounds checking on user supplied data passed in which results in a heap buffer overflow. Adobe Acrobat and Reader are prone to a heap-based buffer-overflow vulnerability. Failed exploit attempts will likely cause a denial-of-service condition. Note: This issue was previously discussed in BID 62293 (Adobe Acrobat and Reader APSB13-22 Multiple Remote Code Execution Vulnerabilities), but has been moved to its own record for better documentation. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201309-0159",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 2.2,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 2.2,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 2.2,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.04)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.8)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.04)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.8)"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "x10.1.8"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "x10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "x11.0.3"
},
{
"model": "reader xi",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat xi",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-13-230"
},
{
"db": "BID",
"id": "62430"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004083"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-153"
},
{
"db": "NVD",
"id": "CVE-2013-3358"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004083"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "vulnazoid",
"sources": [
{
"db": "ZDI",
"id": "ZDI-13-230"
}
],
"trust": 0.7
},
"cve": "CVE-2013-3358",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2013-3358",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2013-3358",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-63360",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-3358",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2013-3358",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2013-3358",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201309-153",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-63360",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-13-230"
},
{
"db": "VULHUB",
"id": "VHN-63360"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004083"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-153"
},
{
"db": "NVD",
"id": "CVE-2013-3358"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Integer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-3357. This vulnerability CVE-2013-3357 Is a different vulnerability.An attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the improper bounds checking of a U3D PCX external texture. The application performs insufficient bounds checking on user supplied data passed in which results in a heap buffer overflow. Adobe Acrobat and Reader are prone to a heap-based buffer-overflow vulnerability. Failed exploit attempts will likely cause a denial-of-service condition. \nNote: This issue was previously discussed in BID 62293 (Adobe Acrobat and Reader APSB13-22 Multiple Remote Code Execution Vulnerabilities), but has been moved to its own record for better documentation. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3358"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004083"
},
{
"db": "ZDI",
"id": "ZDI-13-230"
},
{
"db": "BID",
"id": "62430"
},
{
"db": "VULHUB",
"id": "VHN-63360"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-3358",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-13-230",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004083",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-1931",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201309-153",
"trust": 0.7
},
{
"db": "BID",
"id": "62430",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-63360",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-13-230"
},
{
"db": "VULHUB",
"id": "VHN-63360"
},
{
"db": "BID",
"id": "62430"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004083"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-153"
},
{
"db": "NVD",
"id": "CVE-2013-3358"
}
]
},
"id": "VAR-201309-0159",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-63360"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T15:30:18.540000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB13-22",
"trust": 1.5,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-22.html"
},
{
"title": "APSB13-22 (cq09051858)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/acrobat/kb/cq09051858.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20130912.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-13-230"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004083"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-189",
"trust": 1.1
},
{
"problemtype": "CWE-94",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63360"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004083"
},
{
"db": "NVD",
"id": "CVE-2013-3358"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-22.html"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a18969"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3358"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20130911-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2013/at130039.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3358"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=12255"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-13-230/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-13-230"
},
{
"db": "VULHUB",
"id": "VHN-63360"
},
{
"db": "BID",
"id": "62430"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004083"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-153"
},
{
"db": "NVD",
"id": "CVE-2013-3358"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-13-230"
},
{
"db": "VULHUB",
"id": "VHN-63360"
},
{
"db": "BID",
"id": "62430"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004083"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-153"
},
{
"db": "NVD",
"id": "CVE-2013-3358"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-09-11T00:00:00",
"db": "ZDI",
"id": "ZDI-13-230"
},
{
"date": "2013-09-12T00:00:00",
"db": "VULHUB",
"id": "VHN-63360"
},
{
"date": "2013-09-10T00:00:00",
"db": "BID",
"id": "62430"
},
{
"date": "2013-09-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004083"
},
{
"date": "2013-09-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201309-153"
},
{
"date": "2013-09-12T13:28:24.547000",
"db": "NVD",
"id": "CVE-2013-3358"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-09-11T00:00:00",
"db": "ZDI",
"id": "ZDI-13-230"
},
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-63360"
},
{
"date": "2013-09-10T00:00:00",
"db": "BID",
"id": "62430"
},
{
"date": "2013-09-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004083"
},
{
"date": "2013-09-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201309-153"
},
{
"date": "2017-09-19T01:36:40.890000",
"db": "NVD",
"id": "CVE-2013-3358"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201309-153"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Integer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004083"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "digital error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201309-153"
}
],
"trust": 0.6
}
}
var-201601-0603
Vulnerability from variot
Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946. This vulnerability CVE-2016-0931 , CVE-2016-0933 , CVE-2016-0936 , CVE-2016-0938 , CVE-2016-0939 , CVE-2016-0944 , CVE-2016-0945 ,and CVE-2016-0946 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Adobe Acrobat and Reader are prone to multiple memory-corruption vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Security flaws exist in several Adobe products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201601-0603",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.14 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30119 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20056 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30119 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20056 (windows/macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.14 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.006.30097"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001044"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-242"
},
{
"db": "NVD",
"id": "CVE-2016-0942"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001044"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Brian Gorenc of HPE\u0027s Zero Day Initiative, Mahinthan Chandramohan, Wei Lei and Liu Yang working with iDefense\u0027s Vulnerability Contributor Program, Jaanus Kp of Clarified Security, working with HPE\u0027s Zero Day Initiative, Chris Navarrete of Fortinet\u0027s FortiG",
"sources": [
{
"db": "BID",
"id": "80361"
}
],
"trust": 0.3
},
"cve": "CVE-2016-0942",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2016-0942",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-88452",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2016-0942",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-0942",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2016-0942",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-242",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-88452",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88452"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001044"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-242"
},
{
"db": "NVD",
"id": "CVE-2016-0942"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946. This vulnerability CVE-2016-0931 , CVE-2016-0933 , CVE-2016-0936 , CVE-2016-0938 , CVE-2016-0939 , CVE-2016-0944 , CVE-2016-0945 ,and CVE-2016-0946 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Adobe Acrobat and Reader are prone to multiple memory-corruption vulnerabilities. \nAttackers can exploit these issues to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Security flaws exist in several Adobe products",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0942"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001044"
},
{
"db": "BID",
"id": "80361"
},
{
"db": "VULHUB",
"id": "VHN-88452"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0942",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1034646",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001044",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201601-242",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-014",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-015",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-009",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-013",
"trust": 0.3
},
{
"db": "BID",
"id": "80361",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-88452",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88452"
},
{
"db": "BID",
"id": "80361"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001044"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-242"
},
{
"db": "NVD",
"id": "CVE-2016-0942"
}
]
},
"id": "VAR-201601-0603",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88452"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:32:57.751000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-02",
"trust": 0.8,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
},
{
"title": "APSB16-02",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb16-02.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160114.html"
},
{
"title": "Multiple Adobe Product Buffer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59589"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001044"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-242"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88452"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001044"
},
{
"db": "NVD",
"id": "CVE-2016-0942"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1034646"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0942"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160113-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160003.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0942"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17575"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
},
{
"trust": 0.3,
"url": "https://helpx.adobe.com/security/products/reader/apsb16-02.html"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-009/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-013/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-014/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-015/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88452"
},
{
"db": "BID",
"id": "80361"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001044"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-242"
},
{
"db": "NVD",
"id": "CVE-2016-0942"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-88452"
},
{
"db": "BID",
"id": "80361"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001044"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-242"
},
{
"db": "NVD",
"id": "CVE-2016-0942"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-14T00:00:00",
"db": "VULHUB",
"id": "VHN-88452"
},
{
"date": "2016-01-12T00:00:00",
"db": "BID",
"id": "80361"
},
{
"date": "2016-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001044"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-242"
},
{
"date": "2016-01-14T05:59:11.080000",
"db": "NVD",
"id": "CVE-2016-0942"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-07T00:00:00",
"db": "VULHUB",
"id": "VHN-88452"
},
{
"date": "2016-01-14T23:58:00",
"db": "BID",
"id": "80361"
},
{
"date": "2016-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001044"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-242"
},
{
"date": "2016-12-07T23:42:03.630000",
"db": "NVD",
"id": "CVE-2016-0942"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-242"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001044"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-242"
}
],
"trust": 0.6
}
}
var-201208-0727
Vulnerability from variot
Stack-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors. Adobe Acrobat and Reader are prone to a remote stack-based buffer-overflow vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201308-03
http://security.gentoo.org/
Severity: High Title: Adobe Reader: Multiple vulnerabilities Date: August 22, 2013 Bugs: #431732, #451058, #469960 ID: 201308-03
Synopsis
Multiple vulnerabilities have been found in Adobe Reader, including potential remote execution of arbitrary code and local privilege escalation.
Background
Adobe Reader is a closed-source PDF reader.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.5.5 >= 9.5.5
Description
Multiple vulnerabilities have been discovered in Adobe Reader. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open a specially crafted PDF file, possibly resulting in arbitrary code execution or a Denial of Service condition. A local attacker could gain privileges via unspecified vectors.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.5.5"
References
[ 1 ] CVE-2012-1525 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525 [ 2 ] CVE-2012-1530 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530 [ 3 ] CVE-2012-2049 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049 [ 4 ] CVE-2012-2050 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050 [ 5 ] CVE-2012-2051 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051 [ 6 ] CVE-2012-4147 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147 [ 7 ] CVE-2012-4148 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748 [ 8 ] CVE-2012-4149 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149 [ 9 ] CVE-2012-4150 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150 [ 10 ] CVE-2012-4151 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151 [ 11 ] CVE-2012-4152 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152 [ 12 ] CVE-2012-4153 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153 [ 13 ] CVE-2012-4154 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154 [ 14 ] CVE-2012-4155 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155 [ 15 ] CVE-2012-4156 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156 [ 16 ] CVE-2012-4157 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157 [ 17 ] CVE-2012-4158 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158 [ 18 ] CVE-2012-4159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159 [ 19 ] CVE-2012-4160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160 [ 20 ] CVE-2012-4363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363 [ 21 ] CVE-2013-0601 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601 [ 22 ] CVE-2013-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602 [ 23 ] CVE-2013-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603 [ 24 ] CVE-2013-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604 [ 25 ] CVE-2013-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605 [ 26 ] CVE-2013-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606 [ 27 ] CVE-2013-0607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607 [ 28 ] CVE-2013-0608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608 [ 29 ] CVE-2013-0609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609 [ 30 ] CVE-2013-0610 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610 [ 31 ] CVE-2013-0611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611 [ 32 ] CVE-2013-0612 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612 [ 33 ] CVE-2013-0613 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613 [ 34 ] CVE-2013-0614 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614 [ 35 ] CVE-2013-0615 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615 [ 36 ] CVE-2013-0616 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616 [ 37 ] CVE-2013-0617 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617 [ 38 ] CVE-2013-0618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618 [ 39 ] CVE-2013-0619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619 [ 40 ] CVE-2013-0620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620 [ 41 ] CVE-2013-0621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621 [ 42 ] CVE-2013-0622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622 [ 43 ] CVE-2013-0623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623 [ 44 ] CVE-2013-0624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624 [ 45 ] CVE-2013-0626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626 [ 46 ] CVE-2013-0627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627 [ 47 ] CVE-2013-0640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640 [ 48 ] CVE-2013-0641 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641 [ 49 ] CVE-2013-2549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549 [ 50 ] CVE-2013-2550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550 [ 51 ] CVE-2013-2718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718 [ 52 ] CVE-2013-2719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719 [ 53 ] CVE-2013-2720 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720 [ 54 ] CVE-2013-2721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721 [ 55 ] CVE-2013-2722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722 [ 56 ] CVE-2013-2723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723 [ 57 ] CVE-2013-2724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724 [ 58 ] CVE-2013-2725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725 [ 59 ] CVE-2013-2726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726 [ 60 ] CVE-2013-2727 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727 [ 61 ] CVE-2013-2729 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729 [ 62 ] CVE-2013-2730 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730 [ 63 ] CVE-2013-2731 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731 [ 64 ] CVE-2013-2732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732 [ 65 ] CVE-2013-2733 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733 [ 66 ] CVE-2013-2734 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734 [ 67 ] CVE-2013-2735 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735 [ 68 ] CVE-2013-2736 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736 [ 69 ] CVE-2013-2737 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737 [ 70 ] CVE-2013-3337 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337 [ 71 ] CVE-2013-3338 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338 [ 72 ] CVE-2013-3339 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339 [ 73 ] CVE-2013-3340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340 [ 74 ] CVE-2013-3341 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341 [ 75 ] CVE-2013-3342 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201308-03.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . ----------------------------------------------------------------------
The new Secunia CSI 6.0 is now available in beta! Seamless integration with your existing security solutions Sign-up to become a Beta tester: http://secunia.com/csi6beta
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50281
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50281/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
RELEASE DATE: 2012-08-14
DISCUSS ADVISORY: http://secunia.com/advisories/50281/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50281/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.
1) An unspecified error can be exploited to cause a stack-based buffer overflow.
2) An unspecified error can be exploited to cause a buffer overflow.
3) An unspecified error can be exploited to corrupt memory.
4) Another unspecified error can be exploited to corrupt memory.
5) Another unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to cause a heap-based buffer overflow.
7) Multiple unspecified errors can be exploited to corrupt memory.
8) Two unspecified errors can be exploited to corrupt memory.
Note: Vulnerability #8 affects the Macintosh platform only.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
The vulnerabilities are reported in the following products: * Adobe Reader X and Acrobat X versions 10.1.3 and prior for Windows and Macintosh.
SOLUTION: Apply updates.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1) Pavel Polischouk, TELUS Security Labs 2) An anonymous person via Beyond Security 3) Mateusz Jurczyk, Google Security Team 4, 8) James Quirk 5) John Leitch, Microsoft 6) Nicolas Gr\xe9goire via iDefense 7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team
ORIGINAL ADVISORY: http://www.adobe.com/support/security/bulletins/apsb12-16.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201208-0727",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (windows and macintosh)"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (windows and macintosh)"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "55024"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003632"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-243"
},
{
"db": "NVD",
"id": "CVE-2012-2049"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003632"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Pavel Polischouk of TELUS Security Labs.",
"sources": [
{
"db": "BID",
"id": "55024"
}
],
"trust": 0.3
},
"cve": "CVE-2012-2049",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2012-2049",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-55330",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-2049",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2012-2049",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201208-243",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-55330",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2012-2049",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55330"
},
{
"db": "VULMON",
"id": "CVE-2012-2049"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003632"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-243"
},
{
"db": "NVD",
"id": "CVE-2012-2049"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors. Adobe Acrobat and Reader are prone to a remote stack-based buffer-overflow vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201308-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Adobe Reader: Multiple vulnerabilities\n Date: August 22, 2013\n Bugs: #431732, #451058, #469960\n ID: 201308-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Adobe Reader, including\npotential remote execution of arbitrary code and local privilege\nescalation. \n\nBackground\n==========\n\nAdobe Reader is a closed-source PDF reader. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/acroread \u003c 9.5.5 \u003e= 9.5.5\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Adobe Reader. Please\nreview the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could entice a user to open a specially crafted PDF\nfile, possibly resulting in arbitrary code execution or a Denial of\nService condition. A local attacker could gain privileges via\nunspecified vectors. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.5.5\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-1525\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525\n[ 2 ] CVE-2012-1530\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530\n[ 3 ] CVE-2012-2049\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049\n[ 4 ] CVE-2012-2050\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050\n[ 5 ] CVE-2012-2051\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051\n[ 6 ] CVE-2012-4147\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147\n[ 7 ] CVE-2012-4148\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748\n[ 8 ] CVE-2012-4149\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149\n[ 9 ] CVE-2012-4150\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150\n[ 10 ] CVE-2012-4151\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151\n[ 11 ] CVE-2012-4152\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152\n[ 12 ] CVE-2012-4153\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153\n[ 13 ] CVE-2012-4154\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154\n[ 14 ] CVE-2012-4155\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155\n[ 15 ] CVE-2012-4156\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156\n[ 16 ] CVE-2012-4157\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157\n[ 17 ] CVE-2012-4158\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158\n[ 18 ] CVE-2012-4159\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159\n[ 19 ] CVE-2012-4160\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160\n[ 20 ] CVE-2012-4363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363\n[ 21 ] CVE-2013-0601\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601\n[ 22 ] CVE-2013-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602\n[ 23 ] CVE-2013-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603\n[ 24 ] CVE-2013-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604\n[ 25 ] CVE-2013-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605\n[ 26 ] CVE-2013-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606\n[ 27 ] CVE-2013-0607\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607\n[ 28 ] CVE-2013-0608\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608\n[ 29 ] CVE-2013-0609\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609\n[ 30 ] CVE-2013-0610\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610\n[ 31 ] CVE-2013-0611\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611\n[ 32 ] CVE-2013-0612\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612\n[ 33 ] CVE-2013-0613\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613\n[ 34 ] CVE-2013-0614\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614\n[ 35 ] CVE-2013-0615\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615\n[ 36 ] CVE-2013-0616\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616\n[ 37 ] CVE-2013-0617\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617\n[ 38 ] CVE-2013-0618\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618\n[ 39 ] CVE-2013-0619\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619\n[ 40 ] CVE-2013-0620\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620\n[ 41 ] CVE-2013-0621\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621\n[ 42 ] CVE-2013-0622\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622\n[ 43 ] CVE-2013-0623\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623\n[ 44 ] CVE-2013-0624\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624\n[ 45 ] CVE-2013-0626\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626\n[ 46 ] CVE-2013-0627\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627\n[ 47 ] CVE-2013-0640\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640\n[ 48 ] CVE-2013-0641\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641\n[ 49 ] CVE-2013-2549\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549\n[ 50 ] CVE-2013-2550\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550\n[ 51 ] CVE-2013-2718\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718\n[ 52 ] CVE-2013-2719\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719\n[ 53 ] CVE-2013-2720\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720\n[ 54 ] CVE-2013-2721\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721\n[ 55 ] CVE-2013-2722\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722\n[ 56 ] CVE-2013-2723\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723\n[ 57 ] CVE-2013-2724\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724\n[ 58 ] CVE-2013-2725\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725\n[ 59 ] CVE-2013-2726\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726\n[ 60 ] CVE-2013-2727\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727\n[ 61 ] CVE-2013-2729\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729\n[ 62 ] CVE-2013-2730\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730\n[ 63 ] CVE-2013-2731\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731\n[ 64 ] CVE-2013-2732\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732\n[ 65 ] CVE-2013-2733\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733\n[ 66 ] CVE-2013-2734\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734\n[ 67 ] CVE-2013-2735\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735\n[ 68 ] CVE-2013-2736\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736\n[ 69 ] CVE-2013-2737\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737\n[ 70 ] CVE-2013-3337\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337\n[ 71 ] CVE-2013-3338\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338\n[ 72 ] CVE-2013-3339\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339\n[ 73 ] CVE-2013-3340\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340\n[ 74 ] CVE-2013-3341\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341\n[ 75 ] CVE-2013-3342\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201308-03.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ----------------------------------------------------------------------\n\nThe new Secunia CSI 6.0 is now available in beta!\nSeamless integration with your existing security solutions Sign-up to \nbecome a Beta tester: http://secunia.com/csi6beta\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50281\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50281/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nRELEASE DATE:\n2012-08-14\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50281/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50281/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader and Adobe\nAcrobat, which can be exploited by malicious people to compromise a\nuser\u0027s system. \n\n1) An unspecified error can be exploited to cause a stack-based\nbuffer overflow. \n\n2) An unspecified error can be exploited to cause a buffer overflow. \n\n3) An unspecified error can be exploited to corrupt memory. \n\n4) Another unspecified error can be exploited to corrupt memory. \n\n5) Another unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to cause a heap-based buffer\noverflow. \n\n7) Multiple unspecified errors can be exploited to corrupt memory. \n\n8) Two unspecified errors can be exploited to corrupt memory. \n\nNote: Vulnerability #8 affects the Macintosh platform only. \n\nSuccessful exploitation of the vulnerabilities may allow execution of\narbitrary code. \n\nThe vulnerabilities are reported in the following products:\n* Adobe Reader X and Acrobat X versions 10.1.3 and prior for Windows\nand Macintosh. \n\nSOLUTION:\nApply updates. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1) Pavel Polischouk, TELUS Security Labs\n2) An anonymous person via Beyond Security\n3) Mateusz Jurczyk, Google Security Team\n4, 8) James Quirk\n5) John Leitch, Microsoft\n6) Nicolas Gr\\xe9goire via iDefense\n7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team\n\nORIGINAL ADVISORY:\nhttp://www.adobe.com/support/security/bulletins/apsb12-16.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2049"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003632"
},
{
"db": "BID",
"id": "55024"
},
{
"db": "VULHUB",
"id": "VHN-55330"
},
{
"db": "VULMON",
"id": "CVE-2012-2049"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-2049",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003632",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201208-243",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "50281",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "20331",
"trust": 0.6
},
{
"db": "BID",
"id": "55024",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-55330",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2012-2049",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "122930",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "115524",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55330"
},
{
"db": "VULMON",
"id": "CVE-2012-2049"
},
{
"db": "BID",
"id": "55024"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003632"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-243"
},
{
"db": "NVD",
"id": "CVE-2012-2049"
}
]
},
"id": "VAR-201208-0727",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-55330"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:05:21.446000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"title": "APSB12-16 (cq08100817)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/acrobat/kb/cq08100817.html"
},
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb12-16.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20120816.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003632"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55330"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003632"
},
{
"db": "NVD",
"id": "CVE-2012-2049"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"trust": 1.3,
"url": "http://security.gentoo.org/glsa/glsa-201308-03.xml"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a15463"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2049"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2012/at120023.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2049"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50281"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/20331"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=26942"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3338"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4147"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4155"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4152"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2729"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2718"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0611"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2719"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2722"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4147"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4152"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0620"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2725"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2721"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1525"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4153"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0607"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0617"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4151"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0615"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0601"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1525"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2735"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2726"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2737"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2549"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4154"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2727"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0608"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4157"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1530"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2734"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4157"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4153"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4150"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3342"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0641"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0610"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2731"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0623"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2049"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2733"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2736"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3337"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2050"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2720"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0614"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1530"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2730"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0616"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4151"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0619"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4150"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4154"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3341"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2550"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0640"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4155"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2049"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2732"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2724"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0612"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0613"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2723"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2050"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0621"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0601"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/"
},
{
"trust": 0.1,
"url": "http://secunia.com/csi6beta"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55330"
},
{
"db": "VULMON",
"id": "CVE-2012-2049"
},
{
"db": "BID",
"id": "55024"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003632"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-243"
},
{
"db": "NVD",
"id": "CVE-2012-2049"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-55330"
},
{
"db": "VULMON",
"id": "CVE-2012-2049"
},
{
"db": "BID",
"id": "55024"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003632"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-243"
},
{
"db": "NVD",
"id": "CVE-2012-2049"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-15T00:00:00",
"db": "VULHUB",
"id": "VHN-55330"
},
{
"date": "2012-08-15T00:00:00",
"db": "VULMON",
"id": "CVE-2012-2049"
},
{
"date": "2012-08-14T00:00:00",
"db": "BID",
"id": "55024"
},
{
"date": "2012-08-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003632"
},
{
"date": "2013-08-23T06:29:02",
"db": "PACKETSTORM",
"id": "122930"
},
{
"date": "2012-08-14T04:36:45",
"db": "PACKETSTORM",
"id": "115524"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-243"
},
{
"date": "2012-08-15T10:31:40.943000",
"db": "NVD",
"id": "CVE-2012-2049"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-55330"
},
{
"date": "2017-09-19T00:00:00",
"db": "VULMON",
"id": "CVE-2012-2049"
},
{
"date": "2013-08-26T00:17:00",
"db": "BID",
"id": "55024"
},
{
"date": "2012-08-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003632"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-243"
},
{
"date": "2017-09-19T01:34:56.260000",
"db": "NVD",
"id": "CVE-2012-2049"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-243"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X upper Adobe Reader and Acrobat Vulnerable to stack-based buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003632"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-243"
}
],
"trust": 0.6
}
}
var-201208-0434
Vulnerability from variot
Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE-2012-4150, CVE-2012-4151, CVE-2012-4152, CVE-2012-4153, CVE-2012-4154, CVE-2012-4155, CVE-2012-4156, CVE-2012-4157, CVE-2012-4158, and CVE-2012-4160. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201308-03
http://security.gentoo.org/
Severity: High Title: Adobe Reader: Multiple vulnerabilities Date: August 22, 2013 Bugs: #431732, #451058, #469960 ID: 201308-03
Synopsis
Multiple vulnerabilities have been found in Adobe Reader, including potential remote execution of arbitrary code and local privilege escalation.
Background
Adobe Reader is a closed-source PDF reader.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.5.5 >= 9.5.5
Description
Multiple vulnerabilities have been discovered in Adobe Reader. Please review the CVE identifiers referenced below for details. A local attacker could gain privileges via unspecified vectors.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.5.5"
References
[ 1 ] CVE-2012-1525 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525 [ 2 ] CVE-2012-1530 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530 [ 3 ] CVE-2012-2049 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049 [ 4 ] CVE-2012-2050 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050 [ 5 ] CVE-2012-2051 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051 [ 6 ] CVE-2012-4147 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147 [ 7 ] CVE-2012-4148 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748 [ 8 ] CVE-2012-4149 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149 [ 9 ] CVE-2012-4150 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150 [ 10 ] CVE-2012-4151 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151 [ 11 ] CVE-2012-4152 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152 [ 12 ] CVE-2012-4153 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153 [ 13 ] CVE-2012-4154 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154 [ 14 ] CVE-2012-4155 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155 [ 15 ] CVE-2012-4156 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156 [ 16 ] CVE-2012-4157 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157 [ 17 ] CVE-2012-4158 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158 [ 18 ] CVE-2012-4159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159 [ 19 ] CVE-2012-4160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160 [ 20 ] CVE-2012-4363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363 [ 21 ] CVE-2013-0601 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601 [ 22 ] CVE-2013-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602 [ 23 ] CVE-2013-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603 [ 24 ] CVE-2013-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604 [ 25 ] CVE-2013-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605 [ 26 ] CVE-2013-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606 [ 27 ] CVE-2013-0607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607 [ 28 ] CVE-2013-0608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608 [ 29 ] CVE-2013-0609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609 [ 30 ] CVE-2013-0610 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610 [ 31 ] CVE-2013-0611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611 [ 32 ] CVE-2013-0612 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612 [ 33 ] CVE-2013-0613 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613 [ 34 ] CVE-2013-0614 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614 [ 35 ] CVE-2013-0615 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615 [ 36 ] CVE-2013-0616 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616 [ 37 ] CVE-2013-0617 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617 [ 38 ] CVE-2013-0618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618 [ 39 ] CVE-2013-0619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619 [ 40 ] CVE-2013-0620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620 [ 41 ] CVE-2013-0621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621 [ 42 ] CVE-2013-0622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622 [ 43 ] CVE-2013-0623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623 [ 44 ] CVE-2013-0624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624 [ 45 ] CVE-2013-0626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626 [ 46 ] CVE-2013-0627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627 [ 47 ] CVE-2013-0640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640 [ 48 ] CVE-2013-0641 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641 [ 49 ] CVE-2013-2549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549 [ 50 ] CVE-2013-2550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550 [ 51 ] CVE-2013-2718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718 [ 52 ] CVE-2013-2719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719 [ 53 ] CVE-2013-2720 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720 [ 54 ] CVE-2013-2721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721 [ 55 ] CVE-2013-2722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722 [ 56 ] CVE-2013-2723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723 [ 57 ] CVE-2013-2724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724 [ 58 ] CVE-2013-2725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725 [ 59 ] CVE-2013-2726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726 [ 60 ] CVE-2013-2727 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727 [ 61 ] CVE-2013-2729 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729 [ 62 ] CVE-2013-2730 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730 [ 63 ] CVE-2013-2731 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731 [ 64 ] CVE-2013-2732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732 [ 65 ] CVE-2013-2733 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733 [ 66 ] CVE-2013-2734 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734 [ 67 ] CVE-2013-2735 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735 [ 68 ] CVE-2013-2736 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736 [ 69 ] CVE-2013-2737 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737 [ 70 ] CVE-2013-3337 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337 [ 71 ] CVE-2013-3338 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338 [ 72 ] CVE-2013-3339 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339 [ 73 ] CVE-2013-3340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340 [ 74 ] CVE-2013-3341 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341 [ 75 ] CVE-2013-3342 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201308-03.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . ----------------------------------------------------------------------
The new Secunia CSI 6.0 is now available in beta! Seamless integration with your existing security solutions Sign-up to become a Beta tester: http://secunia.com/csi6beta
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50281
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50281/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
RELEASE DATE: 2012-08-14
DISCUSS ADVISORY: http://secunia.com/advisories/50281/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50281/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.
1) An unspecified error can be exploited to cause a stack-based buffer overflow.
2) An unspecified error can be exploited to cause a buffer overflow.
3) An unspecified error can be exploited to corrupt memory.
4) Another unspecified error can be exploited to corrupt memory.
5) Another unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to cause a heap-based buffer overflow.
7) Multiple unspecified errors can be exploited to corrupt memory.
8) Two unspecified errors can be exploited to corrupt memory.
Note: Vulnerability #8 affects the Macintosh platform only.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
SOLUTION: Apply updates.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1) Pavel Polischouk, TELUS Security Labs 2) An anonymous person via Beyond Security 3) Mateusz Jurczyk, Google Security Team 4, 8) James Quirk 5) John Leitch, Microsoft 6) Nicolas Gr\xe9goire via iDefense 7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team
ORIGINAL ADVISORY: http://www.adobe.com/support/security/bulletins/apsb12-16.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201208-0434",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (windows and macintosh)"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (windows and macintosh)"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "55020"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003647"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-258"
},
{
"db": "NVD",
"id": "CVE-2012-4159"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003647"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mateusz Jurczyk and Gynvael Coldwind, of the Google Security Team",
"sources": [
{
"db": "BID",
"id": "55020"
}
],
"trust": 0.3
},
"cve": "CVE-2012-4159",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2012-4159",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-57440",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-4159",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2012-4159",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201208-258",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-57440",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57440"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003647"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-258"
},
{
"db": "NVD",
"id": "CVE-2012-4159"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE-2012-4150, CVE-2012-4151, CVE-2012-4152, CVE-2012-4153, CVE-2012-4154, CVE-2012-4155, CVE-2012-4156, CVE-2012-4157, CVE-2012-4158, and CVE-2012-4160. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201308-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Adobe Reader: Multiple vulnerabilities\n Date: August 22, 2013\n Bugs: #431732, #451058, #469960\n ID: 201308-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Adobe Reader, including\npotential remote execution of arbitrary code and local privilege\nescalation. \n\nBackground\n==========\n\nAdobe Reader is a closed-source PDF reader. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/acroread \u003c 9.5.5 \u003e= 9.5.5\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Adobe Reader. Please\nreview the CVE identifiers referenced below for details. A local attacker could gain privileges via\nunspecified vectors. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.5.5\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-1525\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525\n[ 2 ] CVE-2012-1530\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530\n[ 3 ] CVE-2012-2049\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049\n[ 4 ] CVE-2012-2050\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050\n[ 5 ] CVE-2012-2051\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051\n[ 6 ] CVE-2012-4147\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147\n[ 7 ] CVE-2012-4148\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748\n[ 8 ] CVE-2012-4149\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149\n[ 9 ] CVE-2012-4150\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150\n[ 10 ] CVE-2012-4151\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151\n[ 11 ] CVE-2012-4152\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152\n[ 12 ] CVE-2012-4153\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153\n[ 13 ] CVE-2012-4154\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154\n[ 14 ] CVE-2012-4155\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155\n[ 15 ] CVE-2012-4156\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156\n[ 16 ] CVE-2012-4157\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157\n[ 17 ] CVE-2012-4158\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158\n[ 18 ] CVE-2012-4159\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159\n[ 19 ] CVE-2012-4160\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160\n[ 20 ] CVE-2012-4363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363\n[ 21 ] CVE-2013-0601\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601\n[ 22 ] CVE-2013-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602\n[ 23 ] CVE-2013-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603\n[ 24 ] CVE-2013-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604\n[ 25 ] CVE-2013-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605\n[ 26 ] CVE-2013-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606\n[ 27 ] CVE-2013-0607\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607\n[ 28 ] CVE-2013-0608\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608\n[ 29 ] CVE-2013-0609\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609\n[ 30 ] CVE-2013-0610\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610\n[ 31 ] CVE-2013-0611\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611\n[ 32 ] CVE-2013-0612\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612\n[ 33 ] CVE-2013-0613\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613\n[ 34 ] CVE-2013-0614\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614\n[ 35 ] CVE-2013-0615\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615\n[ 36 ] CVE-2013-0616\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616\n[ 37 ] CVE-2013-0617\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617\n[ 38 ] CVE-2013-0618\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618\n[ 39 ] CVE-2013-0619\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619\n[ 40 ] CVE-2013-0620\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620\n[ 41 ] CVE-2013-0621\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621\n[ 42 ] CVE-2013-0622\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622\n[ 43 ] CVE-2013-0623\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623\n[ 44 ] CVE-2013-0624\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624\n[ 45 ] CVE-2013-0626\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626\n[ 46 ] CVE-2013-0627\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627\n[ 47 ] CVE-2013-0640\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640\n[ 48 ] CVE-2013-0641\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641\n[ 49 ] CVE-2013-2549\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549\n[ 50 ] CVE-2013-2550\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550\n[ 51 ] CVE-2013-2718\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718\n[ 52 ] CVE-2013-2719\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719\n[ 53 ] CVE-2013-2720\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720\n[ 54 ] CVE-2013-2721\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721\n[ 55 ] CVE-2013-2722\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722\n[ 56 ] CVE-2013-2723\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723\n[ 57 ] CVE-2013-2724\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724\n[ 58 ] CVE-2013-2725\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725\n[ 59 ] CVE-2013-2726\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726\n[ 60 ] CVE-2013-2727\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727\n[ 61 ] CVE-2013-2729\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729\n[ 62 ] CVE-2013-2730\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730\n[ 63 ] CVE-2013-2731\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731\n[ 64 ] CVE-2013-2732\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732\n[ 65 ] CVE-2013-2733\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733\n[ 66 ] CVE-2013-2734\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734\n[ 67 ] CVE-2013-2735\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735\n[ 68 ] CVE-2013-2736\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736\n[ 69 ] CVE-2013-2737\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737\n[ 70 ] CVE-2013-3337\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337\n[ 71 ] CVE-2013-3338\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338\n[ 72 ] CVE-2013-3339\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339\n[ 73 ] CVE-2013-3340\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340\n[ 74 ] CVE-2013-3341\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341\n[ 75 ] CVE-2013-3342\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201308-03.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ----------------------------------------------------------------------\n\nThe new Secunia CSI 6.0 is now available in beta!\nSeamless integration with your existing security solutions Sign-up to \nbecome a Beta tester: http://secunia.com/csi6beta\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50281\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50281/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nRELEASE DATE:\n2012-08-14\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50281/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50281/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader and Adobe\nAcrobat, which can be exploited by malicious people to compromise a\nuser\u0027s system. \n\n1) An unspecified error can be exploited to cause a stack-based\nbuffer overflow. \n\n2) An unspecified error can be exploited to cause a buffer overflow. \n\n3) An unspecified error can be exploited to corrupt memory. \n\n4) Another unspecified error can be exploited to corrupt memory. \n\n5) Another unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to cause a heap-based buffer\noverflow. \n\n7) Multiple unspecified errors can be exploited to corrupt memory. \n\n8) Two unspecified errors can be exploited to corrupt memory. \n\nNote: Vulnerability #8 affects the Macintosh platform only. \n\nSuccessful exploitation of the vulnerabilities may allow execution of\narbitrary code. \n\nSOLUTION:\nApply updates. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1) Pavel Polischouk, TELUS Security Labs\n2) An anonymous person via Beyond Security\n3) Mateusz Jurczyk, Google Security Team\n4, 8) James Quirk\n5) John Leitch, Microsoft\n6) Nicolas Gr\\xe9goire via iDefense\n7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team\n\nORIGINAL ADVISORY:\nhttp://www.adobe.com/support/security/bulletins/apsb12-16.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4159"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003647"
},
{
"db": "BID",
"id": "55020"
},
{
"db": "VULHUB",
"id": "VHN-57440"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-4159",
"trust": 2.9
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003647",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201208-258",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "50281",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "20335",
"trust": 0.6
},
{
"db": "BID",
"id": "55020",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-57440",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "122930",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "115524",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57440"
},
{
"db": "BID",
"id": "55020"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003647"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-258"
},
{
"db": "NVD",
"id": "CVE-2012-4159"
}
]
},
"id": "VAR-201208-0434",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-57440"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:16:22.272000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"title": "APSB12-16 (cq08100817)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/acrobat/kb/cq08100817.html"
},
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb12-16.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20120816.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003647"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57440"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003647"
},
{
"db": "NVD",
"id": "CVE-2012-4159"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"trust": 1.2,
"url": "http://security.gentoo.org/glsa/glsa-201308-03.xml"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16346"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4159"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2012/at120023.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4159"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50281"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/20335"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3338"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4147"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4155"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4152"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2729"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2718"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0611"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2719"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2722"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4147"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4152"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0620"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2725"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2721"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1525"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4153"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0607"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0617"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4151"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0615"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0601"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1525"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2735"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2726"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2737"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2549"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4154"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2727"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0608"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4157"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1530"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2734"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4157"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4153"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4150"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3342"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0641"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0610"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2731"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0623"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2049"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2733"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2736"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3337"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2050"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2720"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0614"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1530"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2730"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0616"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4151"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0619"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4150"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4154"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3341"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2550"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0640"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4155"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2049"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2732"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2724"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0612"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0613"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2723"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2050"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0621"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0601"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/"
},
{
"trust": 0.1,
"url": "http://secunia.com/csi6beta"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57440"
},
{
"db": "BID",
"id": "55020"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003647"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-258"
},
{
"db": "NVD",
"id": "CVE-2012-4159"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-57440"
},
{
"db": "BID",
"id": "55020"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003647"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-258"
},
{
"db": "NVD",
"id": "CVE-2012-4159"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-15T00:00:00",
"db": "VULHUB",
"id": "VHN-57440"
},
{
"date": "2012-08-14T00:00:00",
"db": "BID",
"id": "55020"
},
{
"date": "2012-08-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003647"
},
{
"date": "2013-08-23T06:29:02",
"db": "PACKETSTORM",
"id": "122930"
},
{
"date": "2012-08-14T04:36:45",
"db": "PACKETSTORM",
"id": "115524"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-258"
},
{
"date": "2012-08-15T10:31:41.663000",
"db": "NVD",
"id": "CVE-2012-4159"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-57440"
},
{
"date": "2013-08-26T08:09:00",
"db": "BID",
"id": "55020"
},
{
"date": "2012-08-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003647"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-258"
},
{
"date": "2017-09-19T01:35:17.293000",
"db": "NVD",
"id": "CVE-2012-4159"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-258"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X upper Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003647"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-258"
}
],
"trust": 0.6
}
}
var-201009-0242
Vulnerability from variot
Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF document with a long field in a Smart INdependent Glyphlets (SING) table in a TTF font, as exploited in the wild in September 2010. NOTE: some of these details are obtained from third party information. Adobe Reader and Acrobat contains a buffer overflow vulnerability. Adobe Reader and Acrobat for, CoolType.dll There is a buffer overflow vulnerability due to the font analysis code of this application. Attacks exploiting this vulnerability have been confirmed.Crafted PDF When a user views the document, arbitrary code may be executed or a denial of service may occur. (DoS) You may be attacked. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. ----------------------------------------------------------------------
Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). This fixes multiple vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to compromise a user's system. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA10-279A
Adobe Reader and Acrobat Affected by Multiple Vulnerabilities
Original release date: October 06, 2010 Last revised: -- Source: US-CERT
Systems Affected
* Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh, and UNIX
* Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh
* Adobe Reader 8.2.4 and earlier versions for Windows, Macintosh, and UNIX
* Adobe Acrobat 8.2.4 and earlier versions for Windows and Macintosh
Overview
Adobe has released Security Bulletin APSB10-21, which describes multiple vulnerabilities affecting Adobe Reader and Acrobat.
I.
An attacker could exploit these vulnerabilities by convincing a user to open a specially crafted PDF file. The Adobe Reader browser plug-in, which can automatically open PDF documents hosted on a website, is available for multiple web browsers and operating systems.
II.
III. Solution
Update
Adobe has released updates to address this issue. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Adobe provides a framework to blacklist specific JavaScipt APIs. If JavaScript must be enabled, this feature may be useful when specific APIs are known to be vulnerable or used in attacks.
Prevent Internet Explorer from automatically opening PDF files
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7] "EditFlags"=hex:00,00,00,00
Disable the display of PDF files in the web browser
Preventing PDF files from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF files from automatically being opened in a web browser, do the following:
- Open the Edit menu.
- Choose the Preferences option.
- Choose the Internet section.
- Uncheck the "Display PDF in browser" checkbox.
Do not access PDF files from untrusted sources
Do not open unfamiliar or unexpected PDF files, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. Please send email to cert@cert.org with "TA10-279A Feedback VU#491991" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
October 06, 2010: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBTKxxvD6pPKYJORa3AQIL3wgAp2tynQw73VA+B70fuEl+os17BeVaP8zn 5aoWS6QBRx+Q8Ijw1wnKT1sF4IWaDWTWqPo0yt6MLx8WwO2ei8WaB+aMOwy9ZBo3 BbCOPSM63/3jBrJuCDs4x2PhZDzg2GJf4Zw8NN2oCSOXMxYGhx16QQzo2lY35CBJ cvCSiLtNQuqpnvNMi2DJhArwxStK9Un2fli7IqwXzC6+RIgrk1l/EAM/6CO2+AwJ Se0bDWBjwR5YverLEXoLuBbF0lHvQ0+V/vT5Q/zBDYUwcWkBL2n7NwdbKI9pYZxL 8Te7YapqAnMNgI1/PnYI/W369Vq3U6QoQVVR9ZoyLGw8x0A57cpU2g== =Rc0h -----END PGP SIGNATURE----- . ----------------------------------------------------------------------
Windows Applications Insecure Library Loading
The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/
The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected.
TITLE: Adobe Reader / Acrobat Font Parsing Buffer Overflow Vulnerability
SECUNIA ADVISORY ID: SA41340
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41340/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41340
RELEASE DATE: 2010-09-08
DISCUSS ADVISORY: http://secunia.com/advisories/41340/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/41340/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=41340
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been discovered in Adobe Reader, which can be exploited by malicious people to compromise a user's system.
The vulnerability is confirmed in versions 8.2.4 and 9.3.4.
SOLUTION: Do not open untrusted files.
PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day.
ORIGINAL ADVISORY: http://contagiodump.blogspot.com/2010/09/cve-david-leadbetters-one-point-lesson.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201101-08
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: January 21, 2011 Bugs: #336508, #343091 ID: 201101-08
Synopsis
Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest stable version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.1"
References
[ 1 ] APSB10-21 http://www.adobe.com/support/security/bulletins/apsb10-21.html [ 2 ] APSB10-28 http://www.adobe.com/support/security/bulletins/apsb10-28.html [ 3 ] CVE-2010-2883 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2883 [ 4 ] CVE-2010-2884 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884 [ 5 ] CVE-2010-2887 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2887 [ 6 ] CVE-2010-2889 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2889 [ 7 ] CVE-2010-2890 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2890 [ 8 ] CVE-2010-3619 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3619 [ 9 ] CVE-2010-3620 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3620 [ 10 ] CVE-2010-3621 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3621 [ 11 ] CVE-2010-3622 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3622 [ 12 ] CVE-2010-3625 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3625 [ 13 ] CVE-2010-3626 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3626 [ 14 ] CVE-2010-3627 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3627 [ 15 ] CVE-2010-3628 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3628 [ 16 ] CVE-2010-3629 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3629 [ 17 ] CVE-2010-3630 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3630 [ 18 ] CVE-2010-3632 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3632 [ 19 ] CVE-2010-3654 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654 [ 20 ] CVE-2010-3656 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3656 [ 21 ] CVE-2010-3657 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3657 [ 22 ] CVE-2010-3658 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3658 [ 23 ] CVE-2010-4091 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4091
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201101-08.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201009-0242",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adobe",
"version": null
},
{
"model": "turbolinux client",
"scope": null,
"trust": 0.8,
"vendor": "\u30bf\u30fc\u30dc\u30ea\u30ca\u30c3\u30af\u30b9",
"version": null
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": "5 (server)"
},
{
"model": "rhel desktop supplementary",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"model": "red hat enterprise linux extras",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"model": "adobe reader",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c9\u30d3",
"version": null
},
{
"model": "adobe acrobat",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c9\u30d3",
"version": null
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "opensuse",
"scope": "ne",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "linux enterprise sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "opensuse",
"scope": "ne",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux enterprise desktop",
"scope": "ne",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "linux enterprise desktop sp3",
"scope": "ne",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "moblin",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "linux enterprise sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "linux enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "opensuse",
"scope": "ne",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "moblin",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "2.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "linux enterprise desktop sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#491991"
},
{
"db": "BID",
"id": "43057"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002088"
},
{
"db": "CNNVD",
"id": "CNNVD-201009-077"
},
{
"db": "NVD",
"id": "CVE-2010-2883"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mila Parkour",
"sources": [
{
"db": "BID",
"id": "43057"
}
],
"trust": 0.3
},
"cve": "CVE-2010-2883",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-2883",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-45488",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.3,
"id": "CVE-2010-2883",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.3,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2010-2883",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-2883",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#491991",
"trust": 0.8,
"value": "61.51"
},
{
"author": "NVD",
"id": "CVE-2010-2883",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201009-077",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-45488",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2010-2883",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#491991"
},
{
"db": "VULHUB",
"id": "VHN-45488"
},
{
"db": "VULMON",
"id": "CVE-2010-2883"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002088"
},
{
"db": "CNNVD",
"id": "CNNVD-201009-077"
},
{
"db": "NVD",
"id": "CVE-2010-2883"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF document with a long field in a Smart INdependent Glyphlets (SING) table in a TTF font, as exploited in the wild in September 2010. NOTE: some of these details are obtained from third party information. Adobe Reader and Acrobat contains a buffer overflow vulnerability. Adobe Reader and Acrobat for, CoolType.dll There is a buffer overflow vulnerability due to the font analysis code of this application. Attacks exploiting this vulnerability have been confirmed.Crafted PDF When a user views the document, arbitrary code may be executed or a denial of service may occur. (DoS) You may be attacked. \nAn attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. ----------------------------------------------------------------------\n\n\nSecure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). This fixes multiple\nvulnerabilities, which can be exploited by malicious, local users to\ngain escalated privileges and by malicious people to compromise a\nuser\u0027s system. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n National Cyber Alert System\n\n Technical Cyber Security Alert TA10-279A\n\n\nAdobe Reader and Acrobat Affected by Multiple Vulnerabilities\n\n Original release date: October 06, 2010\n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n * Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh, and UNIX\n * Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh\n * Adobe Reader 8.2.4 and earlier versions for Windows, Macintosh, and UNIX\n * Adobe Acrobat 8.2.4 and earlier versions for Windows and Macintosh\n\n\nOverview\n\n Adobe has released Security Bulletin APSB10-21, which describes\n multiple vulnerabilities affecting Adobe Reader and Acrobat. \n\n\nI. \n\n An attacker could exploit these vulnerabilities by convincing a\n user to open a specially crafted PDF file. The Adobe Reader browser\n plug-in, which can automatically open PDF documents hosted on a\n website, is available for multiple web browsers and operating\n systems. \n\n\nII. \n\n\nIII. Solution\n\n Update\n\n Adobe has released updates to address this issue. Acrobat JavaScript can be disabled using the\n Preferences menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable\n Acrobat JavaScript). \n\n Adobe provides a framework to blacklist specific JavaScipt APIs. If\n JavaScript must be enabled, this feature may be useful when\n specific APIs are known to be vulnerable or used in attacks. \n\n Prevent Internet Explorer from automatically opening PDF files\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF files in the web browser\n\n Preventing PDF files from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF files from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. \n\n Do not access PDF files from untrusted sources\n\n Do not open unfamiliar or unexpected PDF files, particularly those\n hosted on websites or delivered as email attachments. Please see\n Cyber Security Tip ST04-010. \n\n\nIV. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-279A Feedback VU#491991\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n October 06, 2010: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBTKxxvD6pPKYJORa3AQIL3wgAp2tynQw73VA+B70fuEl+os17BeVaP8zn\n5aoWS6QBRx+Q8Ijw1wnKT1sF4IWaDWTWqPo0yt6MLx8WwO2ei8WaB+aMOwy9ZBo3\nBbCOPSM63/3jBrJuCDs4x2PhZDzg2GJf4Zw8NN2oCSOXMxYGhx16QQzo2lY35CBJ\ncvCSiLtNQuqpnvNMi2DJhArwxStK9Un2fli7IqwXzC6+RIgrk1l/EAM/6CO2+AwJ\nSe0bDWBjwR5YverLEXoLuBbF0lHvQ0+V/vT5Q/zBDYUwcWkBL2n7NwdbKI9pYZxL\n8Te7YapqAnMNgI1/PnYI/W369Vq3U6QoQVVR9ZoyLGw8x0A57cpU2g==\n=Rc0h\n-----END PGP SIGNATURE-----\n. ----------------------------------------------------------------------\n\n\nWindows Applications Insecure Library Loading\n\nThe Official, Verified Secunia List:\nhttp://secunia.com/advisories/windows_insecure_library_loading/\n\nThe list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. \n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Font Parsing Buffer Overflow Vulnerability\n\nSECUNIA ADVISORY ID:\nSA41340\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/41340/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=41340\n\nRELEASE DATE:\n2010-09-08\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/41340/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/41340/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=41340\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been discovered in Adobe Reader, which can be\nexploited by malicious people to compromise a user\u0027s system. \n\nThe vulnerability is confirmed in versions 8.2.4 and 9.3.4. \n\nSOLUTION:\nDo not open untrusted files. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported as a 0-day. \n\nORIGINAL ADVISORY:\nhttp://contagiodump.blogspot.com/2010/09/cve-david-leadbetters-one-point-lesson.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201101-08\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: January 21, 2011\n Bugs: #336508, #343091\n ID: 201101-08\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might result in the execution\nof arbitrary code. For further\ninformation please consult the CVE entries and the Adobe Security\nBulletins referenced below. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest stable version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.4.1\"\n\nReferences\n==========\n\n [ 1 ] APSB10-21\n http://www.adobe.com/support/security/bulletins/apsb10-21.html\n [ 2 ] APSB10-28\n http://www.adobe.com/support/security/bulletins/apsb10-28.html\n [ 3 ] CVE-2010-2883\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2883\n [ 4 ] CVE-2010-2884\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884\n [ 5 ] CVE-2010-2887\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2887\n [ 6 ] CVE-2010-2889\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2889\n [ 7 ] CVE-2010-2890\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2890\n [ 8 ] CVE-2010-3619\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3619\n [ 9 ] CVE-2010-3620\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3620\n [ 10 ] CVE-2010-3621\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3621\n [ 11 ] CVE-2010-3622\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3622\n [ 12 ] CVE-2010-3625\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3625\n [ 13 ] CVE-2010-3626\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3626\n [ 14 ] CVE-2010-3627\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3627\n [ 15 ] CVE-2010-3628\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3628\n [ 16 ] CVE-2010-3629\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3629\n [ 17 ] CVE-2010-3630\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3630\n [ 18 ] CVE-2010-3632\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3632\n [ 19 ] CVE-2010-3654\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654\n [ 20 ] CVE-2010-3656\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3656\n [ 21 ] CVE-2010-3657\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3657\n [ 22 ] CVE-2010-3658\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3658\n [ 23 ] CVE-2010-4091\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4091\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201101-08.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2011 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-2883"
},
{
"db": "CERT/CC",
"id": "VU#491991"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002088"
},
{
"db": "BID",
"id": "43057"
},
{
"db": "VULHUB",
"id": "VHN-45488"
},
{
"db": "VULMON",
"id": "CVE-2010-2883"
},
{
"db": "PACKETSTORM",
"id": "97778"
},
{
"db": "PACKETSTORM",
"id": "94535"
},
{
"db": "PACKETSTORM",
"id": "93611"
},
{
"db": "PACKETSTORM",
"id": "97734"
}
],
"trust": 3.15
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=16619",
"trust": 0.2,
"type": "exploit"
},
{
"reference": "https://www.scap.org.cn/vuln/vhn-45488",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-45488"
},
{
"db": "VULMON",
"id": "CVE-2010-2883"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-2883",
"trust": 4.6
},
{
"db": "SECUNIA",
"id": "41340",
"trust": 3.5
},
{
"db": "CERT/CC",
"id": "VU#491991",
"trust": 2.9
},
{
"db": "BID",
"id": "43057",
"trust": 2.3
},
{
"db": "USCERT",
"id": "TA10-279A",
"trust": 2.1
},
{
"db": "VUPEN",
"id": "ADV-2010-2331",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "43025",
"trust": 1.3
},
{
"db": "VUPEN",
"id": "ADV-2011-0344",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2011-0191",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2010-2573",
"trust": 0.8
},
{
"db": "XF",
"id": "61635",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA10-279A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "TA15-119A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002088",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201009-077",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "97734",
"trust": 0.2
},
{
"db": "EXPLOIT-DB",
"id": "16619",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "93627",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "16494",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-71008",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-88893",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-45488",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2010-2883",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "97778",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "94535",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "93611",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#491991"
},
{
"db": "VULHUB",
"id": "VHN-45488"
},
{
"db": "VULMON",
"id": "CVE-2010-2883"
},
{
"db": "BID",
"id": "43057"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002088"
},
{
"db": "PACKETSTORM",
"id": "97778"
},
{
"db": "PACKETSTORM",
"id": "94535"
},
{
"db": "PACKETSTORM",
"id": "93611"
},
{
"db": "PACKETSTORM",
"id": "97734"
},
{
"db": "CNNVD",
"id": "CNNVD-201009-077"
},
{
"db": "NVD",
"id": "CVE-2010-2883"
}
]
},
"id": "VAR-201009-0242",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-45488"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:40:03.522000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "TA10-279A",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/advisories/apsa10-02.html"
},
{
"title": "Red Hat: Critical: acroread security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20100743 - Security Advisory"
},
{
"title": "myblog",
"trust": 0.1,
"url": "https://github.com/Zhouyi827/myblog "
},
{
"title": "rop-collection",
"trust": 0.1,
"url": "https://github.com/season-lab/rop-collection "
},
{
"title": "articles",
"trust": 0.1,
"url": "https://github.com/xinali/articles "
},
{
"title": "Securelist",
"trust": 0.1,
"url": "https://securelist.com/the-spring-dragon-apt/70726/"
},
{
"title": "Securelist",
"trust": 0.1,
"url": "https://securelist.com/monthly-malware-statistics-october-2010/36327/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/adobe-issues-huge-patch-reader-and-acrobat-100610/74551/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/adobe-release-critical-reader-patch-early-100110/74540/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/adobe-exploit-bypasses-aslr-and-dep-drops-signed-malicious-file-090910/74445/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/new-adobe-pdf-zero-day-flaw-under-attack-090810/74442/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-2883"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002088"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "Out-of-bounds writing (CWE-787) [NVD evaluation ]",
"trust": 0.8
},
{
"problemtype": "CWE-119",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-45488"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002088"
},
{
"db": "NVD",
"id": "CVE-2010-2883"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://secunia.com/advisories/41340"
},
{
"trust": 2.9,
"url": "http://blog.metasploit.com/2010/09/return-of-unpublished-adobe.html"
},
{
"trust": 2.7,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-21.html"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/491991"
},
{
"trust": 2.0,
"url": "http://community.websense.com/blogs/securitylabs/archive/2010/09/10/brief-analysis-on-adobe-reader-sing-table-parsing-vulnerability-cve-2010-2883.aspx"
},
{
"trust": 2.0,
"url": "http://www.securityfocus.com/bid/43057"
},
{
"trust": 2.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-279a.html"
},
{
"trust": 2.0,
"url": "http://www.vupen.com/english/advisories/2010/2331"
},
{
"trust": 1.8,
"url": "http://www.adobe.com/support/security/advisories/apsa10-02.html"
},
{
"trust": 1.3,
"url": "http://security.gentoo.org/glsa/glsa-201101-08.xml"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11586"
},
{
"trust": 1.2,
"url": "http://www.redhat.com/support/errata/rhsa-2010-0743.html"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/43025"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
},
{
"trust": 1.2,
"url": "http://www.turbolinux.co.jp/security/2011/tlsa-2011-2j.txt"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2011/0191"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2011/0344"
},
{
"trust": 1.2,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61635"
},
{
"trust": 1.1,
"url": "http://blogs.technet.com/b/srd/archive/2010/09/10/use-emet-2-0-to-block-the-adobe-0-day-exploit.aspx"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu491991"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-279a"
},
{
"trust": 0.8,
"url": "http://jvn.jp/ta/jvnta99041988/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-24"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2883"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2010/at100026.txt"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-279a.html"
},
{
"trust": 0.8,
"url": "https://www.us-cert.gov/ncas/alerts/ta15-119a"
},
{
"trust": 0.8,
"url": "https://cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20101006-adobe.html"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/61635"
},
{
"trust": 0.8,
"url": "http://www.vupen.com/english/advisories/2010/2573"
},
{
"trust": 0.4,
"url": "http://contagiodump.blogspot.com/2010/09/cve-david-leadbetters-one-point-lesson.html"
},
{
"trust": 0.3,
"url": "https://www.rafzar.com/node/22"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://github.com/zhouyi827/myblog"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/16619/"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=21550"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43025/"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/vim/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43025"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43025/#comments"
},
{
"trust": 0.1,
"url": "http://www.gentoo.org/security/en/glsa/glsa-201101-08.xml"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/491991\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-279a.html\u003e"
},
{
"trust": 0.1,
"url": "http://kb2.adobe.com/cps/504/cpsid_50431.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-21.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=41340"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/windows_insecure_library_loading/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/41340/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/41340/#comments"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2890"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3620"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3656"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3621"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3619"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2889"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2883"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2890"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3629"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3629"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3619"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3625"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3628"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2883"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3625"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3626"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3657"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3654"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3657"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3622"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3658"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2884"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3620"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3632"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3654"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3632"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2889"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3622"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3656"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2887"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3621"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3628"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3626"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3627"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2884"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3658"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2887"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4091"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3630"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3630"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#491991"
},
{
"db": "VULHUB",
"id": "VHN-45488"
},
{
"db": "VULMON",
"id": "CVE-2010-2883"
},
{
"db": "BID",
"id": "43057"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002088"
},
{
"db": "PACKETSTORM",
"id": "97778"
},
{
"db": "PACKETSTORM",
"id": "94535"
},
{
"db": "PACKETSTORM",
"id": "93611"
},
{
"db": "PACKETSTORM",
"id": "97734"
},
{
"db": "CNNVD",
"id": "CNNVD-201009-077"
},
{
"db": "NVD",
"id": "CVE-2010-2883"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#491991"
},
{
"db": "VULHUB",
"id": "VHN-45488"
},
{
"db": "VULMON",
"id": "CVE-2010-2883"
},
{
"db": "BID",
"id": "43057"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002088"
},
{
"db": "PACKETSTORM",
"id": "97778"
},
{
"db": "PACKETSTORM",
"id": "94535"
},
{
"db": "PACKETSTORM",
"id": "93611"
},
{
"db": "PACKETSTORM",
"id": "97734"
},
{
"db": "CNNVD",
"id": "CNNVD-201009-077"
},
{
"db": "NVD",
"id": "CVE-2010-2883"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-09-14T00:00:00",
"db": "CERT/CC",
"id": "VU#491991"
},
{
"date": "2010-09-09T00:00:00",
"db": "VULHUB",
"id": "VHN-45488"
},
{
"date": "2010-09-09T00:00:00",
"db": "VULMON",
"id": "CVE-2010-2883"
},
{
"date": "2010-09-08T00:00:00",
"db": "BID",
"id": "43057"
},
{
"date": "2010-10-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-002088"
},
{
"date": "2011-01-24T07:05:02",
"db": "PACKETSTORM",
"id": "97778"
},
{
"date": "2010-10-06T21:20:41",
"db": "PACKETSTORM",
"id": "94535"
},
{
"date": "2010-09-08T06:01:23",
"db": "PACKETSTORM",
"id": "93611"
},
{
"date": "2011-01-21T21:14:13",
"db": "PACKETSTORM",
"id": "97734"
},
{
"date": "2010-09-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201009-077"
},
{
"date": "2010-09-09T22:00:02.250000",
"db": "NVD",
"id": "CVE-2010-2883"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-10-29T00:00:00",
"db": "CERT/CC",
"id": "VU#491991"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-45488"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2010-2883"
},
{
"date": "2013-06-20T09:40:00",
"db": "BID",
"id": "43057"
},
{
"date": "2024-07-05T06:01:00",
"db": "JVNDB",
"id": "JVNDB-2010-002088"
},
{
"date": "2011-07-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201009-077"
},
{
"date": "2024-06-28T14:16:27.380000",
"db": "NVD",
"id": "CVE-2010-2883"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201009-077"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Font Parsing Buffer Overflow Vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#491991"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201009-077"
}
],
"trust": 0.6
}
}
var-201208-0439
Vulnerability from variot
Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE-2012-4150, CVE-2012-4151, CVE-2012-4152, CVE-2012-4153, CVE-2012-4154, CVE-2012-4155, CVE-2012-4156, CVE-2012-4158, CVE-2012-4159, and CVE-2012-4160. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201308-03
http://security.gentoo.org/
Severity: High Title: Adobe Reader: Multiple vulnerabilities Date: August 22, 2013 Bugs: #431732, #451058, #469960 ID: 201308-03
Synopsis
Multiple vulnerabilities have been found in Adobe Reader, including potential remote execution of arbitrary code and local privilege escalation.
Background
Adobe Reader is a closed-source PDF reader.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.5.5 >= 9.5.5
Description
Multiple vulnerabilities have been discovered in Adobe Reader. Please review the CVE identifiers referenced below for details. A local attacker could gain privileges via unspecified vectors.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.5.5"
References
[ 1 ] CVE-2012-1525 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525 [ 2 ] CVE-2012-1530 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530 [ 3 ] CVE-2012-2049 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049 [ 4 ] CVE-2012-2050 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050 [ 5 ] CVE-2012-2051 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051 [ 6 ] CVE-2012-4147 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147 [ 7 ] CVE-2012-4148 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748 [ 8 ] CVE-2012-4149 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149 [ 9 ] CVE-2012-4150 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150 [ 10 ] CVE-2012-4151 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151 [ 11 ] CVE-2012-4152 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152 [ 12 ] CVE-2012-4153 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153 [ 13 ] CVE-2012-4154 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154 [ 14 ] CVE-2012-4155 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155 [ 15 ] CVE-2012-4156 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156 [ 16 ] CVE-2012-4157 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157 [ 17 ] CVE-2012-4158 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158 [ 18 ] CVE-2012-4159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159 [ 19 ] CVE-2012-4160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160 [ 20 ] CVE-2012-4363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363 [ 21 ] CVE-2013-0601 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601 [ 22 ] CVE-2013-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602 [ 23 ] CVE-2013-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603 [ 24 ] CVE-2013-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604 [ 25 ] CVE-2013-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605 [ 26 ] CVE-2013-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606 [ 27 ] CVE-2013-0607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607 [ 28 ] CVE-2013-0608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608 [ 29 ] CVE-2013-0609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609 [ 30 ] CVE-2013-0610 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610 [ 31 ] CVE-2013-0611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611 [ 32 ] CVE-2013-0612 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612 [ 33 ] CVE-2013-0613 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613 [ 34 ] CVE-2013-0614 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614 [ 35 ] CVE-2013-0615 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615 [ 36 ] CVE-2013-0616 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616 [ 37 ] CVE-2013-0617 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617 [ 38 ] CVE-2013-0618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618 [ 39 ] CVE-2013-0619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619 [ 40 ] CVE-2013-0620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620 [ 41 ] CVE-2013-0621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621 [ 42 ] CVE-2013-0622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622 [ 43 ] CVE-2013-0623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623 [ 44 ] CVE-2013-0624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624 [ 45 ] CVE-2013-0626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626 [ 46 ] CVE-2013-0627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627 [ 47 ] CVE-2013-0640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640 [ 48 ] CVE-2013-0641 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641 [ 49 ] CVE-2013-2549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549 [ 50 ] CVE-2013-2550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550 [ 51 ] CVE-2013-2718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718 [ 52 ] CVE-2013-2719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719 [ 53 ] CVE-2013-2720 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720 [ 54 ] CVE-2013-2721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721 [ 55 ] CVE-2013-2722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722 [ 56 ] CVE-2013-2723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723 [ 57 ] CVE-2013-2724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724 [ 58 ] CVE-2013-2725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725 [ 59 ] CVE-2013-2726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726 [ 60 ] CVE-2013-2727 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727 [ 61 ] CVE-2013-2729 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729 [ 62 ] CVE-2013-2730 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730 [ 63 ] CVE-2013-2731 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731 [ 64 ] CVE-2013-2732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732 [ 65 ] CVE-2013-2733 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733 [ 66 ] CVE-2013-2734 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734 [ 67 ] CVE-2013-2735 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735 [ 68 ] CVE-2013-2736 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736 [ 69 ] CVE-2013-2737 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737 [ 70 ] CVE-2013-3337 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337 [ 71 ] CVE-2013-3338 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338 [ 72 ] CVE-2013-3339 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339 [ 73 ] CVE-2013-3340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340 [ 74 ] CVE-2013-3341 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341 [ 75 ] CVE-2013-3342 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201308-03.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . ----------------------------------------------------------------------
The new Secunia CSI 6.0 is now available in beta! Seamless integration with your existing security solutions Sign-up to become a Beta tester: http://secunia.com/csi6beta
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50281
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50281/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
RELEASE DATE: 2012-08-14
DISCUSS ADVISORY: http://secunia.com/advisories/50281/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50281/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.
1) An unspecified error can be exploited to cause a stack-based buffer overflow.
2) An unspecified error can be exploited to cause a buffer overflow.
3) An unspecified error can be exploited to corrupt memory.
4) Another unspecified error can be exploited to corrupt memory.
5) Another unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to cause a heap-based buffer overflow.
7) Multiple unspecified errors can be exploited to corrupt memory.
8) Two unspecified errors can be exploited to corrupt memory.
Note: Vulnerability #8 affects the Macintosh platform only.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
SOLUTION: Apply updates.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1) Pavel Polischouk, TELUS Security Labs 2) An anonymous person via Beyond Security 3) Mateusz Jurczyk, Google Security Team 4, 8) James Quirk 5) John Leitch, Microsoft 6) Nicolas Gr\xe9goire via iDefense 7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team
ORIGINAL ADVISORY: http://www.adobe.com/support/security/bulletins/apsb12-16.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201208-0439",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (windows and macintosh)"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (windows and macintosh)"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "55018"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003645"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-256"
},
{
"db": "NVD",
"id": "CVE-2012-4157"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003645"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mateusz Jurczyk and Gynvael Coldwind, of the Google Security Team",
"sources": [
{
"db": "BID",
"id": "55018"
}
],
"trust": 0.3
},
"cve": "CVE-2012-4157",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2012-4157",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-57438",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-4157",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2012-4157",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201208-256",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-57438",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57438"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003645"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-256"
},
{
"db": "NVD",
"id": "CVE-2012-4157"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE-2012-4150, CVE-2012-4151, CVE-2012-4152, CVE-2012-4153, CVE-2012-4154, CVE-2012-4155, CVE-2012-4156, CVE-2012-4158, CVE-2012-4159, and CVE-2012-4160. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201308-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Adobe Reader: Multiple vulnerabilities\n Date: August 22, 2013\n Bugs: #431732, #451058, #469960\n ID: 201308-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Adobe Reader, including\npotential remote execution of arbitrary code and local privilege\nescalation. \n\nBackground\n==========\n\nAdobe Reader is a closed-source PDF reader. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/acroread \u003c 9.5.5 \u003e= 9.5.5\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Adobe Reader. Please\nreview the CVE identifiers referenced below for details. A local attacker could gain privileges via\nunspecified vectors. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.5.5\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-1525\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525\n[ 2 ] CVE-2012-1530\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530\n[ 3 ] CVE-2012-2049\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049\n[ 4 ] CVE-2012-2050\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050\n[ 5 ] CVE-2012-2051\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051\n[ 6 ] CVE-2012-4147\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147\n[ 7 ] CVE-2012-4148\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748\n[ 8 ] CVE-2012-4149\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149\n[ 9 ] CVE-2012-4150\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150\n[ 10 ] CVE-2012-4151\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151\n[ 11 ] CVE-2012-4152\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152\n[ 12 ] CVE-2012-4153\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153\n[ 13 ] CVE-2012-4154\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154\n[ 14 ] CVE-2012-4155\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155\n[ 15 ] CVE-2012-4156\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156\n[ 16 ] CVE-2012-4157\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157\n[ 17 ] CVE-2012-4158\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158\n[ 18 ] CVE-2012-4159\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159\n[ 19 ] CVE-2012-4160\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160\n[ 20 ] CVE-2012-4363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363\n[ 21 ] CVE-2013-0601\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601\n[ 22 ] CVE-2013-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602\n[ 23 ] CVE-2013-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603\n[ 24 ] CVE-2013-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604\n[ 25 ] CVE-2013-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605\n[ 26 ] CVE-2013-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606\n[ 27 ] CVE-2013-0607\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607\n[ 28 ] CVE-2013-0608\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608\n[ 29 ] CVE-2013-0609\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609\n[ 30 ] CVE-2013-0610\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610\n[ 31 ] CVE-2013-0611\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611\n[ 32 ] CVE-2013-0612\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612\n[ 33 ] CVE-2013-0613\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613\n[ 34 ] CVE-2013-0614\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614\n[ 35 ] CVE-2013-0615\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615\n[ 36 ] CVE-2013-0616\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616\n[ 37 ] CVE-2013-0617\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617\n[ 38 ] CVE-2013-0618\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618\n[ 39 ] CVE-2013-0619\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619\n[ 40 ] CVE-2013-0620\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620\n[ 41 ] CVE-2013-0621\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621\n[ 42 ] CVE-2013-0622\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622\n[ 43 ] CVE-2013-0623\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623\n[ 44 ] CVE-2013-0624\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624\n[ 45 ] CVE-2013-0626\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626\n[ 46 ] CVE-2013-0627\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627\n[ 47 ] CVE-2013-0640\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640\n[ 48 ] CVE-2013-0641\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641\n[ 49 ] CVE-2013-2549\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549\n[ 50 ] CVE-2013-2550\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550\n[ 51 ] CVE-2013-2718\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718\n[ 52 ] CVE-2013-2719\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719\n[ 53 ] CVE-2013-2720\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720\n[ 54 ] CVE-2013-2721\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721\n[ 55 ] CVE-2013-2722\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722\n[ 56 ] CVE-2013-2723\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723\n[ 57 ] CVE-2013-2724\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724\n[ 58 ] CVE-2013-2725\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725\n[ 59 ] CVE-2013-2726\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726\n[ 60 ] CVE-2013-2727\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727\n[ 61 ] CVE-2013-2729\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729\n[ 62 ] CVE-2013-2730\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730\n[ 63 ] CVE-2013-2731\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731\n[ 64 ] CVE-2013-2732\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732\n[ 65 ] CVE-2013-2733\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733\n[ 66 ] CVE-2013-2734\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734\n[ 67 ] CVE-2013-2735\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735\n[ 68 ] CVE-2013-2736\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736\n[ 69 ] CVE-2013-2737\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737\n[ 70 ] CVE-2013-3337\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337\n[ 71 ] CVE-2013-3338\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338\n[ 72 ] CVE-2013-3339\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339\n[ 73 ] CVE-2013-3340\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340\n[ 74 ] CVE-2013-3341\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341\n[ 75 ] CVE-2013-3342\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201308-03.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ----------------------------------------------------------------------\n\nThe new Secunia CSI 6.0 is now available in beta!\nSeamless integration with your existing security solutions Sign-up to \nbecome a Beta tester: http://secunia.com/csi6beta\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50281\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50281/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nRELEASE DATE:\n2012-08-14\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50281/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50281/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader and Adobe\nAcrobat, which can be exploited by malicious people to compromise a\nuser\u0027s system. \n\n1) An unspecified error can be exploited to cause a stack-based\nbuffer overflow. \n\n2) An unspecified error can be exploited to cause a buffer overflow. \n\n3) An unspecified error can be exploited to corrupt memory. \n\n4) Another unspecified error can be exploited to corrupt memory. \n\n5) Another unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to cause a heap-based buffer\noverflow. \n\n7) Multiple unspecified errors can be exploited to corrupt memory. \n\n8) Two unspecified errors can be exploited to corrupt memory. \n\nNote: Vulnerability #8 affects the Macintosh platform only. \n\nSuccessful exploitation of the vulnerabilities may allow execution of\narbitrary code. \n\nSOLUTION:\nApply updates. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1) Pavel Polischouk, TELUS Security Labs\n2) An anonymous person via Beyond Security\n3) Mateusz Jurczyk, Google Security Team\n4, 8) James Quirk\n5) John Leitch, Microsoft\n6) Nicolas Gr\\xe9goire via iDefense\n7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team\n\nORIGINAL ADVISORY:\nhttp://www.adobe.com/support/security/bulletins/apsb12-16.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4157"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003645"
},
{
"db": "BID",
"id": "55018"
},
{
"db": "VULHUB",
"id": "VHN-57438"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-4157",
"trust": 2.9
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003645",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201208-256",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "50281",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "20337",
"trust": 0.6
},
{
"db": "BID",
"id": "55018",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-57438",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "122930",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "115524",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57438"
},
{
"db": "BID",
"id": "55018"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003645"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-256"
},
{
"db": "NVD",
"id": "CVE-2012-4157"
}
]
},
"id": "VAR-201208-0439",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-57438"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:26:22.935000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"title": "APSB12-16 (cq08100817)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/acrobat/kb/cq08100817.html"
},
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb12-16.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20120816.html"
},
{
"title": "AcrobatUpd1014",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44040"
},
{
"title": "AdbeRdrUpd952_all_ppc",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44044"
},
{
"title": "AcroProUpd952_all",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44039"
},
{
"title": "AdbeRdrUpd952_all_i386",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44043"
},
{
"title": "AcrobatUpd1014",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44038"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003645"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-256"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57438"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003645"
},
{
"db": "NVD",
"id": "CVE-2012-4157"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"trust": 1.2,
"url": "http://security.gentoo.org/glsa/glsa-201308-03.xml"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a15749"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4157"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2012/at120023.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4157"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50281"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/20337"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3338"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4147"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4155"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4152"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2729"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2718"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0611"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2719"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2722"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4147"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4152"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0620"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2725"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2721"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1525"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4153"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0607"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0617"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4151"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0615"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0601"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1525"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2735"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2726"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2737"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2549"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4154"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2727"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0608"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4157"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1530"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2734"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4157"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4153"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4150"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3342"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0641"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0610"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2731"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0623"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2049"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2733"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2736"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3337"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2050"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2720"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0614"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1530"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2730"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0616"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4151"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0619"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4150"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4154"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3341"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2550"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0640"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4155"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2049"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2732"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2724"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0612"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0613"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2723"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2050"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0621"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0601"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/"
},
{
"trust": 0.1,
"url": "http://secunia.com/csi6beta"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57438"
},
{
"db": "BID",
"id": "55018"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003645"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-256"
},
{
"db": "NVD",
"id": "CVE-2012-4157"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-57438"
},
{
"db": "BID",
"id": "55018"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003645"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-256"
},
{
"db": "NVD",
"id": "CVE-2012-4157"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-15T00:00:00",
"db": "VULHUB",
"id": "VHN-57438"
},
{
"date": "2012-08-14T00:00:00",
"db": "BID",
"id": "55018"
},
{
"date": "2012-08-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003645"
},
{
"date": "2013-08-23T06:29:02",
"db": "PACKETSTORM",
"id": "122930"
},
{
"date": "2012-08-14T04:36:45",
"db": "PACKETSTORM",
"id": "115524"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-256"
},
{
"date": "2012-08-15T10:31:41.587000",
"db": "NVD",
"id": "CVE-2012-4157"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-57438"
},
{
"date": "2013-08-26T06:14:00",
"db": "BID",
"id": "55018"
},
{
"date": "2012-08-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003645"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-256"
},
{
"date": "2017-09-19T01:35:17.153000",
"db": "NVD",
"id": "CVE-2012-4157"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-256"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X upper Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003645"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-256"
}
],
"trust": 0.6
}
}
var-201510-0365
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted use of the fillColor attribute, a different vulnerability than CVE-2015-6685, CVE-2015-6686, CVE-2015-6693, CVE-2015-6695, and CVE-2015-7622. This vulnerability CVE-2015-6685 , CVE-2015-6686 , CVE-2015-6693 , CVE-2015-6695 , CVE-2015-7622 ,and CVE-2015-7650 Is a different vulnerability.By the attacker, fillColor Arbitrary code may be executed or a service may be disrupted through a crafted use of attributes ( Memory corruption ) There is a possibility of being put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the fillColor attribute. By setting the fillColor attribute to a specially crafted array an attacker can force a dangling pointer to be reused after it has been freed. Adobe Acrobat and Reader are prone to multiple memory-corruption vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Security flaws exist in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0365",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-471"
},
{
"db": "BID",
"id": "77069"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005251"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-207"
},
{
"db": "NVD",
"id": "CVE-2015-6694"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005251"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-471"
}
],
"trust": 0.7
},
"cve": "CVE-2015-6694",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6694",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.7,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-6694",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84655",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6694",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6694",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-6694",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-207",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-84655",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-471"
},
{
"db": "VULHUB",
"id": "VHN-84655"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005251"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-207"
},
{
"db": "NVD",
"id": "CVE-2015-6694"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted use of the fillColor attribute, a different vulnerability than CVE-2015-6685, CVE-2015-6686, CVE-2015-6693, CVE-2015-6695, and CVE-2015-7622. This vulnerability CVE-2015-6685 , CVE-2015-6686 , CVE-2015-6693 , CVE-2015-6695 , CVE-2015-7622 ,and CVE-2015-7650 Is a different vulnerability.By the attacker, fillColor Arbitrary code may be executed or a service may be disrupted through a crafted use of attributes ( Memory corruption ) There is a possibility of being put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the fillColor attribute. By setting the fillColor attribute to a specially crafted array an attacker can force a dangling pointer to be reused after it has been freed. Adobe Acrobat and Reader are prone to multiple memory-corruption vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Security flaws exist in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6694"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005251"
},
{
"db": "ZDI",
"id": "ZDI-15-471"
},
{
"db": "BID",
"id": "77069"
},
{
"db": "VULHUB",
"id": "VHN-84655"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6694",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-471",
"trust": 2.7
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005251",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3015",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-207",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-15-466",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-472",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-467",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-473",
"trust": 0.3
},
{
"db": "BID",
"id": "77069",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84655",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-471"
},
{
"db": "VULHUB",
"id": "VHN-84655"
},
{
"db": "BID",
"id": "77069"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005251"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-207"
},
{
"db": "NVD",
"id": "CVE-2015-6694"
}
]
},
"id": "VAR-201510-0365",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84655"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:36.679000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product Buffer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58056"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-471"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005251"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-207"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84655"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005251"
},
{
"db": "NVD",
"id": "CVE-2015-6694"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-471"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6694"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6694"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-467/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-466/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-473/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-471/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-472/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-471"
},
{
"db": "VULHUB",
"id": "VHN-84655"
},
{
"db": "BID",
"id": "77069"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005251"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-207"
},
{
"db": "NVD",
"id": "CVE-2015-6694"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-471"
},
{
"db": "VULHUB",
"id": "VHN-84655"
},
{
"db": "BID",
"id": "77069"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005251"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-207"
},
{
"db": "NVD",
"id": "CVE-2015-6694"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-471"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84655"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77069"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005251"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-207"
},
{
"date": "2015-10-14T23:59:16.050000",
"db": "NVD",
"id": "CVE-2015-6694"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-471"
},
{
"date": "2020-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-84655"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77069"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005251"
},
{
"date": "2020-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-207"
},
{
"date": "2021-09-08T17:19:31.710000",
"db": "NVD",
"id": "CVE-2015-6694"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-207"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005251"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-207"
}
],
"trust": 0.6
}
}
var-201401-0372
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0493. Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application or to crash the application. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201401-0372",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.06)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.9)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.06)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.9)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.3"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001182"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-336"
},
{
"db": "NVD",
"id": "CVE-2014-0495"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001182"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mateusz Jurczyk and Gynvael Coldwind of the Google Security Team",
"sources": [
{
"db": "BID",
"id": "64803"
}
],
"trust": 0.3
},
"cve": "CVE-2014-0495",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-0495",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-67988",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-0495",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-0495",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201401-336",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-67988",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-67988"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001182"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-336"
},
{
"db": "NVD",
"id": "CVE-2014-0495"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0493. Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. \nAn attacker can exploit this issue to execute arbitrary code within the context of the affected application or to crash the application. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0495"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001182"
},
{
"db": "BID",
"id": "64803"
},
{
"db": "VULHUB",
"id": "VHN-67988"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0495",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1029604",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001182",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201401-336",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "56303",
"trust": 0.6
},
{
"db": "BID",
"id": "64803",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-67988",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-67988"
},
{
"db": "BID",
"id": "64803"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001182"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-336"
},
{
"db": "NVD",
"id": "CVE-2014-0495"
}
]
},
"id": "VAR-201401-0372",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-67988"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:48:18.147000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB14-01",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/acrobat/apsb14-01.html"
},
{
"title": "APSB14-01",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/acrobat/apsb14-01.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20140116.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001182"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-67988"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001182"
},
{
"db": "NVD",
"id": "CVE-2014-0495"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://helpx.adobe.com/security/products/acrobat/apsb14-01.html"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1029604"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0495"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20140115-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140003.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0495"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=12878"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/56303"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/reader/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-67988"
},
{
"db": "BID",
"id": "64803"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001182"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-336"
},
{
"db": "NVD",
"id": "CVE-2014-0495"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-67988"
},
{
"db": "BID",
"id": "64803"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001182"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-336"
},
{
"db": "NVD",
"id": "CVE-2014-0495"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-01-15T00:00:00",
"db": "VULHUB",
"id": "VHN-67988"
},
{
"date": "2014-01-14T00:00:00",
"db": "BID",
"id": "64803"
},
{
"date": "2014-01-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001182"
},
{
"date": "2014-01-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201401-336"
},
{
"date": "2014-01-15T16:13:04.070000",
"db": "NVD",
"id": "CVE-2014-0495"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-13T00:00:00",
"db": "VULHUB",
"id": "VHN-67988"
},
{
"date": "2014-01-14T00:00:00",
"db": "BID",
"id": "64803"
},
{
"date": "2014-01-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001182"
},
{
"date": "2014-01-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201401-336"
},
{
"date": "2018-12-13T15:50:35.977000",
"db": "NVD",
"id": "CVE-2014-0495"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201401-336"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerabilities in arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001182"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201401-336"
}
],
"trust": 0.6
}
}
var-201510-0042
Vulnerability from variot
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code by leveraging improper EScript exception handling, a different vulnerability than CVE-2015-5586, CVE-2015-6683, CVE-2015-6684, CVE-2015-6687, CVE-2015-6688, CVE-2015-6689, CVE-2015-6690, CVE-2015-6691, CVE-2015-7615, and CVE-2015-7621. This vulnerability CVE-2015-5586 , CVE-2015-6683 , CVE-2015-6684 , CVE-2015-6687 , CVE-2015-6688 , CVE-2015-6689 , CVE-2015-6690 , CVE-2015-6691 , CVE-2015-7615 ,and CVE-2015-7621 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlInappropriate EScript Arbitrary code may be executed by using the execution process. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the the EScript exception handlers. A specially crafted PDF document can force a dangling pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code under the context of the current process. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A use-after-free vulnerability exists in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0042",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-492"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005296"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-242"
},
{
"db": "NVD",
"id": "CVE-2015-7617"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005296"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-492"
}
],
"trust": 0.7
},
"cve": "CVE-2015-7617",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-7617",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.7,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-7617",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-85578",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-7617",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-7617",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-7617",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-242",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-85578",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-492"
},
{
"db": "VULHUB",
"id": "VHN-85578"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005296"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-242"
},
{
"db": "NVD",
"id": "CVE-2015-7617"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code by leveraging improper EScript exception handling, a different vulnerability than CVE-2015-5586, CVE-2015-6683, CVE-2015-6684, CVE-2015-6687, CVE-2015-6688, CVE-2015-6689, CVE-2015-6690, CVE-2015-6691, CVE-2015-7615, and CVE-2015-7621. This vulnerability CVE-2015-5586 , CVE-2015-6683 , CVE-2015-6684 , CVE-2015-6687 , CVE-2015-6688 , CVE-2015-6689 , CVE-2015-6690 , CVE-2015-6691 , CVE-2015-7615 ,and CVE-2015-7621 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlInappropriate EScript Arbitrary code may be executed by using the execution process. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the the EScript exception handlers. A specially crafted PDF document can force a dangling pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code under the context of the current process. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A use-after-free vulnerability exists in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7617"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005296"
},
{
"db": "ZDI",
"id": "ZDI-15-492"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "VULHUB",
"id": "VHN-85578"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-7617",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-492",
"trust": 2.7
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005296",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3068",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-242",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-15-508",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-470",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-493",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-469",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-474",
"trust": 0.3
},
{
"db": "BID",
"id": "77064",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-85578",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-492"
},
{
"db": "VULHUB",
"id": "VHN-85578"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005296"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-242"
},
{
"db": "NVD",
"id": "CVE-2015-7617"
}
]
},
"id": "VAR-201510-0042",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-85578"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:37.266000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Remediation measures for reusing vulnerabilities after product release",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58091"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-492"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005296"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-242"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85578"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005296"
},
{
"db": "NVD",
"id": "CVE-2015-7617"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-492"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7617"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7617"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-469/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-470/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-474/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-492/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-493/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-508/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-492"
},
{
"db": "VULHUB",
"id": "VHN-85578"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005296"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-242"
},
{
"db": "NVD",
"id": "CVE-2015-7617"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-492"
},
{
"db": "VULHUB",
"id": "VHN-85578"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005296"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-242"
},
{
"db": "NVD",
"id": "CVE-2015-7617"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-492"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-85578"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77064"
},
{
"date": "2015-10-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005296"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-242"
},
{
"date": "2015-10-14T23:59:50.947000",
"db": "NVD",
"id": "CVE-2015-7617"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-492"
},
{
"date": "2020-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-85578"
},
{
"date": "2015-10-26T17:00:00",
"db": "BID",
"id": "77064"
},
{
"date": "2015-10-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005296"
},
{
"date": "2020-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-242"
},
{
"date": "2021-09-08T17:19:32.550000",
"db": "NVD",
"id": "CVE-2015-7617"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-242"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005296"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-242"
}
],
"trust": 0.6
}
}
var-201208-0443
Vulnerability from variot
Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE-2012-4150, CVE-2012-4151, CVE-2012-4152, CVE-2012-4153, CVE-2012-4154, CVE-2012-4156, CVE-2012-4157, CVE-2012-4158, CVE-2012-4159, and CVE-2012-4160. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201308-03
http://security.gentoo.org/
Severity: High Title: Adobe Reader: Multiple vulnerabilities Date: August 22, 2013 Bugs: #431732, #451058, #469960 ID: 201308-03
Synopsis
Multiple vulnerabilities have been found in Adobe Reader, including potential remote execution of arbitrary code and local privilege escalation.
Background
Adobe Reader is a closed-source PDF reader.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.5.5 >= 9.5.5
Description
Multiple vulnerabilities have been discovered in Adobe Reader. Please review the CVE identifiers referenced below for details. A local attacker could gain privileges via unspecified vectors.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.5.5"
References
[ 1 ] CVE-2012-1525 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525 [ 2 ] CVE-2012-1530 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530 [ 3 ] CVE-2012-2049 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049 [ 4 ] CVE-2012-2050 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050 [ 5 ] CVE-2012-2051 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051 [ 6 ] CVE-2012-4147 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147 [ 7 ] CVE-2012-4148 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748 [ 8 ] CVE-2012-4149 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149 [ 9 ] CVE-2012-4150 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150 [ 10 ] CVE-2012-4151 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151 [ 11 ] CVE-2012-4152 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152 [ 12 ] CVE-2012-4153 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153 [ 13 ] CVE-2012-4154 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154 [ 14 ] CVE-2012-4155 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155 [ 15 ] CVE-2012-4156 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156 [ 16 ] CVE-2012-4157 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157 [ 17 ] CVE-2012-4158 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158 [ 18 ] CVE-2012-4159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159 [ 19 ] CVE-2012-4160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160 [ 20 ] CVE-2012-4363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363 [ 21 ] CVE-2013-0601 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601 [ 22 ] CVE-2013-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602 [ 23 ] CVE-2013-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603 [ 24 ] CVE-2013-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604 [ 25 ] CVE-2013-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605 [ 26 ] CVE-2013-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606 [ 27 ] CVE-2013-0607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607 [ 28 ] CVE-2013-0608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608 [ 29 ] CVE-2013-0609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609 [ 30 ] CVE-2013-0610 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610 [ 31 ] CVE-2013-0611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611 [ 32 ] CVE-2013-0612 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612 [ 33 ] CVE-2013-0613 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613 [ 34 ] CVE-2013-0614 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614 [ 35 ] CVE-2013-0615 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615 [ 36 ] CVE-2013-0616 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616 [ 37 ] CVE-2013-0617 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617 [ 38 ] CVE-2013-0618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618 [ 39 ] CVE-2013-0619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619 [ 40 ] CVE-2013-0620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620 [ 41 ] CVE-2013-0621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621 [ 42 ] CVE-2013-0622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622 [ 43 ] CVE-2013-0623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623 [ 44 ] CVE-2013-0624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624 [ 45 ] CVE-2013-0626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626 [ 46 ] CVE-2013-0627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627 [ 47 ] CVE-2013-0640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640 [ 48 ] CVE-2013-0641 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641 [ 49 ] CVE-2013-2549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549 [ 50 ] CVE-2013-2550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550 [ 51 ] CVE-2013-2718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718 [ 52 ] CVE-2013-2719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719 [ 53 ] CVE-2013-2720 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720 [ 54 ] CVE-2013-2721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721 [ 55 ] CVE-2013-2722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722 [ 56 ] CVE-2013-2723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723 [ 57 ] CVE-2013-2724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724 [ 58 ] CVE-2013-2725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725 [ 59 ] CVE-2013-2726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726 [ 60 ] CVE-2013-2727 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727 [ 61 ] CVE-2013-2729 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729 [ 62 ] CVE-2013-2730 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730 [ 63 ] CVE-2013-2731 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731 [ 64 ] CVE-2013-2732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732 [ 65 ] CVE-2013-2733 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733 [ 66 ] CVE-2013-2734 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734 [ 67 ] CVE-2013-2735 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735 [ 68 ] CVE-2013-2736 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736 [ 69 ] CVE-2013-2737 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737 [ 70 ] CVE-2013-3337 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337 [ 71 ] CVE-2013-3338 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338 [ 72 ] CVE-2013-3339 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339 [ 73 ] CVE-2013-3340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340 [ 74 ] CVE-2013-3341 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341 [ 75 ] CVE-2013-3342 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201308-03.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . ----------------------------------------------------------------------
The new Secunia CSI 6.0 is now available in beta! Seamless integration with your existing security solutions Sign-up to become a Beta tester: http://secunia.com/csi6beta
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50281
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50281/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
RELEASE DATE: 2012-08-14
DISCUSS ADVISORY: http://secunia.com/advisories/50281/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50281/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.
1) An unspecified error can be exploited to cause a stack-based buffer overflow.
2) An unspecified error can be exploited to cause a buffer overflow.
3) An unspecified error can be exploited to corrupt memory.
4) Another unspecified error can be exploited to corrupt memory.
5) Another unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to cause a heap-based buffer overflow.
7) Multiple unspecified errors can be exploited to corrupt memory.
8) Two unspecified errors can be exploited to corrupt memory.
Note: Vulnerability #8 affects the Macintosh platform only.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
SOLUTION: Apply updates.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1) Pavel Polischouk, TELUS Security Labs 2) An anonymous person via Beyond Security 3) Mateusz Jurczyk, Google Security Team 4, 8) James Quirk 5) John Leitch, Microsoft 6) Nicolas Gr\xe9goire via iDefense 7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team
ORIGINAL ADVISORY: http://www.adobe.com/support/security/bulletins/apsb12-16.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201208-0443",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (windows and macintosh)"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (windows and macintosh)"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "55016"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003643"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-254"
},
{
"db": "NVD",
"id": "CVE-2012-4155"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003643"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mateusz Jurczyk and Gynvael Coldwind, of the Google Security Team",
"sources": [
{
"db": "BID",
"id": "55016"
}
],
"trust": 0.3
},
"cve": "CVE-2012-4155",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2012-4155",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-57436",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-4155",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2012-4155",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201208-254",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-57436",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2012-4155",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57436"
},
{
"db": "VULMON",
"id": "CVE-2012-4155"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003643"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-254"
},
{
"db": "NVD",
"id": "CVE-2012-4155"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE-2012-4150, CVE-2012-4151, CVE-2012-4152, CVE-2012-4153, CVE-2012-4154, CVE-2012-4156, CVE-2012-4157, CVE-2012-4158, CVE-2012-4159, and CVE-2012-4160. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201308-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Adobe Reader: Multiple vulnerabilities\n Date: August 22, 2013\n Bugs: #431732, #451058, #469960\n ID: 201308-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Adobe Reader, including\npotential remote execution of arbitrary code and local privilege\nescalation. \n\nBackground\n==========\n\nAdobe Reader is a closed-source PDF reader. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/acroread \u003c 9.5.5 \u003e= 9.5.5\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Adobe Reader. Please\nreview the CVE identifiers referenced below for details. A local attacker could gain privileges via\nunspecified vectors. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.5.5\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-1525\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525\n[ 2 ] CVE-2012-1530\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530\n[ 3 ] CVE-2012-2049\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049\n[ 4 ] CVE-2012-2050\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050\n[ 5 ] CVE-2012-2051\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051\n[ 6 ] CVE-2012-4147\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147\n[ 7 ] CVE-2012-4148\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748\n[ 8 ] CVE-2012-4149\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149\n[ 9 ] CVE-2012-4150\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150\n[ 10 ] CVE-2012-4151\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151\n[ 11 ] CVE-2012-4152\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152\n[ 12 ] CVE-2012-4153\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153\n[ 13 ] CVE-2012-4154\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154\n[ 14 ] CVE-2012-4155\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155\n[ 15 ] CVE-2012-4156\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156\n[ 16 ] CVE-2012-4157\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157\n[ 17 ] CVE-2012-4158\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158\n[ 18 ] CVE-2012-4159\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159\n[ 19 ] CVE-2012-4160\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160\n[ 20 ] CVE-2012-4363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363\n[ 21 ] CVE-2013-0601\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601\n[ 22 ] CVE-2013-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602\n[ 23 ] CVE-2013-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603\n[ 24 ] CVE-2013-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604\n[ 25 ] CVE-2013-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605\n[ 26 ] CVE-2013-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606\n[ 27 ] CVE-2013-0607\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607\n[ 28 ] CVE-2013-0608\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608\n[ 29 ] CVE-2013-0609\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609\n[ 30 ] CVE-2013-0610\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610\n[ 31 ] CVE-2013-0611\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611\n[ 32 ] CVE-2013-0612\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612\n[ 33 ] CVE-2013-0613\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613\n[ 34 ] CVE-2013-0614\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614\n[ 35 ] CVE-2013-0615\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615\n[ 36 ] CVE-2013-0616\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616\n[ 37 ] CVE-2013-0617\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617\n[ 38 ] CVE-2013-0618\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618\n[ 39 ] CVE-2013-0619\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619\n[ 40 ] CVE-2013-0620\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620\n[ 41 ] CVE-2013-0621\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621\n[ 42 ] CVE-2013-0622\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622\n[ 43 ] CVE-2013-0623\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623\n[ 44 ] CVE-2013-0624\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624\n[ 45 ] CVE-2013-0626\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626\n[ 46 ] CVE-2013-0627\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627\n[ 47 ] CVE-2013-0640\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640\n[ 48 ] CVE-2013-0641\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641\n[ 49 ] CVE-2013-2549\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549\n[ 50 ] CVE-2013-2550\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550\n[ 51 ] CVE-2013-2718\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718\n[ 52 ] CVE-2013-2719\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719\n[ 53 ] CVE-2013-2720\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720\n[ 54 ] CVE-2013-2721\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721\n[ 55 ] CVE-2013-2722\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722\n[ 56 ] CVE-2013-2723\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723\n[ 57 ] CVE-2013-2724\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724\n[ 58 ] CVE-2013-2725\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725\n[ 59 ] CVE-2013-2726\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726\n[ 60 ] CVE-2013-2727\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727\n[ 61 ] CVE-2013-2729\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729\n[ 62 ] CVE-2013-2730\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730\n[ 63 ] CVE-2013-2731\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731\n[ 64 ] CVE-2013-2732\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732\n[ 65 ] CVE-2013-2733\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733\n[ 66 ] CVE-2013-2734\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734\n[ 67 ] CVE-2013-2735\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735\n[ 68 ] CVE-2013-2736\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736\n[ 69 ] CVE-2013-2737\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737\n[ 70 ] CVE-2013-3337\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337\n[ 71 ] CVE-2013-3338\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338\n[ 72 ] CVE-2013-3339\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339\n[ 73 ] CVE-2013-3340\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340\n[ 74 ] CVE-2013-3341\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341\n[ 75 ] CVE-2013-3342\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201308-03.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ----------------------------------------------------------------------\n\nThe new Secunia CSI 6.0 is now available in beta!\nSeamless integration with your existing security solutions Sign-up to \nbecome a Beta tester: http://secunia.com/csi6beta\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50281\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50281/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nRELEASE DATE:\n2012-08-14\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50281/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50281/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader and Adobe\nAcrobat, which can be exploited by malicious people to compromise a\nuser\u0027s system. \n\n1) An unspecified error can be exploited to cause a stack-based\nbuffer overflow. \n\n2) An unspecified error can be exploited to cause a buffer overflow. \n\n3) An unspecified error can be exploited to corrupt memory. \n\n4) Another unspecified error can be exploited to corrupt memory. \n\n5) Another unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to cause a heap-based buffer\noverflow. \n\n7) Multiple unspecified errors can be exploited to corrupt memory. \n\n8) Two unspecified errors can be exploited to corrupt memory. \n\nNote: Vulnerability #8 affects the Macintosh platform only. \n\nSuccessful exploitation of the vulnerabilities may allow execution of\narbitrary code. \n\nSOLUTION:\nApply updates. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1) Pavel Polischouk, TELUS Security Labs\n2) An anonymous person via Beyond Security\n3) Mateusz Jurczyk, Google Security Team\n4, 8) James Quirk\n5) John Leitch, Microsoft\n6) Nicolas Gr\\xe9goire via iDefense\n7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team\n\nORIGINAL ADVISORY:\nhttp://www.adobe.com/support/security/bulletins/apsb12-16.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4155"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003643"
},
{
"db": "BID",
"id": "55016"
},
{
"db": "VULHUB",
"id": "VHN-57436"
},
{
"db": "VULMON",
"id": "CVE-2012-4155"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-4155",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003643",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201208-254",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "50281",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "20339",
"trust": 0.6
},
{
"db": "BID",
"id": "55016",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-57436",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2012-4155",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "122930",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "115524",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57436"
},
{
"db": "VULMON",
"id": "CVE-2012-4155"
},
{
"db": "BID",
"id": "55016"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003643"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-254"
},
{
"db": "NVD",
"id": "CVE-2012-4155"
}
]
},
"id": "VAR-201208-0443",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-57436"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:39:26.281000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"title": "APSB12-16 (cq08100817)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/acrobat/kb/cq08100817.html"
},
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb12-16.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20120816.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003643"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57436"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003643"
},
{
"db": "NVD",
"id": "CVE-2012-4155"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"trust": 1.3,
"url": "http://security.gentoo.org/glsa/glsa-201308-03.xml"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a15590"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4155"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2012/at120023.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4155"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50281"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/20339"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3338"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4147"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4155"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4152"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2729"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2718"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0611"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2719"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2722"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4147"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4152"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0620"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2725"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2721"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1525"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4153"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0607"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0617"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4151"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0615"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0601"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1525"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2735"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2726"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2737"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2549"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4154"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2727"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0608"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4157"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1530"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2734"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4157"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4153"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4150"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3342"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0641"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0610"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2731"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0623"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2049"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2733"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2736"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3337"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2050"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2720"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0614"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1530"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2730"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0616"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4151"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0619"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4150"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4154"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3341"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2550"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0640"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4155"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2049"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2732"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2724"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0612"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0613"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2723"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2050"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0621"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0601"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/"
},
{
"trust": 0.1,
"url": "http://secunia.com/csi6beta"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57436"
},
{
"db": "VULMON",
"id": "CVE-2012-4155"
},
{
"db": "BID",
"id": "55016"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003643"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-254"
},
{
"db": "NVD",
"id": "CVE-2012-4155"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-57436"
},
{
"db": "VULMON",
"id": "CVE-2012-4155"
},
{
"db": "BID",
"id": "55016"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003643"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-254"
},
{
"db": "NVD",
"id": "CVE-2012-4155"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-15T00:00:00",
"db": "VULHUB",
"id": "VHN-57436"
},
{
"date": "2012-08-15T00:00:00",
"db": "VULMON",
"id": "CVE-2012-4155"
},
{
"date": "2012-08-14T00:00:00",
"db": "BID",
"id": "55016"
},
{
"date": "2012-08-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003643"
},
{
"date": "2013-08-23T06:29:02",
"db": "PACKETSTORM",
"id": "122930"
},
{
"date": "2012-08-14T04:36:45",
"db": "PACKETSTORM",
"id": "115524"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-254"
},
{
"date": "2012-08-15T10:31:41.507000",
"db": "NVD",
"id": "CVE-2012-4155"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-57436"
},
{
"date": "2017-09-19T00:00:00",
"db": "VULMON",
"id": "CVE-2012-4155"
},
{
"date": "2013-08-26T00:16:00",
"db": "BID",
"id": "55016"
},
{
"date": "2012-08-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003643"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-254"
},
{
"date": "2017-09-19T01:35:16.997000",
"db": "NVD",
"id": "CVE-2012-4155"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-254"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X upper Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003643"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-254"
}
],
"trust": 0.6
}
}
var-201208-0728
Vulnerability from variot
Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors. Adobe Acrobat and Reader are prone to a remote buffer-overflow vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201308-03
http://security.gentoo.org/
Severity: High Title: Adobe Reader: Multiple vulnerabilities Date: August 22, 2013 Bugs: #431732, #451058, #469960 ID: 201308-03
Synopsis
Multiple vulnerabilities have been found in Adobe Reader, including potential remote execution of arbitrary code and local privilege escalation.
Background
Adobe Reader is a closed-source PDF reader.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.5.5 >= 9.5.5
Description
Multiple vulnerabilities have been discovered in Adobe Reader. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open a specially crafted PDF file, possibly resulting in arbitrary code execution or a Denial of Service condition. A local attacker could gain privileges via unspecified vectors.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.5.5"
References
[ 1 ] CVE-2012-1525 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525 [ 2 ] CVE-2012-1530 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530 [ 3 ] CVE-2012-2049 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049 [ 4 ] CVE-2012-2050 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050 [ 5 ] CVE-2012-2051 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051 [ 6 ] CVE-2012-4147 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147 [ 7 ] CVE-2012-4148 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748 [ 8 ] CVE-2012-4149 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149 [ 9 ] CVE-2012-4150 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150 [ 10 ] CVE-2012-4151 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151 [ 11 ] CVE-2012-4152 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152 [ 12 ] CVE-2012-4153 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153 [ 13 ] CVE-2012-4154 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154 [ 14 ] CVE-2012-4155 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155 [ 15 ] CVE-2012-4156 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156 [ 16 ] CVE-2012-4157 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157 [ 17 ] CVE-2012-4158 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158 [ 18 ] CVE-2012-4159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159 [ 19 ] CVE-2012-4160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160 [ 20 ] CVE-2012-4363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363 [ 21 ] CVE-2013-0601 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601 [ 22 ] CVE-2013-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602 [ 23 ] CVE-2013-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603 [ 24 ] CVE-2013-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604 [ 25 ] CVE-2013-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605 [ 26 ] CVE-2013-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606 [ 27 ] CVE-2013-0607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607 [ 28 ] CVE-2013-0608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608 [ 29 ] CVE-2013-0609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609 [ 30 ] CVE-2013-0610 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610 [ 31 ] CVE-2013-0611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611 [ 32 ] CVE-2013-0612 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612 [ 33 ] CVE-2013-0613 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613 [ 34 ] CVE-2013-0614 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614 [ 35 ] CVE-2013-0615 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615 [ 36 ] CVE-2013-0616 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616 [ 37 ] CVE-2013-0617 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617 [ 38 ] CVE-2013-0618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618 [ 39 ] CVE-2013-0619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619 [ 40 ] CVE-2013-0620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620 [ 41 ] CVE-2013-0621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621 [ 42 ] CVE-2013-0622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622 [ 43 ] CVE-2013-0623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623 [ 44 ] CVE-2013-0624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624 [ 45 ] CVE-2013-0626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626 [ 46 ] CVE-2013-0627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627 [ 47 ] CVE-2013-0640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640 [ 48 ] CVE-2013-0641 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641 [ 49 ] CVE-2013-2549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549 [ 50 ] CVE-2013-2550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550 [ 51 ] CVE-2013-2718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718 [ 52 ] CVE-2013-2719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719 [ 53 ] CVE-2013-2720 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720 [ 54 ] CVE-2013-2721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721 [ 55 ] CVE-2013-2722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722 [ 56 ] CVE-2013-2723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723 [ 57 ] CVE-2013-2724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724 [ 58 ] CVE-2013-2725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725 [ 59 ] CVE-2013-2726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726 [ 60 ] CVE-2013-2727 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727 [ 61 ] CVE-2013-2729 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729 [ 62 ] CVE-2013-2730 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730 [ 63 ] CVE-2013-2731 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731 [ 64 ] CVE-2013-2732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732 [ 65 ] CVE-2013-2733 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733 [ 66 ] CVE-2013-2734 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734 [ 67 ] CVE-2013-2735 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735 [ 68 ] CVE-2013-2736 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736 [ 69 ] CVE-2013-2737 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737 [ 70 ] CVE-2013-3337 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337 [ 71 ] CVE-2013-3338 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338 [ 72 ] CVE-2013-3339 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339 [ 73 ] CVE-2013-3340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340 [ 74 ] CVE-2013-3341 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341 [ 75 ] CVE-2013-3342 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201308-03.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . ----------------------------------------------------------------------
The new Secunia CSI 6.0 is now available in beta! Seamless integration with your existing security solutions Sign-up to become a Beta tester: http://secunia.com/csi6beta
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50281
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50281/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
RELEASE DATE: 2012-08-14
DISCUSS ADVISORY: http://secunia.com/advisories/50281/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50281/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.
1) An unspecified error can be exploited to cause a stack-based buffer overflow.
2) An unspecified error can be exploited to cause a buffer overflow.
3) An unspecified error can be exploited to corrupt memory.
4) Another unspecified error can be exploited to corrupt memory.
5) Another unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to cause a heap-based buffer overflow.
7) Multiple unspecified errors can be exploited to corrupt memory.
8) Two unspecified errors can be exploited to corrupt memory.
Note: Vulnerability #8 affects the Macintosh platform only.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
SOLUTION: Apply updates.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1) Pavel Polischouk, TELUS Security Labs 2) An anonymous person via Beyond Security 3) Mateusz Jurczyk, Google Security Team 4, 8) James Quirk 5) John Leitch, Microsoft 6) Nicolas Gr\xe9goire via iDefense 7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team
ORIGINAL ADVISORY: http://www.adobe.com/support/security/bulletins/apsb12-16.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201208-0728",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (windows and macintosh)"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (windows and macintosh)"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "55026"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003633"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-244"
},
{
"db": "NVD",
"id": "CVE-2012-2050"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003633"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An anonymous contributor working with Beyond Security\u0027s SecuriTeam Secure Disclosure Program.",
"sources": [
{
"db": "BID",
"id": "55026"
}
],
"trust": 0.3
},
"cve": "CVE-2012-2050",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2012-2050",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-55331",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-2050",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2012-2050",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201208-244",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-55331",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55331"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003633"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-244"
},
{
"db": "NVD",
"id": "CVE-2012-2050"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors. Adobe Acrobat and Reader are prone to a remote buffer-overflow vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201308-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Adobe Reader: Multiple vulnerabilities\n Date: August 22, 2013\n Bugs: #431732, #451058, #469960\n ID: 201308-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Adobe Reader, including\npotential remote execution of arbitrary code and local privilege\nescalation. \n\nBackground\n==========\n\nAdobe Reader is a closed-source PDF reader. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/acroread \u003c 9.5.5 \u003e= 9.5.5\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Adobe Reader. Please\nreview the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could entice a user to open a specially crafted PDF\nfile, possibly resulting in arbitrary code execution or a Denial of\nService condition. A local attacker could gain privileges via\nunspecified vectors. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.5.5\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-1525\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525\n[ 2 ] CVE-2012-1530\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530\n[ 3 ] CVE-2012-2049\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049\n[ 4 ] CVE-2012-2050\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050\n[ 5 ] CVE-2012-2051\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051\n[ 6 ] CVE-2012-4147\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147\n[ 7 ] CVE-2012-4148\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748\n[ 8 ] CVE-2012-4149\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149\n[ 9 ] CVE-2012-4150\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150\n[ 10 ] CVE-2012-4151\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151\n[ 11 ] CVE-2012-4152\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152\n[ 12 ] CVE-2012-4153\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153\n[ 13 ] CVE-2012-4154\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154\n[ 14 ] CVE-2012-4155\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155\n[ 15 ] CVE-2012-4156\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156\n[ 16 ] CVE-2012-4157\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157\n[ 17 ] CVE-2012-4158\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158\n[ 18 ] CVE-2012-4159\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159\n[ 19 ] CVE-2012-4160\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160\n[ 20 ] CVE-2012-4363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363\n[ 21 ] CVE-2013-0601\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601\n[ 22 ] CVE-2013-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602\n[ 23 ] CVE-2013-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603\n[ 24 ] CVE-2013-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604\n[ 25 ] CVE-2013-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605\n[ 26 ] CVE-2013-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606\n[ 27 ] CVE-2013-0607\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607\n[ 28 ] CVE-2013-0608\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608\n[ 29 ] CVE-2013-0609\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609\n[ 30 ] CVE-2013-0610\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610\n[ 31 ] CVE-2013-0611\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611\n[ 32 ] CVE-2013-0612\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612\n[ 33 ] CVE-2013-0613\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613\n[ 34 ] CVE-2013-0614\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614\n[ 35 ] CVE-2013-0615\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615\n[ 36 ] CVE-2013-0616\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616\n[ 37 ] CVE-2013-0617\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617\n[ 38 ] CVE-2013-0618\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618\n[ 39 ] CVE-2013-0619\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619\n[ 40 ] CVE-2013-0620\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620\n[ 41 ] CVE-2013-0621\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621\n[ 42 ] CVE-2013-0622\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622\n[ 43 ] CVE-2013-0623\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623\n[ 44 ] CVE-2013-0624\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624\n[ 45 ] CVE-2013-0626\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626\n[ 46 ] CVE-2013-0627\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627\n[ 47 ] CVE-2013-0640\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640\n[ 48 ] CVE-2013-0641\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641\n[ 49 ] CVE-2013-2549\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549\n[ 50 ] CVE-2013-2550\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550\n[ 51 ] CVE-2013-2718\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718\n[ 52 ] CVE-2013-2719\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719\n[ 53 ] CVE-2013-2720\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720\n[ 54 ] CVE-2013-2721\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721\n[ 55 ] CVE-2013-2722\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722\n[ 56 ] CVE-2013-2723\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723\n[ 57 ] CVE-2013-2724\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724\n[ 58 ] CVE-2013-2725\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725\n[ 59 ] CVE-2013-2726\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726\n[ 60 ] CVE-2013-2727\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727\n[ 61 ] CVE-2013-2729\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729\n[ 62 ] CVE-2013-2730\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730\n[ 63 ] CVE-2013-2731\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731\n[ 64 ] CVE-2013-2732\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732\n[ 65 ] CVE-2013-2733\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733\n[ 66 ] CVE-2013-2734\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734\n[ 67 ] CVE-2013-2735\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735\n[ 68 ] CVE-2013-2736\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736\n[ 69 ] CVE-2013-2737\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737\n[ 70 ] CVE-2013-3337\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337\n[ 71 ] CVE-2013-3338\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338\n[ 72 ] CVE-2013-3339\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339\n[ 73 ] CVE-2013-3340\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340\n[ 74 ] CVE-2013-3341\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341\n[ 75 ] CVE-2013-3342\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201308-03.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ----------------------------------------------------------------------\n\nThe new Secunia CSI 6.0 is now available in beta!\nSeamless integration with your existing security solutions Sign-up to \nbecome a Beta tester: http://secunia.com/csi6beta\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50281\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50281/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nRELEASE DATE:\n2012-08-14\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50281/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50281/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader and Adobe\nAcrobat, which can be exploited by malicious people to compromise a\nuser\u0027s system. \n\n1) An unspecified error can be exploited to cause a stack-based\nbuffer overflow. \n\n2) An unspecified error can be exploited to cause a buffer overflow. \n\n3) An unspecified error can be exploited to corrupt memory. \n\n4) Another unspecified error can be exploited to corrupt memory. \n\n5) Another unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to cause a heap-based buffer\noverflow. \n\n7) Multiple unspecified errors can be exploited to corrupt memory. \n\n8) Two unspecified errors can be exploited to corrupt memory. \n\nNote: Vulnerability #8 affects the Macintosh platform only. \n\nSuccessful exploitation of the vulnerabilities may allow execution of\narbitrary code. \n\nSOLUTION:\nApply updates. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1) Pavel Polischouk, TELUS Security Labs\n2) An anonymous person via Beyond Security\n3) Mateusz Jurczyk, Google Security Team\n4, 8) James Quirk\n5) John Leitch, Microsoft\n6) Nicolas Gr\\xe9goire via iDefense\n7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team\n\nORIGINAL ADVISORY:\nhttp://www.adobe.com/support/security/bulletins/apsb12-16.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2050"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003633"
},
{
"db": "BID",
"id": "55026"
},
{
"db": "VULHUB",
"id": "VHN-55331"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-2050",
"trust": 2.9
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003633",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201208-244",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "50281",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "20327",
"trust": 0.6
},
{
"db": "BID",
"id": "55026",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-55331",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "122930",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "115524",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55331"
},
{
"db": "BID",
"id": "55026"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003633"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-244"
},
{
"db": "NVD",
"id": "CVE-2012-2050"
}
]
},
"id": "VAR-201208-0728",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-55331"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:05:53.631000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"title": "APSB12-16 (cq08100817)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/acrobat/kb/cq08100817.html"
},
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb12-16.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20120816.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003633"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55331"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003633"
},
{
"db": "NVD",
"id": "CVE-2012-2050"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"trust": 1.2,
"url": "http://security.gentoo.org/glsa/glsa-201308-03.xml"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a15469"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2050"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2012/at120023.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2050"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50281"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/20327"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3338"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4147"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4155"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4152"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2729"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2718"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0611"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2719"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2722"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4147"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4152"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0620"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2725"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2721"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1525"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4153"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0607"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0617"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4151"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0615"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0601"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1525"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2735"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2726"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2737"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2549"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4154"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2727"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0608"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4157"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1530"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2734"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4157"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4153"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4150"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3342"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0641"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0610"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2731"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0623"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2049"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2733"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2736"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3337"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2050"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2720"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0614"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1530"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2730"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0616"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4151"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0619"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4150"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4154"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3341"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2550"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0640"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4155"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2049"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2732"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2724"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0612"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0613"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2723"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2050"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0621"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0601"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/"
},
{
"trust": 0.1,
"url": "http://secunia.com/csi6beta"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55331"
},
{
"db": "BID",
"id": "55026"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003633"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-244"
},
{
"db": "NVD",
"id": "CVE-2012-2050"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-55331"
},
{
"db": "BID",
"id": "55026"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003633"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-244"
},
{
"db": "NVD",
"id": "CVE-2012-2050"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-15T00:00:00",
"db": "VULHUB",
"id": "VHN-55331"
},
{
"date": "2012-08-14T00:00:00",
"db": "BID",
"id": "55026"
},
{
"date": "2012-08-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003633"
},
{
"date": "2013-08-23T06:29:02",
"db": "PACKETSTORM",
"id": "122930"
},
{
"date": "2012-08-14T04:36:45",
"db": "PACKETSTORM",
"id": "115524"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-244"
},
{
"date": "2012-08-15T10:31:41.007000",
"db": "NVD",
"id": "CVE-2012-2050"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-55331"
},
{
"date": "2013-08-26T00:17:00",
"db": "BID",
"id": "55026"
},
{
"date": "2012-08-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003633"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-244"
},
{
"date": "2017-09-19T01:34:56.353000",
"db": "NVD",
"id": "CVE-2012-2050"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-244"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X upper Adobe Reader and Acrobat Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003633"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-244"
}
],
"trust": 0.6
}
}
var-201601-0032
Vulnerability from variot
Use-after-free vulnerability in the Doc object implementation in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0934, CVE-2016-0937, CVE-2016-0940, and CVE-2016-0941. This vulnerability CVE-2016-0934 , CVE-2016-0937 , CVE-2016-0940 ,and CVE-2016-0941 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the Doc object. A specially crafted PDF document can force a dangling pointer to be reused after it has been freed. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A reuse-after-free vulnerability exists in the implementation of the Doc object in several Adobe products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201601-0032",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.14 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30119 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20056 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30119 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20056 (windows/macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.14 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-008"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001034"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-201"
},
{
"db": "NVD",
"id": "CVE-2016-0932"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001034"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-008"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-201"
}
],
"trust": 1.3
},
"cve": "CVE-2016-0932",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0932",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 2.5,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-88442",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2016-0932",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-0932",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-0932",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2016-0932",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-201",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-88442",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-008"
},
{
"db": "VULHUB",
"id": "VHN-88442"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001034"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-201"
},
{
"db": "NVD",
"id": "CVE-2016-0932"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in the Doc object implementation in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0934, CVE-2016-0937, CVE-2016-0940, and CVE-2016-0941. This vulnerability CVE-2016-0934 , CVE-2016-0937 , CVE-2016-0940 ,and CVE-2016-0941 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the Doc object. A specially crafted PDF document can force a dangling pointer to be reused after it has been freed. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A reuse-after-free vulnerability exists in the implementation of the Doc object in several Adobe products",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0932"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001034"
},
{
"db": "ZDI",
"id": "ZDI-16-008"
},
{
"db": "BID",
"id": "80358"
},
{
"db": "VULHUB",
"id": "VHN-88442"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0932",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-16-008",
"trust": 2.7
},
{
"db": "SECTRACK",
"id": "1034646",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001034",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3074",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201601-201",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-011",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-016",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-010",
"trust": 0.3
},
{
"db": "BID",
"id": "80358",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-88442",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-008"
},
{
"db": "VULHUB",
"id": "VHN-88442"
},
{
"db": "BID",
"id": "80358"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001034"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-201"
},
{
"db": "NVD",
"id": "CVE-2016-0932"
}
]
},
"id": "VAR-201601-0032",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88442"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:32:58.293000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-02",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
},
{
"title": "APSB16-02",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb16-02.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160114.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-008"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001034"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001034"
},
{
"db": "NVD",
"id": "CVE-2016-0932"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
},
{
"trust": 1.7,
"url": "http://zerodayinitiative.com/advisories/zdi-16-008"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1034646"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0932"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160113-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160003.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0932"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17575"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "https://helpx.adobe.com/security/products/reader/apsb16-02.html"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-008/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-010/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-011/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-016/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-008"
},
{
"db": "VULHUB",
"id": "VHN-88442"
},
{
"db": "BID",
"id": "80358"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001034"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-201"
},
{
"db": "NVD",
"id": "CVE-2016-0932"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-16-008"
},
{
"db": "VULHUB",
"id": "VHN-88442"
},
{
"db": "BID",
"id": "80358"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001034"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-201"
},
{
"db": "NVD",
"id": "CVE-2016-0932"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-12T00:00:00",
"db": "ZDI",
"id": "ZDI-16-008"
},
{
"date": "2016-01-14T00:00:00",
"db": "VULHUB",
"id": "VHN-88442"
},
{
"date": "2016-01-12T00:00:00",
"db": "BID",
"id": "80358"
},
{
"date": "2016-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001034"
},
{
"date": "2016-01-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-201"
},
{
"date": "2016-01-14T05:59:01.253000",
"db": "NVD",
"id": "CVE-2016-0932"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-12T00:00:00",
"db": "ZDI",
"id": "ZDI-16-008"
},
{
"date": "2016-12-07T00:00:00",
"db": "VULHUB",
"id": "VHN-88442"
},
{
"date": "2016-01-14T23:58:00",
"db": "BID",
"id": "80358"
},
{
"date": "2016-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001034"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-201"
},
{
"date": "2016-12-07T23:42:55.527000",
"db": "NVD",
"id": "CVE-2016-0932"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-201"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of Doc Vulnerability in arbitrary code execution in object implementation",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001034"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-201"
}
],
"trust": 0.6
}
}
var-201105-0042
Vulnerability from variot
The CoolType library in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x before 10.0.3 on Mac OS X, and Adobe Acrobat 9.x before 9.4.4 and 10.x before 10.0.3 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. plural Adobe Product CoolType The library could execute arbitrary code or disrupt service ( Memory corruption ) There is a vulnerability that becomes a condition.Arbitrary code is executed or service operation is interrupted by a third party ( Memory corruption ) There is a possibility of being put into a state. Adobe Reader and Acrobat are prone to a remote code-execution vulnerability due to a memory-corruption issue. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. Adobe Reader is an excellent PDF document reading software developed by Adobe Corporation of the United States. Acrobat is a series of products aimed at enterprises, technicians and creative professionals launched in 1993, making the transmission and collaboration of intelligent documents more flexible, reliable and secure
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201105-0042",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x(10.0.2) for windows and macintosh"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x(10.0.1) for windows"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x(10.0.2) for macintosh"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat professional extended",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
}
],
"sources": [
{
"db": "BID",
"id": "47531"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001593"
},
{
"db": "CNNVD",
"id": "CNNVD-201105-009"
},
{
"db": "NVD",
"id": "CVE-2011-0610"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001593"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CERT Polska and Paul Baccas of Sophos",
"sources": [
{
"db": "BID",
"id": "47531"
}
],
"trust": 0.3
},
"cve": "CVE-2011-0610",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2011-0610",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-48555",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-0610",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-0610",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201105-009",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-48555",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2011-0610",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48555"
},
{
"db": "VULMON",
"id": "CVE-2011-0610"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001593"
},
{
"db": "CNNVD",
"id": "CNNVD-201105-009"
},
{
"db": "NVD",
"id": "CVE-2011-0610"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The CoolType library in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x before 10.0.3 on Mac OS X, and Adobe Acrobat 9.x before 9.4.4 and 10.x before 10.0.3 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. plural Adobe Product CoolType The library could execute arbitrary code or disrupt service ( Memory corruption ) There is a vulnerability that becomes a condition.Arbitrary code is executed or service operation is interrupted by a third party ( Memory corruption ) There is a possibility of being put into a state. Adobe Reader and Acrobat are prone to a remote code-execution vulnerability due to a memory-corruption issue. \nAn attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. Adobe Reader is an excellent PDF document reading software developed by Adobe Corporation of the United States. Acrobat is a series of products aimed at enterprises, technicians and creative professionals launched in 1993, making the transmission and collaboration of intelligent documents more flexible, reliable and secure",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0610"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001593"
},
{
"db": "BID",
"id": "47531"
},
{
"db": "VULHUB",
"id": "VHN-48555"
},
{
"db": "VULMON",
"id": "CVE-2011-0610"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-0610",
"trust": 2.9
},
{
"db": "BID",
"id": "47531",
"trust": 1.3
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001593",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201105-009",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-48555",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2011-0610",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48555"
},
{
"db": "VULMON",
"id": "CVE-2011-0610"
},
{
"db": "BID",
"id": "47531"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001593"
},
{
"db": "CNNVD",
"id": "CNNVD-201105-009"
},
{
"db": "NVD",
"id": "CVE-2011-0610"
}
]
},
"id": "VAR-201105-0042",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48555"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T15:30:29.721000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-08",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-08.html"
},
{
"title": "APSB11-08",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb11-08.html"
},
{
"title": "cpsid_90054",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/900/cpsid_90054.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001593"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48555"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001593"
},
{
"db": "NVD",
"id": "CVE-2011-0610"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-08.html"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a13967"
},
{
"trust": 0.9,
"url": "http://www.securityfocus.com/bid/47531"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0610"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2011/at110010.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0610"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48555"
},
{
"db": "VULMON",
"id": "CVE-2011-0610"
},
{
"db": "BID",
"id": "47531"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001593"
},
{
"db": "CNNVD",
"id": "CNNVD-201105-009"
},
{
"db": "NVD",
"id": "CVE-2011-0610"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-48555"
},
{
"db": "VULMON",
"id": "CVE-2011-0610"
},
{
"db": "BID",
"id": "47531"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001593"
},
{
"db": "CNNVD",
"id": "CNNVD-201105-009"
},
{
"db": "NVD",
"id": "CVE-2011-0610"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-05-03T00:00:00",
"db": "VULHUB",
"id": "VHN-48555"
},
{
"date": "2011-05-03T00:00:00",
"db": "VULMON",
"id": "CVE-2011-0610"
},
{
"date": "2011-04-21T00:00:00",
"db": "BID",
"id": "47531"
},
{
"date": "2011-05-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001593"
},
{
"date": "2011-05-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201105-009"
},
{
"date": "2011-05-03T19:55:01.247000",
"db": "NVD",
"id": "CVE-2011-0610"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-48555"
},
{
"date": "2017-09-19T00:00:00",
"db": "VULMON",
"id": "CVE-2011-0610"
},
{
"date": "2013-06-20T09:38:00",
"db": "BID",
"id": "47531"
},
{
"date": "2011-05-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001593"
},
{
"date": "2011-05-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201105-009"
},
{
"date": "2017-09-19T01:32:07.817000",
"db": "NVD",
"id": "CVE-2011-0610"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201105-009"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Adobe Product CoolType Vulnerability to execute arbitrary code in library",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001593"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201105-009"
}
],
"trust": 0.6
}
}
var-201505-0304
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3046, CVE-2015-3049, CVE-2015-3050, CVE-2015-3051, CVE-2015-3056, CVE-2015-3057, CVE-2015-3070, and CVE-2015-3076. Adobe Reader and Acrobat are prone to multiple memory-corruption vulnerabilities. Failed exploit attempts will likely result in denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201505-0304",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002630"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-165"
},
{
"db": "NVD",
"id": "CVE-2015-3052"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002630"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "instruder of Alibaba Security Research Team, Mateusz Jurczyk of Google Project Zero, Alex Inf\u00fchr of Cure53.de, Mateusz Jurczyk of Google Project Zero and Gynvael Coldwind of Google Security Team, Wei Lei, as well as Wu Hongjun of Nanyang Technological Uni",
"sources": [
{
"db": "BID",
"id": "74600"
}
],
"trust": 0.3
},
"cve": "CVE-2015-3052",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3052",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-81013",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3052",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-3052",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-165",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-81013",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81013"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002630"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-165"
},
{
"db": "NVD",
"id": "CVE-2015-3052"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3046, CVE-2015-3049, CVE-2015-3050, CVE-2015-3051, CVE-2015-3056, CVE-2015-3057, CVE-2015-3070, and CVE-2015-3076. Adobe Reader and Acrobat are prone to multiple memory-corruption vulnerabilities. Failed exploit attempts will likely result in denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3052"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002630"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "VULHUB",
"id": "VHN-81013"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3052",
"trust": 2.8
},
{
"db": "BID",
"id": "74600",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1032284",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002630",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201505-165",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "137340",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-81013",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81013"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002630"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-165"
},
{
"db": "NVD",
"id": "CVE-2015-3052"
}
]
},
"id": "VAR-201505-0304",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81013"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:34:03.015000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb15-10.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150514.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002630"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81013"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002630"
},
{
"db": "NVD",
"id": "CVE-2015-3052"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/74600"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032284"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3052"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150513-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3052"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=16279"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81013"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002630"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-165"
},
{
"db": "NVD",
"id": "CVE-2015-3052"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-81013"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002630"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-165"
},
{
"db": "NVD",
"id": "CVE-2015-3052"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-81013"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74600"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002630"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-165"
},
{
"date": "2015-05-13T10:59:48.527000",
"db": "NVD",
"id": "CVE-2015-3052"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-03T00:00:00",
"db": "VULHUB",
"id": "VHN-81013"
},
{
"date": "2015-07-15T01:02:00",
"db": "BID",
"id": "74600"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002630"
},
{
"date": "2015-05-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-165"
},
{
"date": "2017-01-03T20:03:25.073000",
"db": "NVD",
"id": "CVE-2015-3052"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-165"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002630"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-165"
}
],
"trust": 0.6
}
}
var-201004-0304
Vulnerability from variot
Heap-based buffer overflow in the custom heap management system in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document, aka FG-VD-10-005. Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. The following products are affected: Adobe Reader 9.3.1 and prior for Windows, Macintosh, and UNIX Adobe Acrobat 9.3.1 and prior for Windows and Macintosh Adobe Reader 8.2.1 and prior for Windows and Macintosh Acrobat 8.2.1 and prior for Windows and Macintosh NOTE: This issue was originally documented in BID 39329 (Adobe Acrobat and Reader April 2010 Multiple Remote Vulnerabilities); it has been assigned its own BID to better document the vulnerability.
Impact:
Remote Code Execution.
Risk:
High. The vulnerable X3D component is a plugin used to display 3D material, which when present in a PDF document, can lead to exploitation (CVE-2010-0194).
* Memory corruption through heap overflow in "CoolType.dll"
(CVE-2010-1241).
The vulnerabilities are triggered when opening and rendering a PDF document. A remote attacker could craft a malicious document which exploits either one of these vulnerabilities, allowing them to compromise a system.
FortiGuard Labs released the following signatures to protect against these vulnerabilities
* "Adobe.Reader.DeviceRGB.Subtype.Stream.Memory.Corruption", previously
released as "FG-VD-10-003-Adobe" (CVE-2010-0194).
* "Adobe.Reader.Acrobat.Pro.CFF.Encodings.Handling.Heap.Overflow",
previously released as "FG-VD-10-005-Adobe" (CVE-2010-1241).
References:
* Adobe Security Bulletin:
http://www.adobe.com/support/security/bulletins/apsb10-09.html
* CVE ID: CVE-2010-0194
* CVE ID: CVE-2010-1241
Acknowledgment:
* Bing Liu of Fortinet's FortiGuard Labs (CVE-2010-0194)
* Haifei Li of Fortinet's FortiGuard Labs (CVE-2010-1241)
.
I. These vulnerabilities affect Reader and Acrobat 9.3.1 and earlier 9.x versions, and 8.2.1 and earlier versions.
An attacker could exploit these vulnerabilities by convincing a user to open a specially crafted PDF file. The Adobe Reader browser plug-in is available for multiple web browsers and operating systems, which can automatically open PDF documents hosted on a website.
II.
III. For a fresh installation, first install Adobe Reader 9.3.0 or 8.2.0 and then use the automatic update feature or install the appropriate update referenced in APSB10-09. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Adobe provides a framework to blacklist specific JavaScipt APIs. If JavaScript must be enabled, this feature may be useful when specific APIs are known to be vulnerable or used in attacks.
Prevent Internet Explorer from automatically opening PDF documents
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7] "EditFlags"=hex:00,00,00,00
Disable the display of PDF documents in the web browser
Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF documents from automatically being opened in a web browser, do the following:
- Open the Edit menu.
- Choose the Preferences option.
- Choose the Internet section.
- Uncheck the "Display PDF in browser" checkbox.
Do not access PDF documents from untrusted sources
Do not open unfamiliar or unexpected PDF documents, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. Please send email to cert@cert.org with "TA10-103C Feedback VU#352598" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
April 13, 2010: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBS8TuRj6pPKYJORa3AQJfzggAj8p3s/TrJT16ceFtRzLR31QBgRq6GxYr h8WnsGlj2WR71XjH219XaWx9Mj3KBWVxbAsNPmK0tEir7KA+n4DwZCewTDYRqfYs 8N7G9MOI68Z87+7zBiZAo0j5/lQuxLWyTF9PqWbX8gCWLqJWW46cEZCqg7OGRbYt w8coxdMXU6tM3WGoWAIKwLRtpQUdubcITPTrE7RATyLJ1422B9dkTSeSCuHHZs5d eXSPYzTQ1EOwHpuA5/a/or2SjeRPLQcpxb/8WKelSqwW3hpK4zviEnPt4cYyeNqW BQY06OQMTKch/nmniuEDuiwe69m0gTw7Tw2Dm6xrg6BLBy3A6GAwkQ== =CQ6i -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201009-05
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: September 07, 2010 Bugs: #297385, #306429, #313343, #322857 ID: 201009-05
Synopsis
Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code or other attacks.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.3.4"
References
[ 1 ] APSA10-01 http://www.adobe.com/support/security/advisories/apsa10-01.html [ 2 ] APSB10-02 http://www.adobe.com/support/security/bulletins/apsb10-02.html [ 3 ] APSB10-07 http://www.adobe.com/support/security/bulletins/apsb10-07.html [ 4 ] APSB10-09 http://www.adobe.com/support/security/bulletins/apsb10-09.html [ 5 ] APSB10-14 http://www.adobe.com/support/security/bulletins/apsb10-14.html [ 6 ] APSB10-16 http://www.adobe.com/support/security/bulletins/apsb10-16.html [ 7 ] CVE-2009-3953 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953 [ 8 ] CVE-2009-4324 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324 [ 9 ] CVE-2010-0186 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186 [ 10 ] CVE-2010-0188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188 [ 11 ] CVE-2010-0190 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190 [ 12 ] CVE-2010-0191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191 [ 13 ] CVE-2010-0192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192 [ 14 ] CVE-2010-0193 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193 [ 15 ] CVE-2010-0194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194 [ 16 ] CVE-2010-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195 [ 17 ] CVE-2010-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196 [ 18 ] CVE-2010-0197 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197 [ 19 ] CVE-2010-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198 [ 20 ] CVE-2010-0199 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199 [ 21 ] CVE-2010-0201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201 [ 22 ] CVE-2010-0202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202 [ 23 ] CVE-2010-0203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203 [ 24 ] CVE-2010-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204 [ 25 ] CVE-2010-1241 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241 [ 26 ] CVE-2010-1285 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285 [ 27 ] CVE-2010-1295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295 [ 28 ] CVE-2010-1297 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297 [ 29 ] CVE-2010-2168 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168 [ 30 ] CVE-2010-2201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201 [ 31 ] CVE-2010-2202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202 [ 32 ] CVE-2010-2203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203 [ 33 ] CVE-2010-2204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204 [ 34 ] CVE-2010-2205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205 [ 35 ] CVE-2010-2206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206 [ 36 ] CVE-2010-2207 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207 [ 37 ] CVE-2010-2208 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208 [ 38 ] CVE-2010-2209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209 [ 39 ] CVE-2010-2210 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210 [ 40 ] CVE-2010-2211 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211 [ 41 ] CVE-2010-2212 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201009-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201004-0304",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.4.z (server)"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
}
],
"sources": [
{
"db": "BID",
"id": "39470"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001360"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-079"
},
{
"db": "NVD",
"id": "CVE-2010-1241"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001360"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Haifei Li of Fortinet\u0027s FortiGuard Labs",
"sources": [
{
"db": "BID",
"id": "39470"
}
],
"trust": 0.3
},
"cve": "CVE-2010-1241",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-1241",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-43846",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-1241",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2010-1241",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201004-079",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-43846",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2010-1241",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-43846"
},
{
"db": "VULMON",
"id": "CVE-2010-1241"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001360"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-079"
},
{
"db": "NVD",
"id": "CVE-2010-1241"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in the custom heap management system in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document, aka FG-VD-10-005. Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. \nAn attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. \nThe following products are affected:\nAdobe Reader 9.3.1 and prior for Windows, Macintosh, and UNIX\nAdobe Acrobat 9.3.1 and prior for Windows and Macintosh\nAdobe Reader 8.2.1 and prior for Windows and Macintosh\nAcrobat 8.2.1 and prior for Windows and Macintosh\nNOTE: This issue was originally documented in BID 39329 (Adobe Acrobat and Reader April 2010 Multiple Remote Vulnerabilities); it has been assigned its own BID to better document the vulnerability. \n\n \n\nImpact:\n\n \n\nRemote Code Execution. \n\n \n\nRisk:\n\n \n\nHigh. The vulnerable X3D component is a\nplugin used to display 3D material, which when present in a PDF document,\ncan lead to exploitation (CVE-2010-0194). \n\n * Memory corruption through heap overflow in \"CoolType.dll\"\n(CVE-2010-1241). \n\n \n\nThe vulnerabilities are triggered when opening and rendering a PDF document. \nA remote attacker could craft a malicious document which exploits either one\nof these vulnerabilities, allowing them to compromise a system. \n\n \n\nFortiGuard Labs released the following signatures to protect against these\nvulnerabilities\n\n \n\n * \"Adobe.Reader.DeviceRGB.Subtype.Stream.Memory.Corruption\", previously\nreleased as \"FG-VD-10-003-Adobe\" (CVE-2010-0194). \n\n * \"Adobe.Reader.Acrobat.Pro.CFF.Encodings.Handling.Heap.Overflow\",\npreviously released as \"FG-VD-10-005-Adobe\" (CVE-2010-1241). \n\n \n\nReferences:\n\n \n\n * Adobe Security Bulletin:\nhttp://www.adobe.com/support/security/bulletins/apsb10-09.html\n\n * CVE ID: CVE-2010-0194\n\n * CVE ID: CVE-2010-1241\n\n \n\n \n\nAcknowledgment:\n\n \n\n * Bing Liu of Fortinet\u0027s FortiGuard Labs (CVE-2010-0194)\n\n * Haifei Li of Fortinet\u0027s FortiGuard Labs (CVE-2010-1241)\n\n \n\n \n\n. \n\n\nI. These\n vulnerabilities affect Reader and Acrobat 9.3.1 and earlier 9.x\n versions, and 8.2.1 and earlier versions. \n\n An attacker could exploit these vulnerabilities by convincing a\n user to open a specially crafted PDF file. The Adobe Reader browser\n plug-in is available for multiple web browsers and operating\n systems, which can automatically open PDF documents hosted on a\n website. \n\n\nII. \n\n\nIII. For a fresh installation, first install\n Adobe Reader 9.3.0 or 8.2.0 and then use the automatic update\n feature or install the appropriate update referenced in APSB10-09. Acrobat JavaScript can be disabled using the\n Preferences menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable\n Acrobat JavaScript). \n\n Adobe provides a framework to blacklist specific JavaScipt APIs. If\n JavaScript must be enabled, this feature may be useful when\n specific APIs are known to be vulnerable or used in attacks. \n\n Prevent Internet Explorer from automatically opening PDF documents\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF documents in the web browser\n\n Preventing PDF documents from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF documents from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. \n\n Do not access PDF documents from untrusted sources\n\n Do not open unfamiliar or unexpected PDF documents, particularly\n those hosted on websites or delivered as email attachments. Please\n see Cyber Security Tip ST04-010. \n\n\nIV. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-103C Feedback VU#352598\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n April 13, 2010: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBS8TuRj6pPKYJORa3AQJfzggAj8p3s/TrJT16ceFtRzLR31QBgRq6GxYr\nh8WnsGlj2WR71XjH219XaWx9Mj3KBWVxbAsNPmK0tEir7KA+n4DwZCewTDYRqfYs\n8N7G9MOI68Z87+7zBiZAo0j5/lQuxLWyTF9PqWbX8gCWLqJWW46cEZCqg7OGRbYt\nw8coxdMXU6tM3WGoWAIKwLRtpQUdubcITPTrE7RATyLJ1422B9dkTSeSCuHHZs5d\neXSPYzTQ1EOwHpuA5/a/or2SjeRPLQcpxb/8WKelSqwW3hpK4zviEnPt4cYyeNqW\nBQY06OQMTKch/nmniuEDuiwe69m0gTw7Tw2Dm6xrg6BLBy3A6GAwkQ==\n=CQ6i\n-----END PGP SIGNATURE-----\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201009-05\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: September 07, 2010\n Bugs: #297385, #306429, #313343, #322857\n ID: 201009-05\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might result in the execution\nof arbitrary code or other attacks. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.3.4\"\n\nReferences\n==========\n\n [ 1 ] APSA10-01\n http://www.adobe.com/support/security/advisories/apsa10-01.html\n [ 2 ] APSB10-02\n http://www.adobe.com/support/security/bulletins/apsb10-02.html\n [ 3 ] APSB10-07\n http://www.adobe.com/support/security/bulletins/apsb10-07.html\n [ 4 ] APSB10-09\n http://www.adobe.com/support/security/bulletins/apsb10-09.html\n [ 5 ] APSB10-14\n http://www.adobe.com/support/security/bulletins/apsb10-14.html\n [ 6 ] APSB10-16\n http://www.adobe.com/support/security/bulletins/apsb10-16.html\n [ 7 ] CVE-2009-3953\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953\n [ 8 ] CVE-2009-4324\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324\n [ 9 ] CVE-2010-0186\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186\n [ 10 ] CVE-2010-0188\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188\n [ 11 ] CVE-2010-0190\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190\n [ 12 ] CVE-2010-0191\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191\n [ 13 ] CVE-2010-0192\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192\n [ 14 ] CVE-2010-0193\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193\n [ 15 ] CVE-2010-0194\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194\n [ 16 ] CVE-2010-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195\n [ 17 ] CVE-2010-0196\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196\n [ 18 ] CVE-2010-0197\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197\n [ 19 ] CVE-2010-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198\n [ 20 ] CVE-2010-0199\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199\n [ 21 ] CVE-2010-0201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201\n [ 22 ] CVE-2010-0202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202\n [ 23 ] CVE-2010-0203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203\n [ 24 ] CVE-2010-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204\n [ 25 ] CVE-2010-1241\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241\n [ 26 ] CVE-2010-1285\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285\n [ 27 ] CVE-2010-1295\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295\n [ 28 ] CVE-2010-1297\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297\n [ 29 ] CVE-2010-2168\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168\n [ 30 ] CVE-2010-2201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201\n [ 31 ] CVE-2010-2202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202\n [ 32 ] CVE-2010-2203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203\n [ 33 ] CVE-2010-2204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204\n [ 34 ] CVE-2010-2205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205\n [ 35 ] CVE-2010-2206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206\n [ 36 ] CVE-2010-2207\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207\n [ 37 ] CVE-2010-2208\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208\n [ 38 ] CVE-2010-2209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209\n [ 39 ] CVE-2010-2210\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210\n [ 40 ] CVE-2010-2211\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211\n [ 41 ] CVE-2010-2212\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201009-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-1241"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001360"
},
{
"db": "BID",
"id": "39470"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "VULHUB",
"id": "VHN-43846"
},
{
"db": "VULMON",
"id": "CVE-2010-1241"
},
{
"db": "PACKETSTORM",
"id": "88347"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-1241",
"trust": 3.1
},
{
"db": "USCERT",
"id": "TA10-103C",
"trust": 2.1
},
{
"db": "VUPEN",
"id": "ADV-2010-0873",
"trust": 2.0
},
{
"db": "BID",
"id": "39329",
"trust": 1.5
},
{
"db": "BID",
"id": "39470",
"trust": 1.3
},
{
"db": "BID",
"id": "39227",
"trust": 1.2
},
{
"db": "USCERT",
"id": "SA10-103C",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001360",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201004-079",
"trust": 0.7
},
{
"db": "MLIST",
"id": "[DAILYDAVE] 20100401 0DAY, IT MAY NOT BE",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-43846",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2010-1241",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88347",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88345",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "93607",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-43846"
},
{
"db": "VULMON",
"id": "CVE-2010-1241"
},
{
"db": "BID",
"id": "39470"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001360"
},
{
"db": "PACKETSTORM",
"id": "88347"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-079"
},
{
"db": "NVD",
"id": "CVE-2010-1241"
}
]
},
"id": "VAR-201004-0304",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-43846"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:50:52.489000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-09",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"title": "APSB10-09",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-09.html"
},
{
"title": "RHSA-2010:0349",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0349.html"
},
{
"title": "TA10-103C",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-103c.html"
},
{
"title": "Adobe Reader 9.3.2 update (Intel) - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=4092"
},
{
"title": "Adobe Reader 8.1.7",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=4096"
},
{
"title": "Adobe Acrobat 9.3.2 Pro update - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=4100"
},
{
"title": "Adobe Reader 9.3.2 update - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=4091"
},
{
"title": "Adobe Reader 8.1.7",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=4095"
},
{
"title": "Red Hat: Critical: acroread security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20100349 - Security Advisory"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/0xCyberY/CVE-T4PDF "
},
{
"title": "welivesecurity",
"trust": 0.1,
"url": "https://www.welivesecurity.com/2010/05/06/fake-adobe-updates/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-1241"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001360"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-079"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-43846"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001360"
},
{
"db": "NVD",
"id": "CVE-2010-1241"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-103c.html"
},
{
"trust": 2.0,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"trust": 2.0,
"url": "http://www.vupen.com/english/advisories/2010/0873"
},
{
"trust": 1.8,
"url": "http://blog.fortinet.com/the-upcoming-blackhat-europe-2010-presentation/"
},
{
"trust": 1.8,
"url": "http://www.blackhat.com/html/bh-eu-10/bh-eu-10-briefings.html#li"
},
{
"trust": 1.8,
"url": "http://lists.immunitysec.com/pipermail/dailydave/2010-april/006077.html"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/39227"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/39329"
},
{
"trust": 1.2,
"url": "http://www.youtube.com/watch?v=9evhty1-0q8"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a6940"
},
{
"trust": 1.2,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57589"
},
{
"trust": 0.9,
"url": "http://www.securityfocus.com/bid/39470"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1241"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100009.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-103c/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-13/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1241"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-103c.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/index.html#topics"
},
{
"trust": 0.6,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.fortiguard.com/advisory/fga-2010-18.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2010:0349"
},
{
"trust": 0.1,
"url": "https://www.welivesecurity.com/2010/05/06/fake-adobe-updates/"
},
{
"trust": 0.1,
"url": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/39470"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1241"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-103c.html\u003e"
},
{
"trust": 0.1,
"url": "http://kb2.adobe.com/cps/504/cpsid_50431.html\u003e"
},
{
"trust": 0.1,
"url": "http://blogs.adobe.com/adobereader/2010/04/upcoming_adobe_reader_and_acro.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2203"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2209"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0188"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0199"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201009-05.xml"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2205"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2211"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1285"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0199"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0190"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2210"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0188"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0198"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-07.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1297"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1295"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2208"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0190"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0198"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2207"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2168"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2201"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-16.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0186"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2212"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-43846"
},
{
"db": "VULMON",
"id": "CVE-2010-1241"
},
{
"db": "BID",
"id": "39470"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001360"
},
{
"db": "PACKETSTORM",
"id": "88347"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-079"
},
{
"db": "NVD",
"id": "CVE-2010-1241"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-43846"
},
{
"db": "VULMON",
"id": "CVE-2010-1241"
},
{
"db": "BID",
"id": "39470"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001360"
},
{
"db": "PACKETSTORM",
"id": "88347"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-079"
},
{
"db": "NVD",
"id": "CVE-2010-1241"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-05T00:00:00",
"db": "VULHUB",
"id": "VHN-43846"
},
{
"date": "2010-04-05T00:00:00",
"db": "VULMON",
"id": "CVE-2010-1241"
},
{
"date": "2010-04-13T00:00:00",
"db": "BID",
"id": "39470"
},
{
"date": "2010-04-08T00:00:00",
"db": "BID",
"id": "39329"
},
{
"date": "2010-04-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001360"
},
{
"date": "2010-04-14T07:07:17",
"db": "PACKETSTORM",
"id": "88347"
},
{
"date": "2010-04-14T07:04:22",
"db": "PACKETSTORM",
"id": "88345"
},
{
"date": "2010-09-08T05:23:46",
"db": "PACKETSTORM",
"id": "93607"
},
{
"date": "2010-04-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-079"
},
{
"date": "2010-04-05T15:30:01.343000",
"db": "NVD",
"id": "CVE-2010-1241"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-43846"
},
{
"date": "2017-09-19T00:00:00",
"db": "VULMON",
"id": "CVE-2010-1241"
},
{
"date": "2010-09-07T21:12:00",
"db": "BID",
"id": "39470"
},
{
"date": "2010-04-16T15:53:00",
"db": "BID",
"id": "39329"
},
{
"date": "2010-04-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001360"
},
{
"date": "2011-07-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-079"
},
{
"date": "2017-09-19T01:30:38.267000",
"db": "NVD",
"id": "CVE-2010-1241"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "88347"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-079"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat of custom heap management system Heap-based buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001360"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-079"
}
],
"trust": 0.6
}
}
var-201412-0504
Vulnerability from variot
Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8460 and CVE-2014-9159. This vulnerability CVE-2014-8460 and CVE-2014-9159 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts likely result in denial-of-service conditions. The affected products are: Adobe Reader 11.x versions prior to 11.0.10 Adobe Reader 10.x versions prior to 10.1.13 Adobe Acrobat 11.x versions prior to 11.0.10 Adobe Acrobat 10.x versions prior to 10.1.13. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201412-0504",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.02"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.06"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.01"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.03"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.07"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.04"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.13)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.13)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.10)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.10)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "71566"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005932"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-232"
},
{
"db": "NVD",
"id": "CVE-2014-8457"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005932"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mateusz Jurczyk of Google Project Zero and Gynvael Coldwind of Google Security Team.",
"sources": [
{
"db": "BID",
"id": "71566"
}
],
"trust": 0.3
},
"cve": "CVE-2014-8457",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-8457",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-76402",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-8457",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-8457",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201412-232",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-76402",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76402"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005932"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-232"
},
{
"db": "NVD",
"id": "CVE-2014-8457"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8460 and CVE-2014-9159. This vulnerability CVE-2014-8460 and CVE-2014-9159 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts likely result in denial-of-service conditions. \nThe affected products are:\nAdobe Reader 11.x versions prior to 11.0.10\nAdobe Reader 10.x versions prior to 10.1.13\nAdobe Acrobat 11.x versions prior to 11.0.10\nAdobe Acrobat 10.x versions prior to 10.1.13. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8457"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005932"
},
{
"db": "BID",
"id": "71566"
},
{
"db": "VULHUB",
"id": "VHN-76402"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-8457",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005932",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201412-232",
"trust": 0.7
},
{
"db": "BID",
"id": "71566",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-76402",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76402"
},
{
"db": "BID",
"id": "71566"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005932"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-232"
},
{
"db": "NVD",
"id": "CVE-2014-8457"
}
]
},
"id": "VAR-201412-0504",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-76402"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T15:34:59.437000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb14-28.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005932"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76402"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005932"
},
{
"db": "NVD",
"id": "CVE-2014-8457"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8457"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20141210-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140053.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8457"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=15071"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76402"
},
{
"db": "BID",
"id": "71566"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005932"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-232"
},
{
"db": "NVD",
"id": "CVE-2014-8457"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-76402"
},
{
"db": "BID",
"id": "71566"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005932"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-232"
},
{
"db": "NVD",
"id": "CVE-2014-8457"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-10T00:00:00",
"db": "VULHUB",
"id": "VHN-76402"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71566"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005932"
},
{
"date": "2014-12-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-232"
},
{
"date": "2014-12-10T21:59:28.257000",
"db": "NVD",
"id": "CVE-2014-8457"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-76402"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71566"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005932"
},
{
"date": "2014-12-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-232"
},
{
"date": "2014-12-12T01:34:39.663000",
"db": "NVD",
"id": "CVE-2014-8457"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-232"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Heap-based buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005932"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-232"
}
],
"trust": 0.6
}
}
var-201102-0063
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, related to Texture and rgba, a different vulnerability than CVE-2011-0590, CVE-2011-0592, CVE-2011-0593, CVE-2011-0595, and CVE-2011-0600. Adobe Reader and Acrobat Contains a vulnerability that allows arbitrary code execution. This vulnerability CVE-2011-0590 , CVE-2011-0592 , CVE-2011-0593 , CVE-2011-0595 and CVE-2011-0600 Is a different vulnerability.By a third party 3D An arbitrary code may be executed via the file. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the application's implementation of an image format supported by the Universal 3D compressed file format. When decoding the image data provided by the file, the application will one size for allocating space for the destination buffer and then trust the data when decompressing into that buffer. Due to the decompression being unbounded by the actual buffer size, a buffer overflow can be triggered leading to code execution under the context of the application.
For more information: SA43207
SOLUTION: Updated packages are available via Red Hat Network.
-- Vendor Response: Adobe has issued an update to correct this vulnerability. More details can be found at:
http://www.adobe.com/support/security/bulletins/apsb11-03.html
-- Disclosure Timeline: 2010-09-29 - Vulnerability reported to vendor 2011-02-08 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by: * Peter Vreugdenhil ( http://vreugdenhilresearch.nl )
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
Follow the ZDI on Twitter:
http://twitter.com/thezdi
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA43207
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43207/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
RELEASE DATE: 2011-02-09
DISCUSS ADVISORY: http://secunia.com/advisories/43207/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43207/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader / Acrobat, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks and compromise a user's system.
2) An unspecified error can be exploited to corrupt memory.
3) An unspecified error related to file permissions in Windows-based versions can be exploited to gain escalated privileges.
4) An unspecified error may allow code execution.
5) An unspecified error when parsing images can be exploited to corrupt memory.
6) An error in AcroRd32.dll when parsing certain images can be exploited to corrupt memory.
7) An unspecified error in the Macintosh-based versions may allow code execution.
9) An unspecified error may allow code execution.
10) A input validation error may allow code execution.
11) An input validation error can be exploited to conduct cross-site scripting attacks.
13) An unspecified error can be exploited to corrupt memory.
18) An input validation error when parsing fonts may allow code execution.
20) An error in 2d.dll when parsing height and width values of RLE_8 compressed BMP files can be exploited to cause a heap-based buffer overflow.
21) An integer overflow in ACE.dll when parsing certain ICC data can be exploited to cause a buffer overflow.
22) A boundary error in rt3d.dll when parsing bits per pixel and number of colors if 4/8-bit RLE compressed BMP files can be exploited to cause a heap-based buffer overflow.
23) An error in the U3D implementation when handling the Parent Node count can be exploited to cause a buffer overflow.
24) A boundary error when processing JPEG files embedded in a PDF file can be exploited to corrupt heap memory.
25) An unspecified error when parsing images may allow code execution.
26) An input validation error can be exploited to conduct cross-site scripting attacks.
27) An unspecified error in the Macintosh-based versions may allow code execution.
28) A boundary error in rt3d.dll when parsing certain files can be exploited to cause a stack-based buffer overflow.
29) An integer overflow in the U3D implementation when parsing a ILBM texture file can be exploited to cause a buffer overflow.
30) Some vulnerabilities are caused due to vulnerabilities in the bundled version of Adobe Flash Player.
For more information: SA43267
The vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1 and prior, and 10.0 and prior.
SOLUTION: Update to version 8.2.6, 9.4.2, or 10.0.1.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: 2) Bing Liu, Fortinet's FortiGuard Labs. 6) Abdullah Ada via ZDI. 8) Haifei Li, Fortinet's FortiGuard Labs. 14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. 21) Sebastian Apelt via ZDI. 23) el via ZDI. 14) Sean Larsson, iDefense Labs. 28) An anonymous person via ZDI.
The vendor also credits: 1) Mitja Kolsek, ACROS Security. 3) Matthew Pun. 4, 5, 18) Tavis Ormandy, Google Security Team. 7) James Quirk. 9) Brett Gervasoni, Sense of Security. 10) Joe Schatz. 11, 26) Billy Rios, Google Security Team. 12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. 13) CESG. 25) Will Dormann, CERT. 27) Marc Schoenefeld, Red Hat Security Response Team.
ORIGINAL ADVISORY: Adobe (APSB11-03) http://www.adobe.com/support/security/bulletins/apsb11-03.html http://www.adobe.com/support/security/bulletins/apsb11-02.html
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-065/ http://www.zerodayinitiative.com/advisories/ZDI-11-066/ http://www.zerodayinitiative.com/advisories/ZDI-11-067/ http://www.zerodayinitiative.com/advisories/ZDI-11-068/ http://www.zerodayinitiative.com/advisories/ZDI-11-069/ http://www.zerodayinitiative.com/advisories/ZDI-11-070/ http://www.zerodayinitiative.com/advisories/ZDI-11-071/ http://www.zerodayinitiative.com/advisories/ZDI-11-072/ http://www.zerodayinitiative.com/advisories/ZDI-11-073/ http://www.zerodayinitiative.com/advisories/ZDI-11-074/ http://www.zerodayinitiative.com/advisories/ZDI-11-075/ http://www.zerodayinitiative.com/advisories/ZDI-11-077/
FortiGuard Labs: http://www.fortiguard.com/advisory/FGA-2011-06.html
iDefense: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.7"
References
[ 1 ] CVE-2010-4091 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091 [ 2 ] CVE-2011-0562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562 [ 3 ] CVE-2011-0563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563 [ 4 ] CVE-2011-0565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565 [ 5 ] CVE-2011-0566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566 [ 6 ] CVE-2011-0567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567 [ 7 ] CVE-2011-0570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570 [ 8 ] CVE-2011-0585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585 [ 9 ] CVE-2011-0586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586 [ 10 ] CVE-2011-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587 [ 11 ] CVE-2011-0588 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588 [ 12 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 13 ] CVE-2011-0590 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590 [ 14 ] CVE-2011-0591 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591 [ 15 ] CVE-2011-0592 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592 [ 16 ] CVE-2011-0593 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593 [ 17 ] CVE-2011-0594 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594 [ 18 ] CVE-2011-0595 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595 [ 19 ] CVE-2011-0596 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596 [ 20 ] CVE-2011-0598 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598 [ 21 ] CVE-2011-0599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599 [ 22 ] CVE-2011-0600 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600 [ 23 ] CVE-2011-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602 [ 24 ] CVE-2011-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603 [ 25 ] CVE-2011-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604 [ 26 ] CVE-2011-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605 [ 27 ] CVE-2011-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606 [ 28 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 29 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 30 ] CVE-2011-2135 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 31 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 32 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 33 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 34 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 35 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 36 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 37 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 38 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 39 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 40 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 41 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 42 ] CVE-2011-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431 [ 43 ] CVE-2011-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432 [ 44 ] CVE-2011-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433 [ 45 ] CVE-2011-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434 [ 46 ] CVE-2011-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435 [ 47 ] CVE-2011-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436 [ 48 ] CVE-2011-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437 [ 49 ] CVE-2011-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438 [ 50 ] CVE-2011-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439 [ 51 ] CVE-2011-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440 [ 52 ] CVE-2011-2441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441 [ 53 ] CVE-2011-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442 [ 54 ] CVE-2011-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462 [ 55 ] CVE-2011-4369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201201-19.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0063",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat professional extended",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-067"
},
{
"db": "BID",
"id": "46209"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001203"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-144"
},
{
"db": "NVD",
"id": "CVE-2011-0591"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_server_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_workstation_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001203"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Peter Vreugdenhil through TippingPoint\u0027s Zero Day Initiative",
"sources": [
{
"db": "BID",
"id": "46209"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-144"
}
],
"trust": 0.9
},
"cve": "CVE-2011-0591",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2011-0591",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2011-0591",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-48536",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-0591",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-0591",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2011-0591",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-144",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-48536",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-067"
},
{
"db": "VULHUB",
"id": "VHN-48536"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001203"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-144"
},
{
"db": "NVD",
"id": "CVE-2011-0591"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, related to Texture and rgba, a different vulnerability than CVE-2011-0590, CVE-2011-0592, CVE-2011-0593, CVE-2011-0595, and CVE-2011-0600. Adobe Reader and Acrobat Contains a vulnerability that allows arbitrary code execution. This vulnerability CVE-2011-0590 , CVE-2011-0592 , CVE-2011-0593 , CVE-2011-0595 and CVE-2011-0600 Is a different vulnerability.By a third party 3D An arbitrary code may be executed via the file. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the application\u0027s implementation of an image format supported by the Universal 3D compressed file format. When decoding the image data provided by the file, the application will one size for allocating space for the destination buffer and then trust the data when decompressing into that buffer. Due to the decompression being unbounded by the actual buffer size, a buffer overflow can be triggered leading to code execution under the context of the application. \n\nFor more information:\nSA43207\n\nSOLUTION:\nUpdated packages are available via Red Hat Network. \n\n-- Vendor Response:\nAdobe has issued an update to correct this vulnerability. More\ndetails can be found at:\n\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\n\n-- Disclosure Timeline:\n2010-09-29 - Vulnerability reported to vendor\n2011-02-08 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n * Peter Vreugdenhil ( http://vreugdenhilresearch.nl )\n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. TippingPoint does not re-sell the vulnerability details or any\nexploit code. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nFollow the ZDI on Twitter:\n\n http://twitter.com/thezdi\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA43207\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43207/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nRELEASE DATE:\n2011-02-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43207/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43207/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader /\nAcrobat, which can be exploited by malicious, local users to gain\nescalated privileges and by malicious people to conduct cross-site\nscripting attacks and compromise a user\u0027s system. \n\n2) An unspecified error can be exploited to corrupt memory. \n\n3) An unspecified error related to file permissions in Windows-based\nversions can be exploited to gain escalated privileges. \n\n4) An unspecified error may allow code execution. \n\n5) An unspecified error when parsing images can be exploited to\ncorrupt memory. \n\n6) An error in AcroRd32.dll when parsing certain images can be\nexploited to corrupt memory. \n\n7) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n9) An unspecified error may allow code execution. \n\n10) A input validation error may allow code execution. \n\n11) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n13) An unspecified error can be exploited to corrupt memory. \n\n18) An input validation error when parsing fonts may allow code\nexecution. \n\n20) An error in 2d.dll when parsing height and width values of RLE_8\ncompressed BMP files can be exploited to cause a heap-based buffer\noverflow. \n\n21) An integer overflow in ACE.dll when parsing certain ICC data can\nbe exploited to cause a buffer overflow. \n\n22) A boundary error in rt3d.dll when parsing bits per pixel and\nnumber of colors if 4/8-bit RLE compressed BMP files can be exploited\nto cause a heap-based buffer overflow. \n\n23) An error in the U3D implementation when handling the Parent Node\ncount can be exploited to cause a buffer overflow. \n\n24) A boundary error when processing JPEG files embedded in a PDF\nfile can be exploited to corrupt heap memory. \n\n25) An unspecified error when parsing images may allow code\nexecution. \n\n26) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n27) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n28) A boundary error in rt3d.dll when parsing certain files can be\nexploited to cause a stack-based buffer overflow. \n\n29) An integer overflow in the U3D implementation when parsing a ILBM\ntexture file can be exploited to cause a buffer overflow. \n\n30) Some vulnerabilities are caused due to vulnerabilities in the\nbundled version of Adobe Flash Player. \n\nFor more information:\nSA43267\n\nThe vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1\nand prior, and 10.0 and prior. \n\nSOLUTION:\nUpdate to version 8.2.6, 9.4.2, or 10.0.1. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\n2) Bing Liu, Fortinet\u0027s FortiGuard Labs. \n6) Abdullah Ada via ZDI. \n8) Haifei Li, Fortinet\u0027s FortiGuard Labs. \n14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. \n21) Sebastian Apelt via ZDI. \n23) el via ZDI. \n14) Sean Larsson, iDefense Labs. \n28) An anonymous person via ZDI. \n\nThe vendor also credits:\n1) Mitja Kolsek, ACROS Security. \n3) Matthew Pun. \n4, 5, 18) Tavis Ormandy, Google Security Team. \n7) James Quirk. \n9) Brett Gervasoni, Sense of Security. \n10) Joe Schatz. \n11, 26) Billy Rios, Google Security Team. \n12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. \n13) CESG. \n25) Will Dormann, CERT. \n27) Marc Schoenefeld, Red Hat Security Response Team. \n\nORIGINAL ADVISORY:\nAdobe (APSB11-03)\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-02.html\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-065/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-066/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-067/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-068/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-069/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-070/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-071/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-072/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-073/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-074/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-075/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-077/\n\nFortiGuard Labs:\nhttp://www.fortiguard.com/advisory/FGA-2011-06.html\n\niDefense:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. Please\nreview the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.4.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-4091\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091\n[ 2 ] CVE-2011-0562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562\n[ 3 ] CVE-2011-0563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563\n[ 4 ] CVE-2011-0565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565\n[ 5 ] CVE-2011-0566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566\n[ 6 ] CVE-2011-0567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567\n[ 7 ] CVE-2011-0570\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570\n[ 8 ] CVE-2011-0585\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585\n[ 9 ] CVE-2011-0586\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586\n[ 10 ] CVE-2011-0587\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587\n[ 11 ] CVE-2011-0588\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588\n[ 12 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 13 ] CVE-2011-0590\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590\n[ 14 ] CVE-2011-0591\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591\n[ 15 ] CVE-2011-0592\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592\n[ 16 ] CVE-2011-0593\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593\n[ 17 ] CVE-2011-0594\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594\n[ 18 ] CVE-2011-0595\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595\n[ 19 ] CVE-2011-0596\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596\n[ 20 ] CVE-2011-0598\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598\n[ 21 ] CVE-2011-0599\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599\n[ 22 ] CVE-2011-0600\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600\n[ 23 ] CVE-2011-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602\n[ 24 ] CVE-2011-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603\n[ 25 ] CVE-2011-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604\n[ 26 ] CVE-2011-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605\n[ 27 ] CVE-2011-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606\n[ 28 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 29 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 30 ] CVE-2011-2135\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 31 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 32 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 33 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 34 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 35 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 36 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 37 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 38 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 39 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 40 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 41 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 42 ] CVE-2011-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431\n[ 43 ] CVE-2011-2432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432\n[ 44 ] CVE-2011-2433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433\n[ 45 ] CVE-2011-2434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434\n[ 46 ] CVE-2011-2435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435\n[ 47 ] CVE-2011-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436\n[ 48 ] CVE-2011-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437\n[ 49 ] CVE-2011-2438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438\n[ 50 ] CVE-2011-2439\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439\n[ 51 ] CVE-2011-2440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440\n[ 52 ] CVE-2011-2441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441\n[ 53 ] CVE-2011-2442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442\n[ 54 ] CVE-2011-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462\n[ 55 ] CVE-2011-4369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201201-19.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0591"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001203"
},
{
"db": "ZDI",
"id": "ZDI-11-067"
},
{
"db": "BID",
"id": "46209"
},
{
"db": "VULHUB",
"id": "VHN-48536"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98275"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
}
],
"trust": 2.97
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-48536",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48536"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-0591",
"trust": 3.7
},
{
"db": "ZDI",
"id": "ZDI-11-067",
"trust": 2.3
},
{
"db": "BID",
"id": "46209",
"trust": 2.2
},
{
"db": "SECTRACK",
"id": "1025033",
"trust": 1.9
},
{
"db": "VUPEN",
"id": "ADV-2011-0337",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "43470",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2011-0492",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "43207",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001203",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-924",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201102-144",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "98275",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-48536",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99246",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-074",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-071",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-070",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-066",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-077",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-073",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-072",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-065",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-068",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-075",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-069",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98320",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109194",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-067"
},
{
"db": "VULHUB",
"id": "VHN-48536"
},
{
"db": "BID",
"id": "46209"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001203"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98275"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-144"
},
{
"db": "NVD",
"id": "CVE-2011-0591"
}
]
},
"id": "VAR-201102-0063",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48536"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:08:05.254000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-03",
"trust": 1.5,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"title": "cpsid_89065",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/890/cpsid_89065.html"
},
{
"title": "RHSA-2011:0301",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2011-0301.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-067"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001203"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48536"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001203"
},
{
"db": "NVD",
"id": "CVE-2011-0591"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/46209"
},
{
"trust": 1.9,
"url": "http://www.securitytracker.com/id?1025033"
},
{
"trust": 1.9,
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"trust": 1.5,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-067/"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12558"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2011-0301.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/43470"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2011/0492"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0591"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2011/at110004.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0591"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/43207"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/vim/section_179/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/#comments"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-0301.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43470"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-067"
},
{
"trust": 0.1,
"url": "http://vreugdenhilresearch.nl"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://twitter.com/thezdi"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-066/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-068/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/#comments"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-065/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-072/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-073/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-069/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-075/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-070/"
},
{
"trust": 0.1,
"url": "http://www.fortiguard.com/advisory/fga-2011-06.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-077/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-071/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-074/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-067"
},
{
"db": "VULHUB",
"id": "VHN-48536"
},
{
"db": "BID",
"id": "46209"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001203"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98275"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-144"
},
{
"db": "NVD",
"id": "CVE-2011-0591"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-11-067"
},
{
"db": "VULHUB",
"id": "VHN-48536"
},
{
"db": "BID",
"id": "46209"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001203"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98275"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-144"
},
{
"db": "NVD",
"id": "CVE-2011-0591"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-08T00:00:00",
"db": "ZDI",
"id": "ZDI-11-067"
},
{
"date": "2011-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-48536"
},
{
"date": "2011-02-08T00:00:00",
"db": "BID",
"id": "46209"
},
{
"date": "2011-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001203"
},
{
"date": "2011-03-14T11:37:12",
"db": "PACKETSTORM",
"id": "99246"
},
{
"date": "2011-02-08T22:28:10",
"db": "PACKETSTORM",
"id": "98275"
},
{
"date": "2011-02-09T03:30:01",
"db": "PACKETSTORM",
"id": "98320"
},
{
"date": "2012-01-31T00:07:37",
"db": "PACKETSTORM",
"id": "109194"
},
{
"date": "2011-02-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-144"
},
{
"date": "2011-02-10T18:00:58.457000",
"db": "NVD",
"id": "CVE-2011-0591"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-08T00:00:00",
"db": "ZDI",
"id": "ZDI-11-067"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-48536"
},
{
"date": "2015-03-19T09:24:00",
"db": "BID",
"id": "46209"
},
{
"date": "2011-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001203"
},
{
"date": "2011-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-144"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2011-0591"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "98275"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-144"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001203"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-144"
}
],
"trust": 0.6
}
}
var-201006-1181
Vulnerability from variot
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code via a PDF file with crafted Flash content involving the (1) pushstring (0x2C) operator, (2) debugfile (0xF1) operator, and an "invalid pointer vulnerability" that triggers memory corruption, a different vulnerability than CVE-2010-1285 and CVE-2010-2168. Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. Adobe Reader and Acrobat versions prior to and including 9.3.2 and 8.2.2 are affected. NOTE: This issue was previously covered in BID 41130 (Adobe Acrobat and Reader Prior to 9.3.3 Multiple Remote Vulnerabilities) but has been given its own record to better document it. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201009-05
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: September 07, 2010 Bugs: #297385, #306429, #313343, #322857 ID: 201009-05
Synopsis
Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code or other attacks. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.3.4"
References
[ 1 ] APSA10-01 http://www.adobe.com/support/security/advisories/apsa10-01.html [ 2 ] APSB10-02 http://www.adobe.com/support/security/bulletins/apsb10-02.html [ 3 ] APSB10-07 http://www.adobe.com/support/security/bulletins/apsb10-07.html [ 4 ] APSB10-09 http://www.adobe.com/support/security/bulletins/apsb10-09.html [ 5 ] APSB10-14 http://www.adobe.com/support/security/bulletins/apsb10-14.html [ 6 ] APSB10-16 http://www.adobe.com/support/security/bulletins/apsb10-16.html [ 7 ] CVE-2009-3953 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953 [ 8 ] CVE-2009-4324 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324 [ 9 ] CVE-2010-0186 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186 [ 10 ] CVE-2010-0188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188 [ 11 ] CVE-2010-0190 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190 [ 12 ] CVE-2010-0191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191 [ 13 ] CVE-2010-0192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192 [ 14 ] CVE-2010-0193 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193 [ 15 ] CVE-2010-0194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194 [ 16 ] CVE-2010-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195 [ 17 ] CVE-2010-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196 [ 18 ] CVE-2010-0197 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197 [ 19 ] CVE-2010-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198 [ 20 ] CVE-2010-0199 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199 [ 21 ] CVE-2010-0201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201 [ 22 ] CVE-2010-0202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202 [ 23 ] CVE-2010-0203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203 [ 24 ] CVE-2010-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204 [ 25 ] CVE-2010-1241 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241 [ 26 ] CVE-2010-1285 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285 [ 27 ] CVE-2010-1295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295 [ 28 ] CVE-2010-1297 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297 [ 29 ] CVE-2010-2168 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168 [ 30 ] CVE-2010-2201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201 [ 31 ] CVE-2010-2202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202 [ 32 ] CVE-2010-2203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203 [ 33 ] CVE-2010-2204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204 [ 34 ] CVE-2010-2205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205 [ 35 ] CVE-2010-2206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206 [ 36 ] CVE-2010-2207 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207 [ 37 ] CVE-2010-2208 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208 [ 38 ] CVE-2010-2209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209 [ 39 ] CVE-2010-2210 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210 [ 40 ] CVE-2010-2211 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211 [ 41 ] CVE-2010-2212 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201009-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. They are used to create, view, search, digitally sign, verify, print, and collaborate on Adobe PDF files."
II. Binary Analysis & Proof-of-concept
In-depth binary analysis of the vulnerability and a code execution exploit are available through the VUPEN Binary Analysis & Exploits Service :
http://www.vupen.com/english/services/ba-index.php
V.
VI. CREDIT
This vulnerability was discovered by Nicolas Joly of VUPEN Security
VII. ABOUT VUPEN Security
VUPEN is a leading IT security research company providing vulnerability management and security intelligence solutions which enable enterprises and institutions to eliminate vulnerabilities before they can be exploited, ensure security policy compliance and meaningfully measure and manage risks.
Governmental and federal agencies, and global enterprises in the financial services, insurance, manufacturing and technology industries rely on VUPEN to improve their security, prioritize resources, cut time and costs, and stay ahead of the latest threats.
-
VUPEN Vulnerability Notification Service (VNS) : http://www.vupen.com/english/services/vns-index.php
-
VUPEN Binary Analysis & Exploits Service (BAE) : http://www.vupen.com/english/services/ba-index.php
-
VUPEN Threat Protection Program for Govs (TPP) : http://www.vupen.com/english/services/tpp-index.php
-
VUPEN Web Application Security Scanner (WASS) : http://www.vupen.com/english/services/wass-index.php
VIII. REFERENCES
http://www.vupen.com/english/advisories/2010/1636 http://www.adobe.com/support/security/bulletins/apsb10-15.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201
IX. DISCLOSURE TIMELINE
2010-03-10 - Vendor notified 2010-03-10 - Vendor response 2010-06-20 - Status update received 2010-06-29 - Coordinated public Disclosure . ----------------------------------------------------------------------
Secunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management
Free webinars
http://secunia.com/vulnerability_scanning/corporate/webinars/
TITLE: Adobe Flash Player Unspecified Code Execution Vulnerability
SECUNIA ADVISORY ID: SA40026
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/40026/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=40026
RELEASE DATE: 2010-06-05
DISCUSS ADVISORY: http://secunia.com/advisories/40026/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/40026/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=40026
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an unspecified error. No more information is currently available.
The vulnerability is reported in version 10.0.45.2 and prior 10.0.x and 9.0.x versions for Windows, Macintosh, Linux, and Solaris.
NOTE: The vulnerability is reportedly being actively exploited.
SOLUTION: Reportedly, the latest version 10.1 Release Candidate is not affected.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day.
ORIGINAL ADVISORY: Adobe: http://www.adobe.com/support/security/advisories/apsa10-01.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA10-159A
Adobe Flash, Reader, and Acrobat Vulnerability
Original release date: June 08, 2010 Last revised: -- Source: US-CERT
Systems Affected
* Adobe Flash Player 10.0.45.2 and earlier 10.x versions
* Adobe Flash Player 9.0.262 and earlier 9.x versions
* Adobe Reader 9.3.2 and earlier 9.x versions
* Adobe Acrobat 9.3.2 and earlier 9.x versions
Other Adobe products that support Flash may also be vulnerable. This
vulnerability affects Flash Player, Reader, Acrobat, and possibly other products that support Flash.
I. It may also affect other products that independently support Flash, such as Photoshop, Photoshop Lightroom, Freehand MX, and Fireworks.
II.
III. Solution
Update
Adobe Security Advisory APSA10-01 suggests updating to the release candidate of Flash Player 10.1.
Disable Flash in your web browser
Uninstall Flash or restrict which sites are allowed to run Flash. To the extent possible, only run trusted Flash content on trusted domains. For more information, see Securing Your Web Browser.
Disable Flash in Adobe Reader and Acrobat
Disabling Flash in Adobe Reader will mitigate attacks that rely on Flash content embedded in a PDF file. Disabling 3D & Multimedia support does not directly address the vulnerability, but it does provide additional mitigation and results in a more user-friendly error message instead of a crash. To disable Flash and 3D & Multimedia support in Adobe Reader 9, delete, rename, or remove access to these files:
Microsoft Windows
"%ProgramFiles%\Adobe\Reader 9.0\Reader\authplay.dll"
"%ProgramFiles%\Adobe\Reader 9.0\Reader\rt3d.dll"
Apple Mac OS X
"/Applications/Adobe Reader 9/Adobe
Reader.app/Contents/Frameworks/AuthPlayLib.bundle"
"/Applications/Adobe Reader 9/Adobe
Reader.app/Contents/Frameworks/Adobe3D.framework"
GNU/Linux (locations may vary among distributions)
"/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so"
"/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so"
File locations may be different for Adobe Acrobat or other Adobe products that include Flash and 3D & Multimedia support. Disabling these plugins will reduce functionality and will not protect against Flash content hosted on websites. Depending on the update schedule for products other than Flash Player, consider leaving Flash and 3D & Multimedia support disabled unless they are absolutely required.
Prevent Internet Explorer from automatically opening PDF documents
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7]
"EditFlags"=hex:00,00,00,00
Disable the display of PDF documents in the web browser
Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF documents from automatically being opened in a web browser, do the following:
1.
2. Open the Edit menu.
3. Choose the Preferences option.
4. Choose the Internet section.
5. Uncheck the "Display PDF in browser" checkbox.
Disable JavaScript in Adobe Reader and Acrobat
Disabling JavaScript provides some additional protection against attacks. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Enable DEP in Microsoft Windows
Consider enabling Data Execution Prevention (DEP) in supported versions of Windows. DEP should not be treated as a complete workaround, but it can mitigate the execution of attacker-supplied code in some cases. Microsoft has published detailed technical information about DEP in Security Research & Defense blog posts "Understanding DEP as a mitigation technology" part 1 and part 2. Use of DEP should be considered in conjunction with the application of patches or other mitigations described in this document.
Do not access PDF documents from untrusted sources
Do not open unfamiliar or unexpected PDF documents, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. References
-
Security Advisory for Flash Player, Adobe Reader and Acrobat - http://www.adobe.com/support/security/advisories/apsa10-01.html
-
Adobe Labs - Flash Player 10 pre-release - http://labs.adobe.com/technologies/flashplayer10/
-
US-CERT Vulnerability Note VU#486225 - http://www.kb.cert.org/vuls/id/486225
-
Securing Your Web Browser - http://www.us-cert.gov/reading_room/securing_browser/
-
Understanding DEP as a mitigation technology part 1 - http://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx
-
Understanding DEP as a mitigation technology part 2 - http://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA10-159A.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA10-159A Feedback VU#486225" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
June 08, 2010: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBTA65yT6pPKYJORa3AQLS9wf/fh+7IwRtBvoPgn8pYeOsVheLkbVLWC3W miWUnY1acuPTwZzG5JcAldRHksFkx1j0mMEvp4PhtiTr51JFPi4XgDfrG4cEcVaw nuAqEV+hLAWZkMex/jWxBV+85tZqKN0kiUr3bq5DPsdkhjV7c2MFfS8BSxLXLuPm OFAXPT+XFldq6MJhYUOtWT1CIz6PNPfo68KmZaUThjdqkkBW3HQu90OSRf2c6M/u V6KBQf7QuhpPqYUqAZU6ZUNEfL/7g2BwvuPjUMlgE5N+Z8EYnhyhu0qDtZeLUcXA 2gH31VEr79DUHJqpb9jk61bi5Dm4gjHeLHoTAwu0IrduZzXvWncfIg== =ZPZM -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201006-1181",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.4.z (server)"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "BID",
"id": "41237"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001707"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-479"
},
{
"db": "NVD",
"id": "CVE-2010-2201"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001707"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nicolas Joly of VUPEN Vulnerability Research Team",
"sources": [
{
"db": "BID",
"id": "41237"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-479"
}
],
"trust": 0.9
},
"cve": "CVE-2010-2201",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-2201",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CARNEGIE MELLON",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 9.0,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 7.0,
"exploitability": "PROOF-OF-CONCEPT",
"exploitabilityScore": 8.6,
"id": "VU#486225",
"impactScore": 9.5,
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "OFFICIAL FIX",
"reportConfidence": "CONFIRMED",
"severity": "HIGH",
"targetDistribution": "NOT DEFINED",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-44806",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-2201",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#486225",
"trust": 0.8,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2010-2201",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201006-479",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-44806",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2010-2201",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44806"
},
{
"db": "VULMON",
"id": "CVE-2010-2201"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001707"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-479"
},
{
"db": "NVD",
"id": "CVE-2010-2201"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code via a PDF file with crafted Flash content involving the (1) pushstring (0x2C) operator, (2) debugfile (0xF1) operator, and an \"invalid pointer vulnerability\" that triggers memory corruption, a different vulnerability than CVE-2010-1285 and CVE-2010-2168. Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. \nAdobe Reader and Acrobat versions prior to and including 9.3.2 and 8.2.2 are affected. \nNOTE: This issue was previously covered in BID 41130 (Adobe Acrobat and Reader Prior to 9.3.3 Multiple Remote Vulnerabilities) but has been given its own record to better document it. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201009-05\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: September 07, 2010\n Bugs: #297385, #306429, #313343, #322857\n ID: 201009-05\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might result in the execution\nof arbitrary code or other attacks. For further\ninformation please consult the CVE entries and the Adobe Security\nBulletins referenced below. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.3.4\"\n\nReferences\n==========\n\n [ 1 ] APSA10-01\n http://www.adobe.com/support/security/advisories/apsa10-01.html\n [ 2 ] APSB10-02\n http://www.adobe.com/support/security/bulletins/apsb10-02.html\n [ 3 ] APSB10-07\n http://www.adobe.com/support/security/bulletins/apsb10-07.html\n [ 4 ] APSB10-09\n http://www.adobe.com/support/security/bulletins/apsb10-09.html\n [ 5 ] APSB10-14\n http://www.adobe.com/support/security/bulletins/apsb10-14.html\n [ 6 ] APSB10-16\n http://www.adobe.com/support/security/bulletins/apsb10-16.html\n [ 7 ] CVE-2009-3953\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953\n [ 8 ] CVE-2009-4324\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324\n [ 9 ] CVE-2010-0186\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186\n [ 10 ] CVE-2010-0188\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188\n [ 11 ] CVE-2010-0190\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190\n [ 12 ] CVE-2010-0191\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191\n [ 13 ] CVE-2010-0192\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192\n [ 14 ] CVE-2010-0193\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193\n [ 15 ] CVE-2010-0194\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194\n [ 16 ] CVE-2010-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195\n [ 17 ] CVE-2010-0196\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196\n [ 18 ] CVE-2010-0197\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197\n [ 19 ] CVE-2010-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198\n [ 20 ] CVE-2010-0199\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199\n [ 21 ] CVE-2010-0201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201\n [ 22 ] CVE-2010-0202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202\n [ 23 ] CVE-2010-0203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203\n [ 24 ] CVE-2010-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204\n [ 25 ] CVE-2010-1241\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241\n [ 26 ] CVE-2010-1285\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285\n [ 27 ] CVE-2010-1295\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295\n [ 28 ] CVE-2010-1297\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297\n [ 29 ] CVE-2010-2168\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168\n [ 30 ] CVE-2010-2201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201\n [ 31 ] CVE-2010-2202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202\n [ 32 ] CVE-2010-2203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203\n [ 33 ] CVE-2010-2204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204\n [ 34 ] CVE-2010-2205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205\n [ 35 ] CVE-2010-2206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206\n [ 36 ] CVE-2010-2207\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207\n [ 37 ] CVE-2010-2208\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208\n [ 38 ] CVE-2010-2209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209\n [ 39 ] CVE-2010-2210\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210\n [ 40 ] CVE-2010-2211\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211\n [ 41 ] CVE-2010-2212\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201009-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. They are used to create, view, search, digitally\nsign, verify, print, and collaborate on Adobe PDF files.\"\n\n\nII. Binary Analysis \u0026 Proof-of-concept\n---------------------------------------\n\nIn-depth binary analysis of the vulnerability and a code execution exploit\nare available through the VUPEN Binary Analysis \u0026 Exploits Service :\n\nhttp://www.vupen.com/english/services/ba-index.php\n\n\nV. \n\n\nVI. CREDIT\n--------------\n\nThis vulnerability was discovered by Nicolas Joly of VUPEN Security\n\n\nVII. ABOUT VUPEN Security\n---------------------------\n\nVUPEN is a leading IT security research company providing vulnerability\nmanagement and security intelligence solutions which enable enterprises\nand institutions to eliminate vulnerabilities before they can be exploited,\nensure security policy compliance and meaningfully measure and manage risks. \n\nGovernmental and federal agencies, and global enterprises in the financial\nservices, insurance, manufacturing and technology industries rely on VUPEN\nto improve their security, prioritize resources, cut time and costs, and\nstay ahead of the latest threats. \n\n* VUPEN Vulnerability Notification Service (VNS) :\nhttp://www.vupen.com/english/services/vns-index.php\n\n* VUPEN Binary Analysis \u0026 Exploits Service (BAE) :\nhttp://www.vupen.com/english/services/ba-index.php\n\n* VUPEN Threat Protection Program for Govs (TPP) :\nhttp://www.vupen.com/english/services/tpp-index.php\n\n* VUPEN Web Application Security Scanner (WASS) :\nhttp://www.vupen.com/english/services/wass-index.php\n\n\nVIII. REFERENCES\n----------------------\n\nhttp://www.vupen.com/english/advisories/2010/1636\nhttp://www.adobe.com/support/security/bulletins/apsb10-15.html\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201\n\n\nIX. DISCLOSURE TIMELINE\n-----------------------------\n\n2010-03-10 - Vendor notified\n2010-03-10 - Vendor response\n2010-06-20 - Status update received\n2010-06-29 - Coordinated public Disclosure\n. ----------------------------------------------------------------------\n\n\nSecunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management\n\nFree webinars\n\nhttp://secunia.com/vulnerability_scanning/corporate/webinars/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player Unspecified Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA40026\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/40026/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026\n\nRELEASE DATE:\n2010-06-05\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/40026/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/40026/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in Adobe Flash Player, which can be\nexploited by malicious people to compromise a user\u0027s system. \n\nThe vulnerability is caused due to an unspecified error. No more\ninformation is currently available. \n\nThe vulnerability is reported in version 10.0.45.2 and prior 10.0.x\nand 9.0.x versions for Windows, Macintosh, Linux, and Solaris. \n\nNOTE: The vulnerability is reportedly being actively exploited. \n\nSOLUTION:\nReportedly, the latest version 10.1 Release Candidate is not\naffected. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\nReported as a 0-day. \n\nORIGINAL ADVISORY:\nAdobe:\nhttp://www.adobe.com/support/security/advisories/apsa10-01.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n National Cyber Alert System\n\n Technical Cyber Security Alert TA10-159A\n\n\nAdobe Flash, Reader, and Acrobat Vulnerability\n\n Original release date: June 08, 2010\n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n * Adobe Flash Player 10.0.45.2 and earlier 10.x versions\n * Adobe Flash Player 9.0.262 and earlier 9.x versions\n * Adobe Reader 9.3.2 and earlier 9.x versions\n * Adobe Acrobat 9.3.2 and earlier 9.x versions\n\n Other Adobe products that support Flash may also be vulnerable. This\n vulnerability affects Flash Player, Reader, Acrobat, and possibly\n other products that support Flash. \n\n\nI. It may\n also affect other products that independently support Flash, such\n as Photoshop, Photoshop Lightroom, Freehand MX, and Fireworks. \n\n\nII. \n\n\nIII. Solution\n\n Update\n\n Adobe Security Advisory APSA10-01 suggests updating to the release\n candidate of Flash Player 10.1. \n\n Disable Flash in your web browser\n\n Uninstall Flash or restrict which sites are allowed to run Flash. \n To the extent possible, only run trusted Flash content on trusted\n domains. For more information, see Securing Your Web Browser. \n\n Disable Flash in Adobe Reader and Acrobat\n\n Disabling Flash in Adobe Reader will mitigate attacks that rely on\n Flash content embedded in a PDF file. Disabling 3D \u0026 Multimedia\n support does not directly address the vulnerability, but it does\n provide additional mitigation and results in a more user-friendly\n error message instead of a crash. To disable Flash and 3D \u0026\n Multimedia support in Adobe Reader 9, delete, rename, or remove\n access to these files:\n\n Microsoft Windows\n\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\authplay.dll\"\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\rt3d.dll\"\n\n Apple Mac OS X\n\n \"/Applications/Adobe Reader 9/Adobe\n Reader.app/Contents/Frameworks/AuthPlayLib.bundle\"\n \"/Applications/Adobe Reader 9/Adobe\n Reader.app/Contents/Frameworks/Adobe3D.framework\"\n\n\n GNU/Linux (locations may vary among distributions)\n\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so\"\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so\"\n\n File locations may be different for Adobe Acrobat or other Adobe\n products that include Flash and 3D \u0026 Multimedia support. Disabling\n these plugins will reduce functionality and will not protect\n against Flash content hosted on websites. Depending on the update\n schedule for products other than Flash Player, consider leaving\n Flash and 3D \u0026 Multimedia support disabled unless they are\n absolutely required. \n\n Prevent Internet Explorer from automatically opening PDF documents\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF documents in the web browser\n\n Preventing PDF documents from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF documents from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. \n\n Disable JavaScript in Adobe Reader and Acrobat\n\n Disabling JavaScript provides some additional protection against\n attacks. Acrobat JavaScript can be disabled using the Preferences\n menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable Acrobat\n JavaScript). \n\n Enable DEP in Microsoft Windows\n\n Consider enabling Data Execution Prevention (DEP) in supported\n versions of Windows. DEP should not be treated as a complete\n workaround, but it can mitigate the execution of attacker-supplied\n code in some cases. Microsoft has published detailed technical\n information about DEP in Security Research \u0026 Defense blog posts\n \"Understanding DEP as a mitigation technology\" part 1 and part 2. \n Use of DEP should be considered in conjunction with the application\n of patches or other mitigations described in this document. \n\n Do not access PDF documents from untrusted sources\n\n Do not open unfamiliar or unexpected PDF documents, particularly\n those hosted on websites or delivered as email attachments. Please\n see Cyber Security Tip ST04-010. \n\n\nIV. References\n\n * Security Advisory for Flash Player, Adobe Reader and Acrobat -\n \u003chttp://www.adobe.com/support/security/advisories/apsa10-01.html\u003e\n\n * Adobe Labs - Flash Player 10 pre-release -\n \u003chttp://labs.adobe.com/technologies/flashplayer10/\u003e\n\n * US-CERT Vulnerability Note VU#486225 -\n \u003chttp://www.kb.cert.org/vuls/id/486225\u003e\n\n * Securing Your Web Browser -\n \u003chttp://www.us-cert.gov/reading_room/securing_browser/\u003e\n\n * Understanding DEP as a mitigation technology part 1 -\n \u003chttp://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx\u003e\n\n * Understanding DEP as a mitigation technology part 2 -\n \u003chttp://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx\u003e\n\n ____________________________________________________________________\n\n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA10-159A.html\u003e\n ____________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-159A Feedback VU#486225\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n June 08, 2010: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBTA65yT6pPKYJORa3AQLS9wf/fh+7IwRtBvoPgn8pYeOsVheLkbVLWC3W\nmiWUnY1acuPTwZzG5JcAldRHksFkx1j0mMEvp4PhtiTr51JFPi4XgDfrG4cEcVaw\nnuAqEV+hLAWZkMex/jWxBV+85tZqKN0kiUr3bq5DPsdkhjV7c2MFfS8BSxLXLuPm\nOFAXPT+XFldq6MJhYUOtWT1CIz6PNPfo68KmZaUThjdqkkBW3HQu90OSRf2c6M/u\nV6KBQf7QuhpPqYUqAZU6ZUNEfL/7g2BwvuPjUMlgE5N+Z8EYnhyhu0qDtZeLUcXA\n2gH31VEr79DUHJqpb9jk61bi5Dm4gjHeLHoTAwu0IrduZzXvWncfIg==\n=ZPZM\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-2201"
},
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001707"
},
{
"db": "BID",
"id": "41237"
},
{
"db": "VULHUB",
"id": "VHN-44806"
},
{
"db": "VULMON",
"id": "CVE-2010-2201"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "91356"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
}
],
"trust": 3.15
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.kb.cert.org/vuls/id/486225",
"trust": 0.8,
"type": "poc"
},
{
"reference": "https://www.scap.org.cn/vuln/vhn-44806",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=14982",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44806"
},
{
"db": "VULMON",
"id": "CVE-2010-2201"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-2201",
"trust": 3.2
},
{
"db": "BID",
"id": "41237",
"trust": 2.3
},
{
"db": "VUPEN",
"id": "ADV-2010-1636",
"trust": 2.1
},
{
"db": "SECTRACK",
"id": "1024159",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "40026",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#486225",
"trust": 0.9
},
{
"db": "USCERT",
"id": "TA10-159A",
"trust": 0.9
},
{
"db": "USCERT",
"id": "SA10-162A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "TA10-162A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA10-159A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001707",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201006-479",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "93759",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "91356",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "93748",
"trust": 0.2
},
{
"db": "EXPLOIT-DB",
"id": "14982",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-69826",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-44806",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2010-2201",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "93607",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90322",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90516",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44806"
},
{
"db": "VULMON",
"id": "CVE-2010-2201"
},
{
"db": "BID",
"id": "41237"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001707"
},
{
"db": "PACKETSTORM",
"id": "93759"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "91356"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-479"
},
{
"db": "NVD",
"id": "CVE-2010-2201"
}
]
},
"id": "VAR-201006-1181",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-44806"
}
],
"trust": 0.01
},
"last_update_date": "2024-09-09T19:48:53.287000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-15",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"
},
{
"title": "APSB10-15",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-15.html"
},
{
"title": "RHSA-2010:0503",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0503.html"
},
{
"title": "TA10-159A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-159a.html"
},
{
"title": "TA10-162A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-162a.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001707"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44806"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001707"
},
{
"db": "NVD",
"id": "CVE-2010-2201"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"
},
{
"trust": 2.1,
"url": "http://www.securityfocus.com/bid/41237"
},
{
"trust": 2.1,
"url": "http://www.vupen.com/english/advisories/2010/1636"
},
{
"trust": 1.8,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/512098"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a6854"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id?1024159"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2201"
},
{
"trust": 0.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
},
{
"trust": 0.8,
"url": "http://www.adobe.com/devnet/actionscript/articles/avm2overview.pdf"
},
{
"trust": 0.8,
"url": "http://labs.adobe.com/technologies/flashplayer10/"
},
{
"trust": 0.8,
"url": "http://blog.zynamics.com/2010/06/09/analyzing-the-currently-exploited-0-day-for-adobe-reader-and-adobe-flash/"
},
{
"trust": 0.8,
"url": "http://www.symantec.com/connect/blogs/analysis-zero-day-exploit-adobe-flash-and-reader"
},
{
"trust": 0.8,
"url": "http://community.websense.com/blogs/securitylabs/archive/2010/06/09/having-fun-with-adobe-0-day-exploits.aspx"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/40026"
},
{
"trust": 0.8,
"url": "http://www.f-secure.com/weblog/archives/00001962.html"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20100611-adobe.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100015.txt"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100017.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-159a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-162a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-16"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2201"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-159a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-162a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-159a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-162a.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "/archive/1/512098"
},
{
"trust": 0.3,
"url": "http://www.exploit-db.com/moaub12-adobe-acrobat-and-reader-pushstring-memory-corruption/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2201"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/399.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://packetstormsecurity.com/files/93748/month-of-abysssec-undisclosed-bugs-adobe-acrobat-reader.html"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/14982/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2203"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2209"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0188"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0199"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201009-05.xml"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2205"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2211"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1285"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0199"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0190"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2210"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0188"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0198"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-07.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1297"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1241"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1295"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2208"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0190"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0198"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2207"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2168"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-16.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0186"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2212"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/services/wass-index.php"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/research.php"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/services/ba-index.php"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/services/tpp-index.php"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/services/vns-index.php"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40026/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/webinars/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40026/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/486225\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-159a.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx\u003e"
},
{
"trust": 0.1,
"url": "http://labs.adobe.com/technologies/flashplayer10/\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/reading_room/securing_browser/\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx\u003e"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44806"
},
{
"db": "VULMON",
"id": "CVE-2010-2201"
},
{
"db": "BID",
"id": "41237"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001707"
},
{
"db": "PACKETSTORM",
"id": "93759"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "91356"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-479"
},
{
"db": "NVD",
"id": "CVE-2010-2201"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44806"
},
{
"db": "VULMON",
"id": "CVE-2010-2201"
},
{
"db": "BID",
"id": "41237"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001707"
},
{
"db": "PACKETSTORM",
"id": "93759"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "91356"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-479"
},
{
"db": "NVD",
"id": "CVE-2010-2201"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-06-07T00:00:00",
"db": "CERT/CC",
"id": "VU#486225"
},
{
"date": "2010-06-30T00:00:00",
"db": "VULHUB",
"id": "VHN-44806"
},
{
"date": "2010-06-30T00:00:00",
"db": "VULMON",
"id": "CVE-2010-2201"
},
{
"date": "2010-06-29T00:00:00",
"db": "BID",
"id": "41237"
},
{
"date": "2010-07-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001707"
},
{
"date": "2010-09-13T01:11:52",
"db": "PACKETSTORM",
"id": "93759"
},
{
"date": "2010-09-08T05:23:46",
"db": "PACKETSTORM",
"id": "93607"
},
{
"date": "2010-07-01T05:48:14",
"db": "PACKETSTORM",
"id": "91356"
},
{
"date": "2010-06-07T11:14:28",
"db": "PACKETSTORM",
"id": "90322"
},
{
"date": "2010-06-12T04:47:27",
"db": "PACKETSTORM",
"id": "90516"
},
{
"date": "2010-06-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-479"
},
{
"date": "2010-06-30T18:30:01.520000",
"db": "NVD",
"id": "CVE-2010-2201"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-03-28T00:00:00",
"db": "CERT/CC",
"id": "VU#486225"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-44806"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2010-2201"
},
{
"date": "2010-09-13T07:22:00",
"db": "BID",
"id": "41237"
},
{
"date": "2010-07-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001707"
},
{
"date": "2011-07-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-479"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2010-2201"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-479"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash ActionScript AVM2 newfunction vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201006-479"
}
],
"trust": 0.6
}
}
var-201505-0308
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3046, CVE-2015-3049, CVE-2015-3050, CVE-2015-3051, CVE-2015-3052, CVE-2015-3057, CVE-2015-3070, and CVE-2015-3076. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within Line Annotations. A specially crafted Line Annotation can force Adobe Acrobat Reader to read memory past the end of an allocated object. Adobe Reader and Acrobat are prone to multiple memory-corruption vulnerabilities. Failed exploit attempts will likely result in denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201505-0308",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-209"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002634"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-169"
},
{
"db": "NVD",
"id": "CVE-2015-3056"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002634"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Brian Gorenc - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-209"
}
],
"trust": 0.7
},
"cve": "CVE-2015-3056",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3056",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-3056",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-81017",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3056",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-3056",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-3056",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-169",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-81017",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-209"
},
{
"db": "VULHUB",
"id": "VHN-81017"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002634"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-169"
},
{
"db": "NVD",
"id": "CVE-2015-3056"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3046, CVE-2015-3049, CVE-2015-3050, CVE-2015-3051, CVE-2015-3052, CVE-2015-3057, CVE-2015-3070, and CVE-2015-3076. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within Line Annotations. A specially crafted Line Annotation can force Adobe Acrobat Reader to read memory past the end of an allocated object. Adobe Reader and Acrobat are prone to multiple memory-corruption vulnerabilities. Failed exploit attempts will likely result in denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3056"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002634"
},
{
"db": "ZDI",
"id": "ZDI-15-209"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "VULHUB",
"id": "VHN-81017"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3056",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-209",
"trust": 1.8
},
{
"db": "BID",
"id": "74600",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1032284",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002634",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2714",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201505-169",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-81017",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-209"
},
{
"db": "VULHUB",
"id": "VHN-81017"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002634"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-169"
},
{
"db": "NVD",
"id": "CVE-2015-3056"
}
]
},
"id": "VAR-201505-0308",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81017"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:34:02.627000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-10",
"trust": 1.5,
"url": "http://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb15-10.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150514.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-209"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002634"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81017"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002634"
},
{
"db": "NVD",
"id": "CVE-2015-3056"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/74600"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-209"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032284"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3056"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150513-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3056"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=16279"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-209"
},
{
"db": "VULHUB",
"id": "VHN-81017"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002634"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-169"
},
{
"db": "NVD",
"id": "CVE-2015-3056"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-209"
},
{
"db": "VULHUB",
"id": "VHN-81017"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002634"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-169"
},
{
"db": "NVD",
"id": "CVE-2015-3056"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-209"
},
{
"date": "2015-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-81017"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74600"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002634"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-169"
},
{
"date": "2015-05-13T10:59:52.027000",
"db": "NVD",
"id": "CVE-2015-3056"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-209"
},
{
"date": "2017-01-03T00:00:00",
"db": "VULHUB",
"id": "VHN-81017"
},
{
"date": "2015-07-15T01:02:00",
"db": "BID",
"id": "74600"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002634"
},
{
"date": "2015-05-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-169"
},
{
"date": "2017-01-03T19:39:04.780000",
"db": "NVD",
"id": "CVE-2015-3056"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-169"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002634"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-169"
}
],
"trust": 0.6
}
}
var-200912-0790
Vulnerability from variot
The default configuration of Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, does not enable the Enhanced Security feature, which has unspecified impact and attack vectors, related to a "script injection vulnerability," as demonstrated by Acrobat Forms Data Format (FDF) behavior that allows cross-site scripting (XSS) by user-assisted remote attackers. The Doc.media.newPlayer method in Adobe Acrobat and Reader contains a use-after-free vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. An attacker can exploit this issue to obtain the contents of sensitive PDF files or to perform cross-site scripting attacks against domains hosting PDF files. NOTE: This issue was previously covered in BID 37667 (Adobe Acrobat and Reader January 2010 Multiple Remote Vulnerabilities), but has been given its own record to better document it. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability intelligence source on the market.
Implement it through Secunia.
For more information visit: http://secunia.com/advisories/business_solutions/
Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com
TITLE: Adobe Reader/Acrobat Code Execution Vulnerability
SECUNIA ADVISORY ID: SA37690
VERIFY ADVISORY: http://secunia.com/advisories/37690/
DESCRIPTION: A vulnerability has been reported in Adobe Reader and Acrobat, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an unspecified error and can be exploited to execute arbitrary code.
The vulnerability is reported in versions 9.2 and prior.
SOLUTION: Do not open untrusted PDF files.
Do not visit untrusted websites or follow untrusted links.
PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day.
ORIGINAL ADVISORY: http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
.
For more information: SA37690
SOLUTION: Adobe Reader 7.x and Acrobat 7.x: Upgrade to version 8.2 or 9.3. Please see the vendor's advisory for more information.
NOTE: Support has ended for Adobe Reader 7.x and Acrobat 7.x on Windows, Macintosh, and UNIX.
CHANGELOG: 2010-01-13: Updated CVE references. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA10-013A
Adobe Reader and Acrobat Vulnerabilities
Original release date: Last revised: -- Source: US-CERT
Systems Affected
* Adobe Reader and Acrobat 9.2 and earlier 9.x versions
* Adobe Reader and Acrobat 8.1.7 and earlier 8.x versions
Overview
Adobe has released Security bulletin APSB10-02, which describes multiple vulnerabilities affecting Adobe Reader and Acrobat.
I. These vulnerabilities affect Reader 9.2 and earlier 9.x versions and 8.1.7 and earlier 8.x versions. Further details are available in the US-CERT Vulnerability Notes Database.
An attacker could exploit these vulnerabilities by convincing a user to open a specially crafted PDF file. The Adobe Reader browser plug-in is available for multiple web browsers and operating systems, which can automatically open PDF documents hosted on a website.
Some of these vulnerabilities are being actively exploited.
II.
III. Solution
Update
Adobe has released updates to address this issue. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; un-check Enable Acrobat JavaScript).
Prevent Internet Explorer from automatically opening PDF documents
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7] "EditFlags"=hex:00,00,00,00
Disable the display of PDF documents in the web browser
Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied it may also mitigate future vulnerabilities.
To prevent PDF documents from automatically being opened in a web browser, do the following:
- Open the Edit menu.
- Choose the preferences option.
- Choose the Internet section.
- Un-check the "Display PDF in browser" check box.
Do not access PDF documents from untrusted sources
Do not open unfamiliar or unexpected PDF documents, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. References
-
Adobe Security Bulletin APSB10-02 - http://www.adobe.com/support/security/bulletins/apsb10-02.html
-
Vulnerability Note VU#508357 - https://www.kb.cert.org/vuls/id/508357
-
Vulnerability Note VU#773545 - https://www.kb.cert.org/vuls/id/773545
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA10-013A.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA10-013A Feedback VU#508357" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
January 13, 2010: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBS0402NucaIvSvh1ZAQJ3NQf+IbEop63x4l0P2ns/qPIVL3XaBd6xx11n +8eqQk0+ZtpmrPb03UjWaeh1tkNu98R4sMWZQENOWVbbeYLzAKLHPNf48ewqvzbl UvmW/kLxdu88Ux1BPNpJahX3zZgGqIswYSlGyIhlkpiLhUVrzfssykwyYbGZvGVn so9Euz4/1ZThOgAFoGY8xsqXVZ45lcS6YY2ACkl84r6BBcayzVtIsvfxKDfNMvfP bxjrXNqoLB/9n6x150uo2iF1dtB6uj/V+GVRFZa/X6lySTp/R+InBK8mpsxWMPB4 /la9+twnIB5cPHpNq1WVPhxbElsM3JCAndKEiLLTencMYPLc4i1cLQ== =KC5F -----END PGP SIGNATURE----- . ----------------------------------------------------------------------
Secunia integrated with Microsoft WSUS http://secunia.com/blog/71/
TITLE: Red Hat update for acroread
SECUNIA ADVISORY ID: SA38215
VERIFY ADVISORY: http://secunia.com/advisories/38215/
DESCRIPTION: Red Hat has issued an update for acroread. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks or compromise a user's system.
For more information: SA37690
SOLUTION: Updated packages are available via Red Hat Network
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200912-0790",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "5.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "4.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "5.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "4.0.5c"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "4.0.5a"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "5.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "4.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "5.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "3.02"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "3.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "3.01"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "3.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5a"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5c"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.4.z (server)"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "linux enterprise sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "networks callpilot 1002rp",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "networks callpilot 1005r",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "networks self-service peri application",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "networks callpilot 600r",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "linux enterprise sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "networks self-service speech server",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "networks callpilot 200i",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "networks self-service mps",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "5000"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "networks callpilot 703t",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "networks callpilot 201i",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "networks self-service mps",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "10000"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "networks self-service media processing server",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#773545"
},
{
"db": "CERT/CC",
"id": "VU#508357"
},
{
"db": "BID",
"id": "37763"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001017"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-090"
},
{
"db": "NVD",
"id": "CVE-2009-3956"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001017"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "stratsec",
"sources": [
{
"db": "BID",
"id": "37763"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-090"
}
],
"trust": 0.9
},
"cve": "CVE-2009-3956",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2009-3956",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-41402",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2009-3956",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#773545",
"trust": 0.8,
"value": "3.65"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#508357",
"trust": 0.8,
"value": "65.84"
},
{
"author": "NVD",
"id": "CVE-2009-3956",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201001-090",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-41402",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#773545"
},
{
"db": "CERT/CC",
"id": "VU#508357"
},
{
"db": "VULHUB",
"id": "VHN-41402"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001017"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-090"
},
{
"db": "NVD",
"id": "CVE-2009-3956"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The default configuration of Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, does not enable the Enhanced Security feature, which has unspecified impact and attack vectors, related to a \"script injection vulnerability,\" as demonstrated by Acrobat Forms Data Format (FDF) behavior that allows cross-site scripting (XSS) by user-assisted remote attackers. The Doc.media.newPlayer method in Adobe Acrobat and Reader contains a use-after-free vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. \nAn attacker can exploit this issue to obtain the contents of sensitive PDF files or to perform cross-site scripting attacks against domains hosting PDF files. \nNOTE: This issue was previously covered in BID 37667 (Adobe Acrobat and Reader January 2010 Multiple Remote Vulnerabilities), but has been given its own record to better document it. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management) \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nFor more information visit:\nhttp://secunia.com/advisories/business_solutions/\n\nAlternatively request a call from a Secunia representative today to\ndiscuss how we can help you with our capabilities contact us at:\nsales@secunia.com\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader/Acrobat Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA37690\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/37690/\n\nDESCRIPTION:\nA vulnerability has been reported in Adobe Reader and Acrobat, which\ncan be exploited by malicious people to compromise a user\u0027s system. \n\nThe vulnerability is caused due to an unspecified error and can be\nexploited to execute arbitrary code. \n\nThe vulnerability is reported in versions 9.2 and prior. \n\nSOLUTION:\nDo not open untrusted PDF files. \n\nDo not visit untrusted websites or follow untrusted links. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported as a 0-day. \n\nORIGINAL ADVISORY:\nhttp://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\nFor more information:\nSA37690\n\nSOLUTION:\nAdobe Reader 7.x and Acrobat 7.x:\nUpgrade to version 8.2 or 9.3. Please see the vendor\u0027s advisory for\nmore information. \n\nNOTE: Support has ended for Adobe Reader 7.x and Acrobat 7.x on\nWindows, Macintosh, and UNIX. \n\nCHANGELOG:\n2010-01-13: Updated CVE references. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n National Cyber Alert System\n\n Technical Cyber Security Alert TA10-013A\n\n\nAdobe Reader and Acrobat Vulnerabilities\n\n Original release date: \n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n * Adobe Reader and Acrobat 9.2 and earlier 9.x versions\n * Adobe Reader and Acrobat 8.1.7 and earlier 8.x versions\n\n\nOverview\n\n Adobe has released Security bulletin APSB10-02, which describes\n multiple vulnerabilities affecting Adobe Reader and Acrobat. \n\n\nI. These\n vulnerabilities affect Reader 9.2 and earlier 9.x versions and\n 8.1.7 and earlier 8.x versions. Further details are available in\n the US-CERT Vulnerability Notes Database. \n \n An attacker could exploit these vulnerabilities by convincing a\n user to open a specially crafted PDF file. The Adobe Reader browser\n plug-in is available for multiple web browsers and operating\n systems, which can automatically open PDF documents hosted on a\n website. \n \n Some of these vulnerabilities are being actively exploited. \n\n\nII. \n\n\nIII. Solution\n\n Update\n \n Adobe has released updates to address this issue. Acrobat JavaScript can be disabled using the\n Preferences menu (Edit -\u003e Preferences -\u003e JavaScript; un-check\n Enable Acrobat JavaScript). \n \n Prevent Internet Explorer from automatically opening PDF documents\n \n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n \n Windows Registry Editor Version 5.00\n \n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n \n Disable the display of PDF documents in the web browser\n \n Preventing PDF documents from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied it may also mitigate future vulnerabilities. \n \n To prevent PDF documents from automatically being opened in a web\n browser, do the following:\n \n 1. \n 2. Open the Edit menu. \n 3. Choose the preferences option. \n 4. Choose the Internet section. \n 5. Un-check the \"Display PDF in browser\" check box. \n \n Do not access PDF documents from untrusted sources\n \n Do not open unfamiliar or unexpected PDF documents, particularly\n those hosted on websites or delivered as email attachments. Please\n see Cyber Security Tip ST04-010. \n\n\nIV. References\n\n * Adobe Security Bulletin APSB10-02 -\n \u003chttp://www.adobe.com/support/security/bulletins/apsb10-02.html\u003e\n\n * Vulnerability Note VU#508357 -\n \u003chttps://www.kb.cert.org/vuls/id/508357\u003e\n\n * Vulnerability Note VU#773545 -\n \u003chttps://www.kb.cert.org/vuls/id/773545\u003e\n\n ____________________________________________________________________\n\n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA10-013A.html\u003e\n ____________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-013A Feedback VU#508357\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n \n January 13, 2010: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBS0402NucaIvSvh1ZAQJ3NQf+IbEop63x4l0P2ns/qPIVL3XaBd6xx11n\n+8eqQk0+ZtpmrPb03UjWaeh1tkNu98R4sMWZQENOWVbbeYLzAKLHPNf48ewqvzbl\nUvmW/kLxdu88Ux1BPNpJahX3zZgGqIswYSlGyIhlkpiLhUVrzfssykwyYbGZvGVn\nso9Euz4/1ZThOgAFoGY8xsqXVZ45lcS6YY2ACkl84r6BBcayzVtIsvfxKDfNMvfP\nbxjrXNqoLB/9n6x150uo2iF1dtB6uj/V+GVRFZa/X6lySTp/R+InBK8mpsxWMPB4\n/la9+twnIB5cPHpNq1WVPhxbElsM3JCAndKEiLLTencMYPLc4i1cLQ==\n=KC5F\n-----END PGP SIGNATURE-----\n. ----------------------------------------------------------------------\n\n\n\nSecunia integrated with Microsoft WSUS \nhttp://secunia.com/blog/71/\n\n\n\n----------------------------------------------------------------------\n\nTITLE:\nRed Hat update for acroread\n\nSECUNIA ADVISORY ID:\nSA38215\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/38215/\n\nDESCRIPTION:\nRed Hat has issued an update for acroread. This fixes multiple\nvulnerabilities, which can be exploited by malicious people to\nconduct cross-site scripting attacks or compromise a user\u0027s system. \n\nFor more information:\nSA37690\n\nSOLUTION:\nUpdated packages are available via Red Hat Network",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-3956"
},
{
"db": "CERT/CC",
"id": "VU#773545"
},
{
"db": "CERT/CC",
"id": "VU#508357"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001017"
},
{
"db": "BID",
"id": "37763"
},
{
"db": "VULHUB",
"id": "VHN-41402"
},
{
"db": "PACKETSTORM",
"id": "83870"
},
{
"db": "PACKETSTORM",
"id": "85063"
},
{
"db": "PACKETSTORM",
"id": "85057"
},
{
"db": "PACKETSTORM",
"id": "85087"
},
{
"db": "PACKETSTORM",
"id": "85488"
}
],
"trust": 3.87
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-41402",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41402"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-3956",
"trust": 2.8
},
{
"db": "USCERT",
"id": "TA10-013A",
"trust": 2.6
},
{
"db": "VUPEN",
"id": "ADV-2010-0103",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1023446",
"trust": 2.5
},
{
"db": "BID",
"id": "37763",
"trust": 2.2
},
{
"db": "SECUNIA",
"id": "38215",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "38138",
"trust": 1.2
},
{
"db": "CERT/CC",
"id": "VU#773545",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "37690",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#508357",
"trust": 0.9
},
{
"db": "OSVDB",
"id": "60980",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA10-013A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001017",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "TA10-013A",
"trust": 0.6
},
{
"db": "SUSE",
"id": "SUSE-SA:2010:008",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "14344",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201001-090",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "38131",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "85119",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-41402",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83870",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "85063",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "85057",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "85087",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "85488",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#773545"
},
{
"db": "CERT/CC",
"id": "VU#508357"
},
{
"db": "VULHUB",
"id": "VHN-41402"
},
{
"db": "BID",
"id": "37763"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001017"
},
{
"db": "PACKETSTORM",
"id": "83870"
},
{
"db": "PACKETSTORM",
"id": "85063"
},
{
"db": "PACKETSTORM",
"id": "85057"
},
{
"db": "PACKETSTORM",
"id": "85087"
},
{
"db": "PACKETSTORM",
"id": "85488"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-090"
},
{
"db": "NVD",
"id": "CVE-2009-3956"
}
]
},
"id": "VAR-200912-0790",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-41402"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:12:57.746000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-02",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"title": "APSB10-02",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-02.html"
},
{
"title": "RHSA-2010:0037",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0037.html"
},
{
"title": "RHSA-2010:0038",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0038.html"
},
{
"title": "RHSA-2010:0060",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0060.html"
},
{
"title": "TA10-013A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-013a.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001017"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-16",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41402"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001017"
},
{
"db": "NVD",
"id": "CVE-2009-3956"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-013a.html"
},
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id?1023446"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2010/0103"
},
{
"trust": 2.2,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/37763"
},
{
"trust": 1.7,
"url": "http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html"
},
{
"trust": 1.4,
"url": "http://www.stratsec.net/files/ss-2010-001_stratsec_acrobat_script_injection_security_advisory_v1.0.pdf"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/37690/"
},
{
"trust": 1.1,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=554296"
},
{
"trust": 1.1,
"url": "http://www.packetstormsecurity.org/1001-exploits/ss-2010-001.txt"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a8327"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2010-0060.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/38138"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/38215"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55554"
},
{
"trust": 0.8,
"url": "about vulnerability notes"
},
{
"trust": 0.8,
"url": "contact us about this vulnerability"
},
{
"trust": 0.8,
"url": "provide a vendor statement"
},
{
"trust": 0.8,
"url": "http://www.adobe.com/support/security/advisories/apsa09-07.html"
},
{
"trust": 0.8,
"url": "http://kb2.adobe.com/cps/532/cpsid_53237.html"
},
{
"trust": 0.8,
"url": "http://osvdb.org/show/osvdb/60980"
},
{
"trust": 0.8,
"url": "http://www.symantec.com/connect/blogs/zero-day-xmas-present"
},
{
"trust": 0.8,
"url": "http://voices.washingtonpost.com/securityfix/2009/12/hackers_target_unpatched_adobe.html"
},
{
"trust": 0.8,
"url": "http://vrt-sourcefire.blogspot.com/2009/12/this-is-what-happens-when-you-try-to-do.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3956"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20100113-adobe.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2010/at100003.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-013a/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-03/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-3956"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-013a.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/index.html#topics"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/14344"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.4,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026id=991610"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/38138/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/773545"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/38131/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html\u003e"
},
{
"trust": 0.1,
"url": "https://www.kb.cert.org/vuls/id/773545\u003e"
},
{
"trust": 0.1,
"url": "https://www.kb.cert.org/vuls/id/508357\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-013a.html\u003e"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2010-0060.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/71/"
},
{
"trust": 0.1,
"url": "http://rhn.redhat.com"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/38215/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#773545"
},
{
"db": "CERT/CC",
"id": "VU#508357"
},
{
"db": "VULHUB",
"id": "VHN-41402"
},
{
"db": "BID",
"id": "37763"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001017"
},
{
"db": "PACKETSTORM",
"id": "83870"
},
{
"db": "PACKETSTORM",
"id": "85063"
},
{
"db": "PACKETSTORM",
"id": "85057"
},
{
"db": "PACKETSTORM",
"id": "85087"
},
{
"db": "PACKETSTORM",
"id": "85488"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-090"
},
{
"db": "NVD",
"id": "CVE-2009-3956"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#773545"
},
{
"db": "CERT/CC",
"id": "VU#508357"
},
{
"db": "VULHUB",
"id": "VHN-41402"
},
{
"db": "BID",
"id": "37763"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001017"
},
{
"db": "PACKETSTORM",
"id": "83870"
},
{
"db": "PACKETSTORM",
"id": "85063"
},
{
"db": "PACKETSTORM",
"id": "85057"
},
{
"db": "PACKETSTORM",
"id": "85087"
},
{
"db": "PACKETSTORM",
"id": "85488"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-090"
},
{
"db": "NVD",
"id": "CVE-2009-3956"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-01-13T00:00:00",
"db": "CERT/CC",
"id": "VU#773545"
},
{
"date": "2009-12-15T00:00:00",
"db": "CERT/CC",
"id": "VU#508357"
},
{
"date": "2010-01-13T00:00:00",
"db": "VULHUB",
"id": "VHN-41402"
},
{
"date": "2010-01-12T00:00:00",
"db": "BID",
"id": "37763"
},
{
"date": "2010-02-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001017"
},
{
"date": "2009-12-15T13:39:57",
"db": "PACKETSTORM",
"id": "83870"
},
{
"date": "2010-01-13T17:35:22",
"db": "PACKETSTORM",
"id": "85063"
},
{
"date": "2010-01-13T17:35:06",
"db": "PACKETSTORM",
"id": "85057"
},
{
"date": "2010-01-14T02:46:00",
"db": "PACKETSTORM",
"id": "85087"
},
{
"date": "2010-01-21T10:22:42",
"db": "PACKETSTORM",
"id": "85488"
},
{
"date": "2010-01-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201001-090"
},
{
"date": "2010-01-13T19:30:00.513000",
"db": "NVD",
"id": "CVE-2009-3956"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-01-13T00:00:00",
"db": "CERT/CC",
"id": "VU#773545"
},
{
"date": "2010-06-18T00:00:00",
"db": "CERT/CC",
"id": "VU#508357"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-41402"
},
{
"date": "2010-02-01T21:21:00",
"db": "BID",
"id": "37763"
},
{
"date": "2010-02-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001017"
},
{
"date": "2011-07-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201001-090"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2009-3956"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201001-090"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NOS Microsystems Adobe getPlus Helper ActiveX control stack buffer overflows",
"sources": [
{
"db": "CERT/CC",
"id": "VU#773545"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "configuration error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201001-090"
}
],
"trust": 0.6
}
}
var-201208-0436
Vulnerability from variot
Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4162. Failed exploit attempts will likely cause denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. ----------------------------------------------------------------------
The new Secunia CSI 6.0 is now available in beta! Seamless integration with your existing security solutions Sign-up to become a Beta tester: http://secunia.com/csi6beta
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50281
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50281/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
RELEASE DATE: 2012-08-14
DISCUSS ADVISORY: http://secunia.com/advisories/50281/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50281/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.
1) An unspecified error can be exploited to cause a stack-based buffer overflow.
2) An unspecified error can be exploited to cause a buffer overflow.
3) An unspecified error can be exploited to corrupt memory.
4) Another unspecified error can be exploited to corrupt memory.
5) Another unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to cause a heap-based buffer overflow.
7) Multiple unspecified errors can be exploited to corrupt memory.
8) Two unspecified errors can be exploited to corrupt memory.
Note: Vulnerability #8 affects the Macintosh platform only.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
SOLUTION: Apply updates.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1) Pavel Polischouk, TELUS Security Labs 2) An anonymous person via Beyond Security 3) Mateusz Jurczyk, Google Security Team 4, 8) James Quirk 5) John Leitch, Microsoft 6) Nicolas Gr\xe9goire via iDefense 7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team
ORIGINAL ADVISORY: http://www.adobe.com/support/security/bulletins/apsb12-16.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201208-0436",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (macintosh)"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
}
],
"sources": [
{
"db": "BID",
"id": "55022"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003649"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-260"
},
{
"db": "NVD",
"id": "CVE-2012-4161"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003649"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "James Quirk of Los Alamos, New Mexico",
"sources": [
{
"db": "BID",
"id": "55022"
}
],
"trust": 0.3
},
"cve": "CVE-2012-4161",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2012-4161",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-57442",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-4161",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2012-4161",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201208-260",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-57442",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57442"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003649"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-260"
},
{
"db": "NVD",
"id": "CVE-2012-4161"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4162. Failed exploit attempts will likely cause denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. ----------------------------------------------------------------------\n\nThe new Secunia CSI 6.0 is now available in beta!\nSeamless integration with your existing security solutions Sign-up to \nbecome a Beta tester: http://secunia.com/csi6beta\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50281\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50281/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nRELEASE DATE:\n2012-08-14\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50281/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50281/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader and Adobe\nAcrobat, which can be exploited by malicious people to compromise a\nuser\u0027s system. \n\n1) An unspecified error can be exploited to cause a stack-based\nbuffer overflow. \n\n2) An unspecified error can be exploited to cause a buffer overflow. \n\n3) An unspecified error can be exploited to corrupt memory. \n\n4) Another unspecified error can be exploited to corrupt memory. \n\n5) Another unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to cause a heap-based buffer\noverflow. \n\n7) Multiple unspecified errors can be exploited to corrupt memory. \n\n8) Two unspecified errors can be exploited to corrupt memory. \n\nNote: Vulnerability #8 affects the Macintosh platform only. \n\nSuccessful exploitation of the vulnerabilities may allow execution of\narbitrary code. \n\nSOLUTION:\nApply updates. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1) Pavel Polischouk, TELUS Security Labs\n2) An anonymous person via Beyond Security\n3) Mateusz Jurczyk, Google Security Team\n4, 8) James Quirk\n5) John Leitch, Microsoft\n6) Nicolas Gr\\xe9goire via iDefense\n7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team\n\nORIGINAL ADVISORY:\nhttp://www.adobe.com/support/security/bulletins/apsb12-16.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4161"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003649"
},
{
"db": "BID",
"id": "55022"
},
{
"db": "VULHUB",
"id": "VHN-57442"
},
{
"db": "PACKETSTORM",
"id": "115524"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-4161",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003649",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201208-260",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "50281",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "20333",
"trust": 0.6
},
{
"db": "BID",
"id": "55022",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-57442",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "115524",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57442"
},
{
"db": "BID",
"id": "55022"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003649"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-260"
},
{
"db": "NVD",
"id": "CVE-2012-4161"
}
]
},
"id": "VAR-201208-0436",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-57442"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:14:28.539000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"title": "APSB12-16 (cq08100817)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/acrobat/kb/cq08100817.html"
},
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb12-16.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20120816.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003649"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57442"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003649"
},
{
"db": "NVD",
"id": "CVE-2012-4161"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4161"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2012/at120023.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4161"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50281"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/20333"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/"
},
{
"trust": 0.1,
"url": "http://secunia.com/csi6beta"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57442"
},
{
"db": "BID",
"id": "55022"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003649"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-260"
},
{
"db": "NVD",
"id": "CVE-2012-4161"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-57442"
},
{
"db": "BID",
"id": "55022"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003649"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-260"
},
{
"db": "NVD",
"id": "CVE-2012-4161"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-15T00:00:00",
"db": "VULHUB",
"id": "VHN-57442"
},
{
"date": "2012-08-14T00:00:00",
"db": "BID",
"id": "55022"
},
{
"date": "2012-08-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003649"
},
{
"date": "2012-08-14T04:36:45",
"db": "PACKETSTORM",
"id": "115524"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-260"
},
{
"date": "2012-08-15T10:31:41.740000",
"db": "NVD",
"id": "CVE-2012-4161"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-15T00:00:00",
"db": "VULHUB",
"id": "VHN-57442"
},
{
"date": "2012-08-14T00:00:00",
"db": "BID",
"id": "55022"
},
{
"date": "2012-08-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003649"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-260"
},
{
"date": "2012-08-15T10:31:41.740000",
"db": "NVD",
"id": "CVE-2012-4161"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-260"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003649"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-260"
}
],
"trust": 0.6
}
}
var-201505-0298
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073, and CVE-2015-3074. This vulnerability CVE-2015-3060 , CVE-2015-3061 , CVE-2015-3062 , CVE-2015-3063 , CVE-2015-3065 , CVE-2015-3066 , CVE-2015-3067 , CVE-2015-3068 , CVE-2015-3069 , CVE-2015-3071 , CVE-2015-3072 , CVE-2015-3073 and CVE-2015-3074 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlBy the attacker, JavaScript API May limit the execution limit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the DynamicAnnotStore compete method. By creating a specially crafted PDF with specific JavaScript instructions, it is possible to bypass the JavaScript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Reader and Acrobat are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201505-0298",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-204"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002642"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-177"
},
{
"db": "NVD",
"id": "CVE-2015-3064"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002642"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Brian Gorenc - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-204"
}
],
"trust": 0.7
},
"cve": "CVE-2015-3064",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3064",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-3064",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-81025",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3064",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-3064",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-3064",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-177",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-81025",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-204"
},
{
"db": "VULHUB",
"id": "VHN-81025"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002642"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-177"
},
{
"db": "NVD",
"id": "CVE-2015-3064"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073, and CVE-2015-3074. This vulnerability CVE-2015-3060 , CVE-2015-3061 , CVE-2015-3062 , CVE-2015-3063 , CVE-2015-3065 , CVE-2015-3066 , CVE-2015-3067 , CVE-2015-3068 , CVE-2015-3069 , CVE-2015-3071 , CVE-2015-3072 , CVE-2015-3073 and CVE-2015-3074 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlBy the attacker, JavaScript API May limit the execution limit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the DynamicAnnotStore compete method. By creating a specially crafted PDF with specific JavaScript instructions, it is possible to bypass the JavaScript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Reader and Acrobat are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002642"
},
{
"db": "ZDI",
"id": "ZDI-15-204"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "VULHUB",
"id": "VHN-81025"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3064",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-204",
"trust": 1.8
},
{
"db": "BID",
"id": "74604",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1032284",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002642",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2698",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201505-177",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-81025",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-204"
},
{
"db": "VULHUB",
"id": "VHN-81025"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002642"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-177"
},
{
"db": "NVD",
"id": "CVE-2015-3064"
}
]
},
"id": "VAR-201505-0298",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81025"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:34:03.431000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-10",
"trust": 1.5,
"url": "http://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb15-10.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150514.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-204"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002642"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-284",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81025"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002642"
},
{
"db": "NVD",
"id": "CVE-2015-3064"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/74604"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-204"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032284"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3064"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150513-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3064"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=16279"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-204"
},
{
"db": "VULHUB",
"id": "VHN-81025"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002642"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-177"
},
{
"db": "NVD",
"id": "CVE-2015-3064"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-204"
},
{
"db": "VULHUB",
"id": "VHN-81025"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002642"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-177"
},
{
"db": "NVD",
"id": "CVE-2015-3064"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-204"
},
{
"date": "2015-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-81025"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74604"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002642"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-177"
},
{
"date": "2015-05-13T10:59:59.233000",
"db": "NVD",
"id": "CVE-2015-3064"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-204"
},
{
"date": "2017-01-05T00:00:00",
"db": "VULHUB",
"id": "VHN-81025"
},
{
"date": "2015-05-15T01:17:00",
"db": "BID",
"id": "74604"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002642"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-177"
},
{
"date": "2017-01-05T19:53:55.273000",
"db": "NVD",
"id": "CVE-2015-3064"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-177"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat In JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002642"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "74604"
}
],
"trust": 0.3
}
}
var-201510-0339
Vulnerability from variot
The CBSharedReviewStatusDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the CBSharedReviewStatusDialog method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the CBSharedReviewStatusDialog method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0339",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-501"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005279"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-235"
},
{
"db": "NVD",
"id": "CVE-2015-6722"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005279"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Matt Molinyawe and Jasiel Spelman of HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-501"
}
],
"trust": 0.7
},
"cve": "CVE-2015-6722",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6722",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.7,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-6722",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84683",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6722",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6722",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-6722",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-235",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-84683",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-501"
},
{
"db": "VULHUB",
"id": "VHN-84683"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005279"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-235"
},
{
"db": "NVD",
"id": "CVE-2015-6722"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The CBSharedReviewStatusDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the CBSharedReviewStatusDialog method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the CBSharedReviewStatusDialog method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6722"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005279"
},
{
"db": "ZDI",
"id": "ZDI-15-501"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "VULHUB",
"id": "VHN-84683"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6722",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-501",
"trust": 2.4
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005279",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3085",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-235",
"trust": 0.7
},
{
"db": "BID",
"id": "77074",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84683",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-501"
},
{
"db": "VULHUB",
"id": "VHN-84683"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005279"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-235"
},
{
"db": "NVD",
"id": "CVE-2015-6722"
}
]
},
"id": "VAR-201510-0339",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84683"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:32.341000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product Privilege License and Access Control Vulnerability Fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58084"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-501"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005279"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-235"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84683"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005279"
},
{
"db": "NVD",
"id": "CVE-2015-6722"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-501"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6722"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6722"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-501"
},
{
"db": "VULHUB",
"id": "VHN-84683"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005279"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-235"
},
{
"db": "NVD",
"id": "CVE-2015-6722"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-501"
},
{
"db": "VULHUB",
"id": "VHN-84683"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005279"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-235"
},
{
"db": "NVD",
"id": "CVE-2015-6722"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-501"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84683"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005279"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-235"
},
{
"date": "2015-10-14T23:59:43.697000",
"db": "NVD",
"id": "CVE-2015-6722"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-501"
},
{
"date": "2020-05-18T00:00:00",
"db": "VULHUB",
"id": "VHN-84683"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005279"
},
{
"date": "2020-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-235"
},
{
"date": "2021-09-08T17:19:32.383000",
"db": "NVD",
"id": "CVE-2015-6722"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-235"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of CBSharedReviewStatusDialog In the method JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005279"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-235"
}
],
"trust": 0.6
}
}
var-201510-0375
Vulnerability from variot
The Function apply implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the apply method of Function objects. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. There are security vulnerabilities in the Function application implementation of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0375",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-491"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005272"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-228"
},
{
"db": "NVD",
"id": "CVE-2015-6715"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005272"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WanderingGlitch of HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-491"
}
],
"trust": 0.7
},
"cve": "CVE-2015-6715",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6715",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-6715",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-6715",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84676",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6715",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6715",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-6715",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-228",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-84676",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-491"
},
{
"db": "VULHUB",
"id": "VHN-84676"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005272"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-228"
},
{
"db": "NVD",
"id": "CVE-2015-6715"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Function apply implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the apply method of Function objects. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. There are security vulnerabilities in the Function application implementation of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6715"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005272"
},
{
"db": "ZDI",
"id": "ZDI-15-491"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "VULHUB",
"id": "VHN-84676"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6715",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-491",
"trust": 2.4
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005272",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3067",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-228",
"trust": 0.7
},
{
"db": "BID",
"id": "77074",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84676",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-491"
},
{
"db": "VULHUB",
"id": "VHN-84676"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005272"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-228"
},
{
"db": "NVD",
"id": "CVE-2015-6715"
}
]
},
"id": "VAR-201510-0375",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84676"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:36.483000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product Privilege License and Access Control Vulnerability Fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58077"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-491"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005272"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-228"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84676"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005272"
},
{
"db": "NVD",
"id": "CVE-2015-6715"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-491"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6715"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6715"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-491"
},
{
"db": "VULHUB",
"id": "VHN-84676"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005272"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-228"
},
{
"db": "NVD",
"id": "CVE-2015-6715"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-491"
},
{
"db": "VULHUB",
"id": "VHN-84676"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005272"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-228"
},
{
"db": "NVD",
"id": "CVE-2015-6715"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-491"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84676"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005272"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-228"
},
{
"date": "2015-10-14T23:59:36.993000",
"db": "NVD",
"id": "CVE-2015-6715"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-491"
},
{
"date": "2020-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-84676"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005272"
},
{
"date": "2020-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-228"
},
{
"date": "2021-09-08T17:19:32.217000",
"db": "NVD",
"id": "CVE-2015-6715"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-228"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of Function apply In the implementation of JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005272"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-228"
}
],
"trust": 0.6
}
}
var-201102-0059
Vulnerability from variot
The Bitmap parsing component in rt3d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted image that causes an invalid pointer calculation related to 4/8-bit RLE compression, a different vulnerability than CVE-2011-0596, CVE-2011-0598, and CVE-2011-0602. Adobe Reader and Acrobat Contains a vulnerability that allows arbitrary code execution. This vulnerability CVE-2011-0596 , CVE-2011-0598 and CVE-2011-0602 Is a different vulnerability.A third party may execute arbitrary code through the image. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The flaw exists within the Bitmap parsing component of rt3d.dll. When allocating a destination buffer for handling 4/8-bit RLE compressed bitmaps, the process uses the bitmap bits per pixel and number of colors values directly. A pointer is created based on the specified color depth, which can then be used to copy user supplied data into the fixed-length color data buffer on the heap.
For more information: SA43207
SOLUTION: Updated packages are available via Red Hat Network.
-- Vendor Response: Adobe has issued an update to correct this vulnerability. More details can be found at:
http://www.adobe.com/support/security/bulletins/apsb11-03.html
-- Disclosure Timeline: 2010-11-15 - Vulnerability reported to vendor 2011-02-08 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by: * Peter Vreugdenhil ( http://vreugdenhilresearch.nl )
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
Follow the ZDI on Twitter:
http://twitter.com/thezdi
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA43207
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43207/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
RELEASE DATE: 2011-02-09
DISCUSS ADVISORY: http://secunia.com/advisories/43207/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43207/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader / Acrobat, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks and compromise a user's system.
2) An unspecified error can be exploited to corrupt memory.
3) An unspecified error related to file permissions in Windows-based versions can be exploited to gain escalated privileges.
4) An unspecified error may allow code execution.
5) An unspecified error when parsing images can be exploited to corrupt memory.
6) An error in AcroRd32.dll when parsing certain images can be exploited to corrupt memory.
7) An unspecified error in the Macintosh-based versions may allow code execution.
9) An unspecified error may allow code execution.
10) A input validation error may allow code execution.
11) An input validation error can be exploited to conduct cross-site scripting attacks.
13) An unspecified error can be exploited to corrupt memory.
14) A boundary error when decoding U3D image data in an IFF file can be exploited to cause a buffer overflow.
15) A boundary error when decoding U3D image data in a RGBA file can be exploited to cause a buffer overflow.
16) A boundary error when decoding U3D image data in a BMP file can be exploited to cause a buffer overflow.
17) A boundary error when decoding U3D image data in a PSD file can be exploited to cause a buffer overflow.
18) An input validation error when parsing fonts may allow code execution.
19) A boundary error when decoding U3D image data in a FLI file can be exploited to cause a buffer overflow.
20) An error in 2d.dll when parsing height and width values of RLE_8 compressed BMP files can be exploited to cause a heap-based buffer overflow.
21) An integer overflow in ACE.dll when parsing certain ICC data can be exploited to cause a buffer overflow.
23) An error in the U3D implementation when handling the Parent Node count can be exploited to cause a buffer overflow.
24) A boundary error when processing JPEG files embedded in a PDF file can be exploited to corrupt heap memory.
25) An unspecified error when parsing images may allow code execution.
26) An input validation error can be exploited to conduct cross-site scripting attacks.
27) An unspecified error in the Macintosh-based versions may allow code execution.
28) A boundary error in rt3d.dll when parsing certain files can be exploited to cause a stack-based buffer overflow.
29) An integer overflow in the U3D implementation when parsing a ILBM texture file can be exploited to cause a buffer overflow.
30) Some vulnerabilities are caused due to vulnerabilities in the bundled version of Adobe Flash Player.
For more information: SA43267
The vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1 and prior, and 10.0 and prior.
SOLUTION: Update to version 8.2.6, 9.4.2, or 10.0.1.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: 2) Bing Liu, Fortinet's FortiGuard Labs. 6) Abdullah Ada via ZDI. 8) Haifei Li, Fortinet's FortiGuard Labs. 14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. 21) Sebastian Apelt via ZDI. 23) el via ZDI. 14) Sean Larsson, iDefense Labs. 28) An anonymous person via ZDI.
The vendor also credits: 1) Mitja Kolsek, ACROS Security. 3) Matthew Pun. 4, 5, 18) Tavis Ormandy, Google Security Team. 7) James Quirk. 9) Brett Gervasoni, Sense of Security. 10) Joe Schatz. 11, 26) Billy Rios, Google Security Team. 12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. 13) CESG. 25) Will Dormann, CERT. 27) Marc Schoenefeld, Red Hat Security Response Team.
ORIGINAL ADVISORY: Adobe (APSB11-03) http://www.adobe.com/support/security/bulletins/apsb11-03.html http://www.adobe.com/support/security/bulletins/apsb11-02.html
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-065/ http://www.zerodayinitiative.com/advisories/ZDI-11-066/ http://www.zerodayinitiative.com/advisories/ZDI-11-067/ http://www.zerodayinitiative.com/advisories/ZDI-11-068/ http://www.zerodayinitiative.com/advisories/ZDI-11-069/ http://www.zerodayinitiative.com/advisories/ZDI-11-070/ http://www.zerodayinitiative.com/advisories/ZDI-11-071/ http://www.zerodayinitiative.com/advisories/ZDI-11-072/ http://www.zerodayinitiative.com/advisories/ZDI-11-073/ http://www.zerodayinitiative.com/advisories/ZDI-11-074/ http://www.zerodayinitiative.com/advisories/ZDI-11-075/ http://www.zerodayinitiative.com/advisories/ZDI-11-077/
FortiGuard Labs: http://www.fortiguard.com/advisory/FGA-2011-06.html
iDefense: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.7"
References
[ 1 ] CVE-2010-4091 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091 [ 2 ] CVE-2011-0562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562 [ 3 ] CVE-2011-0563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563 [ 4 ] CVE-2011-0565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565 [ 5 ] CVE-2011-0566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566 [ 6 ] CVE-2011-0567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567 [ 7 ] CVE-2011-0570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570 [ 8 ] CVE-2011-0585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585 [ 9 ] CVE-2011-0586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586 [ 10 ] CVE-2011-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587 [ 11 ] CVE-2011-0588 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588 [ 12 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 13 ] CVE-2011-0590 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590 [ 14 ] CVE-2011-0591 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591 [ 15 ] CVE-2011-0592 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592 [ 16 ] CVE-2011-0593 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593 [ 17 ] CVE-2011-0594 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594 [ 18 ] CVE-2011-0595 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595 [ 19 ] CVE-2011-0596 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596 [ 20 ] CVE-2011-0598 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598 [ 21 ] CVE-2011-0599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599 [ 22 ] CVE-2011-0600 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600 [ 23 ] CVE-2011-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602 [ 24 ] CVE-2011-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603 [ 25 ] CVE-2011-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604 [ 26 ] CVE-2011-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605 [ 27 ] CVE-2011-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606 [ 28 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 29 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 30 ] CVE-2011-2135 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 31 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 32 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 33 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 34 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 35 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 36 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 37 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 38 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 39 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 40 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 41 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 42 ] CVE-2011-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431 [ 43 ] CVE-2011-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432 [ 44 ] CVE-2011-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433 [ 45 ] CVE-2011-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434 [ 46 ] CVE-2011-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435 [ 47 ] CVE-2011-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436 [ 48 ] CVE-2011-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437 [ 49 ] CVE-2011-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438 [ 50 ] CVE-2011-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439 [ 51 ] CVE-2011-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440 [ 52 ] CVE-2011-2441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441 [ 53 ] CVE-2011-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442 [ 54 ] CVE-2011-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462 [ 55 ] CVE-2011-4369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201201-19.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0059",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat professional extended",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-072"
},
{
"db": "BID",
"id": "46220"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001210"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-137"
},
{
"db": "NVD",
"id": "CVE-2011-0599"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_server_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_workstation_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001210"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Peter Vreugdenhil through TippingPoint\u0027s Zero Day Initiative",
"sources": [
{
"db": "BID",
"id": "46220"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-137"
}
],
"trust": 0.9
},
"cve": "CVE-2011-0599",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2011-0599",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2011-0599",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-48544",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-0599",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-0599",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2011-0599",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-137",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-48544",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2011-0599",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-072"
},
{
"db": "VULHUB",
"id": "VHN-48544"
},
{
"db": "VULMON",
"id": "CVE-2011-0599"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001210"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-137"
},
{
"db": "NVD",
"id": "CVE-2011-0599"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Bitmap parsing component in rt3d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted image that causes an invalid pointer calculation related to 4/8-bit RLE compression, a different vulnerability than CVE-2011-0596, CVE-2011-0598, and CVE-2011-0602. Adobe Reader and Acrobat Contains a vulnerability that allows arbitrary code execution. This vulnerability CVE-2011-0596 , CVE-2011-0598 and CVE-2011-0602 Is a different vulnerability.A third party may execute arbitrary code through the image. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The flaw exists within the Bitmap parsing component of rt3d.dll. When allocating a destination buffer for handling 4/8-bit RLE compressed bitmaps, the process uses the bitmap bits per pixel and number of colors values directly. A pointer is created based on the specified color depth, which can then be used to copy user supplied data into the fixed-length color data buffer on the heap. \n\nFor more information:\nSA43207\n\nSOLUTION:\nUpdated packages are available via Red Hat Network. \n\n-- Vendor Response:\nAdobe has issued an update to correct this vulnerability. More\ndetails can be found at:\n\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\n\n-- Disclosure Timeline:\n2010-11-15 - Vulnerability reported to vendor\n2011-02-08 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n * Peter Vreugdenhil ( http://vreugdenhilresearch.nl )\n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nFollow the ZDI on Twitter:\n\n http://twitter.com/thezdi\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA43207\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43207/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nRELEASE DATE:\n2011-02-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43207/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43207/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader /\nAcrobat, which can be exploited by malicious, local users to gain\nescalated privileges and by malicious people to conduct cross-site\nscripting attacks and compromise a user\u0027s system. \n\n2) An unspecified error can be exploited to corrupt memory. \n\n3) An unspecified error related to file permissions in Windows-based\nversions can be exploited to gain escalated privileges. \n\n4) An unspecified error may allow code execution. \n\n5) An unspecified error when parsing images can be exploited to\ncorrupt memory. \n\n6) An error in AcroRd32.dll when parsing certain images can be\nexploited to corrupt memory. \n\n7) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n9) An unspecified error may allow code execution. \n\n10) A input validation error may allow code execution. \n\n11) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n13) An unspecified error can be exploited to corrupt memory. \n\n14) A boundary error when decoding U3D image data in an IFF file can\nbe exploited to cause a buffer overflow. \n\n15) A boundary error when decoding U3D image data in a RGBA file can\nbe exploited to cause a buffer overflow. \n\n16) A boundary error when decoding U3D image data in a BMP file can\nbe exploited to cause a buffer overflow. \n\n17) A boundary error when decoding U3D image data in a PSD file can\nbe exploited to cause a buffer overflow. \n\n18) An input validation error when parsing fonts may allow code\nexecution. \n\n19) A boundary error when decoding U3D image data in a FLI file can\nbe exploited to cause a buffer overflow. \n\n20) An error in 2d.dll when parsing height and width values of RLE_8\ncompressed BMP files can be exploited to cause a heap-based buffer\noverflow. \n\n21) An integer overflow in ACE.dll when parsing certain ICC data can\nbe exploited to cause a buffer overflow. \n\n23) An error in the U3D implementation when handling the Parent Node\ncount can be exploited to cause a buffer overflow. \n\n24) A boundary error when processing JPEG files embedded in a PDF\nfile can be exploited to corrupt heap memory. \n\n25) An unspecified error when parsing images may allow code\nexecution. \n\n26) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n27) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n28) A boundary error in rt3d.dll when parsing certain files can be\nexploited to cause a stack-based buffer overflow. \n\n29) An integer overflow in the U3D implementation when parsing a ILBM\ntexture file can be exploited to cause a buffer overflow. \n\n30) Some vulnerabilities are caused due to vulnerabilities in the\nbundled version of Adobe Flash Player. \n\nFor more information:\nSA43267\n\nThe vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1\nand prior, and 10.0 and prior. \n\nSOLUTION:\nUpdate to version 8.2.6, 9.4.2, or 10.0.1. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\n2) Bing Liu, Fortinet\u0027s FortiGuard Labs. \n6) Abdullah Ada via ZDI. \n8) Haifei Li, Fortinet\u0027s FortiGuard Labs. \n14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. \n21) Sebastian Apelt via ZDI. \n23) el via ZDI. \n14) Sean Larsson, iDefense Labs. \n28) An anonymous person via ZDI. \n\nThe vendor also credits:\n1) Mitja Kolsek, ACROS Security. \n3) Matthew Pun. \n4, 5, 18) Tavis Ormandy, Google Security Team. \n7) James Quirk. \n9) Brett Gervasoni, Sense of Security. \n10) Joe Schatz. \n11, 26) Billy Rios, Google Security Team. \n12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. \n13) CESG. \n25) Will Dormann, CERT. \n27) Marc Schoenefeld, Red Hat Security Response Team. \n\nORIGINAL ADVISORY:\nAdobe (APSB11-03)\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-02.html\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-065/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-066/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-067/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-068/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-069/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-070/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-071/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-072/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-073/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-074/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-075/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-077/\n\nFortiGuard Labs:\nhttp://www.fortiguard.com/advisory/FGA-2011-06.html\n\niDefense:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. Please\nreview the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.4.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-4091\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091\n[ 2 ] CVE-2011-0562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562\n[ 3 ] CVE-2011-0563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563\n[ 4 ] CVE-2011-0565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565\n[ 5 ] CVE-2011-0566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566\n[ 6 ] CVE-2011-0567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567\n[ 7 ] CVE-2011-0570\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570\n[ 8 ] CVE-2011-0585\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585\n[ 9 ] CVE-2011-0586\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586\n[ 10 ] CVE-2011-0587\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587\n[ 11 ] CVE-2011-0588\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588\n[ 12 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 13 ] CVE-2011-0590\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590\n[ 14 ] CVE-2011-0591\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591\n[ 15 ] CVE-2011-0592\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592\n[ 16 ] CVE-2011-0593\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593\n[ 17 ] CVE-2011-0594\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594\n[ 18 ] CVE-2011-0595\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595\n[ 19 ] CVE-2011-0596\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596\n[ 20 ] CVE-2011-0598\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598\n[ 21 ] CVE-2011-0599\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599\n[ 22 ] CVE-2011-0600\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600\n[ 23 ] CVE-2011-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602\n[ 24 ] CVE-2011-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603\n[ 25 ] CVE-2011-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604\n[ 26 ] CVE-2011-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605\n[ 27 ] CVE-2011-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606\n[ 28 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 29 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 30 ] CVE-2011-2135\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 31 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 32 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 33 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 34 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 35 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 36 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 37 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 38 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 39 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 40 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 41 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 42 ] CVE-2011-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431\n[ 43 ] CVE-2011-2432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432\n[ 44 ] CVE-2011-2433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433\n[ 45 ] CVE-2011-2434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434\n[ 46 ] CVE-2011-2435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435\n[ 47 ] CVE-2011-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436\n[ 48 ] CVE-2011-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437\n[ 49 ] CVE-2011-2438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438\n[ 50 ] CVE-2011-2439\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439\n[ 51 ] CVE-2011-2440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440\n[ 52 ] CVE-2011-2441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441\n[ 53 ] CVE-2011-2442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442\n[ 54 ] CVE-2011-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462\n[ 55 ] CVE-2011-4369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201201-19.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0599"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001210"
},
{
"db": "ZDI",
"id": "ZDI-11-072"
},
{
"db": "BID",
"id": "46220"
},
{
"db": "VULHUB",
"id": "VHN-48544"
},
{
"db": "VULMON",
"id": "CVE-2011-0599"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98283"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
}
],
"trust": 3.06
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-48544",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48544"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-0599",
"trust": 3.8
},
{
"db": "ZDI",
"id": "ZDI-11-072",
"trust": 2.4
},
{
"db": "BID",
"id": "46220",
"trust": 2.3
},
{
"db": "SECTRACK",
"id": "1025033",
"trust": 2.0
},
{
"db": "VUPEN",
"id": "ADV-2011-0337",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "43470",
"trust": 1.3
},
{
"db": "VUPEN",
"id": "ADV-2011-0492",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "43207",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001210",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-947",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201102-137",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "98283",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-48544",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2011-0599",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99246",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-074",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-071",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-070",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-066",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-067",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-077",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-073",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-065",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-068",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-075",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-069",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98320",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109194",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-072"
},
{
"db": "VULHUB",
"id": "VHN-48544"
},
{
"db": "VULMON",
"id": "CVE-2011-0599"
},
{
"db": "BID",
"id": "46220"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001210"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98283"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-137"
},
{
"db": "NVD",
"id": "CVE-2011-0599"
}
]
},
"id": "VAR-201102-0059",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48544"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:37:51.821000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-03",
"trust": 1.5,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"title": "cpsid_89065",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/890/cpsid_89065.html"
},
{
"title": "RHSA-2011:0301",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2011-0301.html"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/0xCyberY/CVE-T4PDF "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-072"
},
{
"db": "VULMON",
"id": "CVE-2011-0599"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001210"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48544"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001210"
},
{
"db": "NVD",
"id": "CVE-2011-0599"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"trust": 2.1,
"url": "http://www.securityfocus.com/bid/46220"
},
{
"trust": 2.0,
"url": "http://www.securitytracker.com/id?1025033"
},
{
"trust": 2.0,
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"trust": 1.6,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-072/"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/516314"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12424"
},
{
"trust": 1.2,
"url": "http://www.redhat.com/support/errata/rhsa-2011-0301.html"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/43470"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2011/0492"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0599"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2011/at110004.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0599"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/43207"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "/archive/1/516314"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/vim/section_179/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/0xcybery/cve-t4pdf"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/#comments"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-0301.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43470"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
},
{
"trust": 0.1,
"url": "http://vreugdenhilresearch.nl"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-072"
},
{
"trust": 0.1,
"url": "http://twitter.com/thezdi"
},
{
"trust": 0.1,
"url": "http://www.tippingpoint.com"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-066/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-068/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/#comments"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-065/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-073/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-069/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-075/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-070/"
},
{
"trust": 0.1,
"url": "http://www.fortiguard.com/advisory/fga-2011-06.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-077/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-067/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-071/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-074/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-072"
},
{
"db": "VULHUB",
"id": "VHN-48544"
},
{
"db": "VULMON",
"id": "CVE-2011-0599"
},
{
"db": "BID",
"id": "46220"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001210"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98283"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-137"
},
{
"db": "NVD",
"id": "CVE-2011-0599"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-11-072"
},
{
"db": "VULHUB",
"id": "VHN-48544"
},
{
"db": "VULMON",
"id": "CVE-2011-0599"
},
{
"db": "BID",
"id": "46220"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001210"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98283"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-137"
},
{
"db": "NVD",
"id": "CVE-2011-0599"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-08T00:00:00",
"db": "ZDI",
"id": "ZDI-11-072"
},
{
"date": "2011-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-48544"
},
{
"date": "2011-02-10T00:00:00",
"db": "VULMON",
"id": "CVE-2011-0599"
},
{
"date": "2011-02-08T00:00:00",
"db": "BID",
"id": "46220"
},
{
"date": "2011-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001210"
},
{
"date": "2011-03-14T11:37:12",
"db": "PACKETSTORM",
"id": "99246"
},
{
"date": "2011-02-08T22:35:11",
"db": "PACKETSTORM",
"id": "98283"
},
{
"date": "2011-02-09T03:30:01",
"db": "PACKETSTORM",
"id": "98320"
},
{
"date": "2012-01-31T00:07:37",
"db": "PACKETSTORM",
"id": "109194"
},
{
"date": "2011-02-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-137"
},
{
"date": "2011-02-10T18:00:58.753000",
"db": "NVD",
"id": "CVE-2011-0599"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-08T00:00:00",
"db": "ZDI",
"id": "ZDI-11-072"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-48544"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2011-0599"
},
{
"date": "2013-06-20T09:39:00",
"db": "BID",
"id": "46220"
},
{
"date": "2011-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001210"
},
{
"date": "2011-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-137"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2011-0599"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "98283"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-137"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001210"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-137"
}
],
"trust": 0.6
}
}
var-201412-0496
Vulnerability from variot
Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. Adobe Reader and Acrobat are prone to an unspecified remote integer-overflow vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the application. Failed attacks may cause a denial-of-service condition. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201412-0496",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.06"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.02"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.01"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.03"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.07"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.04"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.13)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.13)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.10)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.10)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
}
],
"sources": [
{
"db": "BID",
"id": "71568"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005925"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-225"
},
{
"db": "NVD",
"id": "CVE-2014-8449"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005925"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Pedro Ribeiro of Agile Information Security.",
"sources": [
{
"db": "BID",
"id": "71568"
}
],
"trust": 0.3
},
"cve": "CVE-2014-8449",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-8449",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-76394",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-8449",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-8449",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201412-225",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-76394",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2014-8449",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76394"
},
{
"db": "VULMON",
"id": "CVE-2014-8449"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005925"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-225"
},
{
"db": "NVD",
"id": "CVE-2014-8449"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. Adobe Reader and Acrobat are prone to an unspecified remote integer-overflow vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the application. Failed attacks may cause a denial-of-service condition. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8449"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005925"
},
{
"db": "BID",
"id": "71568"
},
{
"db": "VULHUB",
"id": "VHN-76394"
},
{
"db": "VULMON",
"id": "CVE-2014-8449"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-8449",
"trust": 2.9
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005925",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201412-225",
"trust": 0.7
},
{
"db": "BID",
"id": "71568",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-76394",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2014-8449",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76394"
},
{
"db": "VULMON",
"id": "CVE-2014-8449"
},
{
"db": "BID",
"id": "71568"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005925"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-225"
},
{
"db": "NVD",
"id": "CVE-2014-8449"
}
]
},
"id": "VAR-201412-0496",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-76394"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T15:19:06.375000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb14-28.html"
},
{
"title": "RADAMSA",
"trust": 0.1,
"url": "https://github.com/StephenHaruna/RADAMSA "
},
{
"title": "radamsa",
"trust": 0.1,
"url": "https://github.com/Hwangtaewon/radamsa "
},
{
"title": "radamsa-Fuzzer",
"trust": 0.1,
"url": "https://github.com/sunzu94/radamsa-Fuzzer "
},
{
"title": "radamsa",
"trust": 0.1,
"url": "https://github.com/benoit-a/radamsa "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-8449"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005925"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-189",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76394"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005925"
},
{
"db": "NVD",
"id": "CVE-2014-8449"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8449"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20141210-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140053.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8449"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=15071"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/reader/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/189.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=37124"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76394"
},
{
"db": "VULMON",
"id": "CVE-2014-8449"
},
{
"db": "BID",
"id": "71568"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005925"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-225"
},
{
"db": "NVD",
"id": "CVE-2014-8449"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-76394"
},
{
"db": "VULMON",
"id": "CVE-2014-8449"
},
{
"db": "BID",
"id": "71568"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005925"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-225"
},
{
"db": "NVD",
"id": "CVE-2014-8449"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-10T00:00:00",
"db": "VULHUB",
"id": "VHN-76394"
},
{
"date": "2014-12-10T00:00:00",
"db": "VULMON",
"id": "CVE-2014-8449"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71568"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005925"
},
{
"date": "2014-12-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-225"
},
{
"date": "2014-12-10T21:59:21.710000",
"db": "NVD",
"id": "CVE-2014-8449"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-76394"
},
{
"date": "2014-12-12T00:00:00",
"db": "VULMON",
"id": "CVE-2014-8449"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71568"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005925"
},
{
"date": "2014-12-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-225"
},
{
"date": "2014-12-12T04:04:55.020000",
"db": "NVD",
"id": "CVE-2014-8449"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-225"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Integer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005925"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "digital error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-225"
}
],
"trust": 0.6
}
}
var-201208-0440
Vulnerability from variot
Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE-2012-4150, CVE-2012-4151, CVE-2012-4152, CVE-2012-4153, CVE-2012-4154, CVE-2012-4155, CVE-2012-4156, CVE-2012-4157, CVE-2012-4159, and CVE-2012-4160. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201308-03
http://security.gentoo.org/
Severity: High Title: Adobe Reader: Multiple vulnerabilities Date: August 22, 2013 Bugs: #431732, #451058, #469960 ID: 201308-03
Synopsis
Multiple vulnerabilities have been found in Adobe Reader, including potential remote execution of arbitrary code and local privilege escalation.
Background
Adobe Reader is a closed-source PDF reader.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.5.5 >= 9.5.5
Description
Multiple vulnerabilities have been discovered in Adobe Reader. Please review the CVE identifiers referenced below for details. A local attacker could gain privileges via unspecified vectors.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.5.5"
References
[ 1 ] CVE-2012-1525 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525 [ 2 ] CVE-2012-1530 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530 [ 3 ] CVE-2012-2049 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049 [ 4 ] CVE-2012-2050 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050 [ 5 ] CVE-2012-2051 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051 [ 6 ] CVE-2012-4147 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147 [ 7 ] CVE-2012-4148 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748 [ 8 ] CVE-2012-4149 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149 [ 9 ] CVE-2012-4150 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150 [ 10 ] CVE-2012-4151 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151 [ 11 ] CVE-2012-4152 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152 [ 12 ] CVE-2012-4153 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153 [ 13 ] CVE-2012-4154 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154 [ 14 ] CVE-2012-4155 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155 [ 15 ] CVE-2012-4156 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156 [ 16 ] CVE-2012-4157 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157 [ 17 ] CVE-2012-4158 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158 [ 18 ] CVE-2012-4159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159 [ 19 ] CVE-2012-4160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160 [ 20 ] CVE-2012-4363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363 [ 21 ] CVE-2013-0601 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601 [ 22 ] CVE-2013-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602 [ 23 ] CVE-2013-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603 [ 24 ] CVE-2013-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604 [ 25 ] CVE-2013-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605 [ 26 ] CVE-2013-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606 [ 27 ] CVE-2013-0607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607 [ 28 ] CVE-2013-0608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608 [ 29 ] CVE-2013-0609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609 [ 30 ] CVE-2013-0610 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610 [ 31 ] CVE-2013-0611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611 [ 32 ] CVE-2013-0612 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612 [ 33 ] CVE-2013-0613 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613 [ 34 ] CVE-2013-0614 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614 [ 35 ] CVE-2013-0615 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615 [ 36 ] CVE-2013-0616 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616 [ 37 ] CVE-2013-0617 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617 [ 38 ] CVE-2013-0618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618 [ 39 ] CVE-2013-0619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619 [ 40 ] CVE-2013-0620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620 [ 41 ] CVE-2013-0621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621 [ 42 ] CVE-2013-0622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622 [ 43 ] CVE-2013-0623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623 [ 44 ] CVE-2013-0624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624 [ 45 ] CVE-2013-0626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626 [ 46 ] CVE-2013-0627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627 [ 47 ] CVE-2013-0640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640 [ 48 ] CVE-2013-0641 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641 [ 49 ] CVE-2013-2549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549 [ 50 ] CVE-2013-2550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550 [ 51 ] CVE-2013-2718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718 [ 52 ] CVE-2013-2719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719 [ 53 ] CVE-2013-2720 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720 [ 54 ] CVE-2013-2721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721 [ 55 ] CVE-2013-2722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722 [ 56 ] CVE-2013-2723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723 [ 57 ] CVE-2013-2724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724 [ 58 ] CVE-2013-2725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725 [ 59 ] CVE-2013-2726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726 [ 60 ] CVE-2013-2727 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727 [ 61 ] CVE-2013-2729 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729 [ 62 ] CVE-2013-2730 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730 [ 63 ] CVE-2013-2731 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731 [ 64 ] CVE-2013-2732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732 [ 65 ] CVE-2013-2733 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733 [ 66 ] CVE-2013-2734 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734 [ 67 ] CVE-2013-2735 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735 [ 68 ] CVE-2013-2736 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736 [ 69 ] CVE-2013-2737 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737 [ 70 ] CVE-2013-3337 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337 [ 71 ] CVE-2013-3338 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338 [ 72 ] CVE-2013-3339 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339 [ 73 ] CVE-2013-3340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340 [ 74 ] CVE-2013-3341 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341 [ 75 ] CVE-2013-3342 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201308-03.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . ----------------------------------------------------------------------
The new Secunia CSI 6.0 is now available in beta! Seamless integration with your existing security solutions Sign-up to become a Beta tester: http://secunia.com/csi6beta
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50281
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50281/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
RELEASE DATE: 2012-08-14
DISCUSS ADVISORY: http://secunia.com/advisories/50281/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50281/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.
1) An unspecified error can be exploited to cause a stack-based buffer overflow.
2) An unspecified error can be exploited to cause a buffer overflow.
3) An unspecified error can be exploited to corrupt memory.
4) Another unspecified error can be exploited to corrupt memory.
5) Another unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to cause a heap-based buffer overflow.
7) Multiple unspecified errors can be exploited to corrupt memory.
8) Two unspecified errors can be exploited to corrupt memory.
Note: Vulnerability #8 affects the Macintosh platform only.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
SOLUTION: Apply updates.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1) Pavel Polischouk, TELUS Security Labs 2) An anonymous person via Beyond Security 3) Mateusz Jurczyk, Google Security Team 4, 8) James Quirk 5) John Leitch, Microsoft 6) Nicolas Gr\xe9goire via iDefense 7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team
ORIGINAL ADVISORY: http://www.adobe.com/support/security/bulletins/apsb12-16.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201208-0440",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (windows and macintosh)"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (windows and macintosh)"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "55019"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003646"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-257"
},
{
"db": "NVD",
"id": "CVE-2012-4158"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003646"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mateusz Jurczyk and Gynvael Coldwind, of the Google Security Team",
"sources": [
{
"db": "BID",
"id": "55019"
}
],
"trust": 0.3
},
"cve": "CVE-2012-4158",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2012-4158",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-57439",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-4158",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2012-4158",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201208-257",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-57439",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57439"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003646"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-257"
},
{
"db": "NVD",
"id": "CVE-2012-4158"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE-2012-4150, CVE-2012-4151, CVE-2012-4152, CVE-2012-4153, CVE-2012-4154, CVE-2012-4155, CVE-2012-4156, CVE-2012-4157, CVE-2012-4159, and CVE-2012-4160. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201308-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Adobe Reader: Multiple vulnerabilities\n Date: August 22, 2013\n Bugs: #431732, #451058, #469960\n ID: 201308-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Adobe Reader, including\npotential remote execution of arbitrary code and local privilege\nescalation. \n\nBackground\n==========\n\nAdobe Reader is a closed-source PDF reader. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/acroread \u003c 9.5.5 \u003e= 9.5.5\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Adobe Reader. Please\nreview the CVE identifiers referenced below for details. A local attacker could gain privileges via\nunspecified vectors. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.5.5\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-1525\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525\n[ 2 ] CVE-2012-1530\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530\n[ 3 ] CVE-2012-2049\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049\n[ 4 ] CVE-2012-2050\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050\n[ 5 ] CVE-2012-2051\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051\n[ 6 ] CVE-2012-4147\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147\n[ 7 ] CVE-2012-4148\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748\n[ 8 ] CVE-2012-4149\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149\n[ 9 ] CVE-2012-4150\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150\n[ 10 ] CVE-2012-4151\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151\n[ 11 ] CVE-2012-4152\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152\n[ 12 ] CVE-2012-4153\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153\n[ 13 ] CVE-2012-4154\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154\n[ 14 ] CVE-2012-4155\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155\n[ 15 ] CVE-2012-4156\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156\n[ 16 ] CVE-2012-4157\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157\n[ 17 ] CVE-2012-4158\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158\n[ 18 ] CVE-2012-4159\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159\n[ 19 ] CVE-2012-4160\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160\n[ 20 ] CVE-2012-4363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363\n[ 21 ] CVE-2013-0601\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601\n[ 22 ] CVE-2013-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602\n[ 23 ] CVE-2013-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603\n[ 24 ] CVE-2013-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604\n[ 25 ] CVE-2013-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605\n[ 26 ] CVE-2013-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606\n[ 27 ] CVE-2013-0607\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607\n[ 28 ] CVE-2013-0608\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608\n[ 29 ] CVE-2013-0609\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609\n[ 30 ] CVE-2013-0610\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610\n[ 31 ] CVE-2013-0611\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611\n[ 32 ] CVE-2013-0612\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612\n[ 33 ] CVE-2013-0613\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613\n[ 34 ] CVE-2013-0614\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614\n[ 35 ] CVE-2013-0615\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615\n[ 36 ] CVE-2013-0616\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616\n[ 37 ] CVE-2013-0617\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617\n[ 38 ] CVE-2013-0618\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618\n[ 39 ] CVE-2013-0619\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619\n[ 40 ] CVE-2013-0620\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620\n[ 41 ] CVE-2013-0621\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621\n[ 42 ] CVE-2013-0622\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622\n[ 43 ] CVE-2013-0623\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623\n[ 44 ] CVE-2013-0624\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624\n[ 45 ] CVE-2013-0626\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626\n[ 46 ] CVE-2013-0627\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627\n[ 47 ] CVE-2013-0640\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640\n[ 48 ] CVE-2013-0641\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641\n[ 49 ] CVE-2013-2549\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549\n[ 50 ] CVE-2013-2550\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550\n[ 51 ] CVE-2013-2718\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718\n[ 52 ] CVE-2013-2719\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719\n[ 53 ] CVE-2013-2720\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720\n[ 54 ] CVE-2013-2721\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721\n[ 55 ] CVE-2013-2722\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722\n[ 56 ] CVE-2013-2723\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723\n[ 57 ] CVE-2013-2724\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724\n[ 58 ] CVE-2013-2725\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725\n[ 59 ] CVE-2013-2726\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726\n[ 60 ] CVE-2013-2727\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727\n[ 61 ] CVE-2013-2729\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729\n[ 62 ] CVE-2013-2730\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730\n[ 63 ] CVE-2013-2731\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731\n[ 64 ] CVE-2013-2732\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732\n[ 65 ] CVE-2013-2733\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733\n[ 66 ] CVE-2013-2734\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734\n[ 67 ] CVE-2013-2735\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735\n[ 68 ] CVE-2013-2736\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736\n[ 69 ] CVE-2013-2737\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737\n[ 70 ] CVE-2013-3337\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337\n[ 71 ] CVE-2013-3338\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338\n[ 72 ] CVE-2013-3339\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339\n[ 73 ] CVE-2013-3340\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340\n[ 74 ] CVE-2013-3341\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341\n[ 75 ] CVE-2013-3342\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201308-03.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ----------------------------------------------------------------------\n\nThe new Secunia CSI 6.0 is now available in beta!\nSeamless integration with your existing security solutions Sign-up to \nbecome a Beta tester: http://secunia.com/csi6beta\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50281\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50281/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nRELEASE DATE:\n2012-08-14\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50281/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50281/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader and Adobe\nAcrobat, which can be exploited by malicious people to compromise a\nuser\u0027s system. \n\n1) An unspecified error can be exploited to cause a stack-based\nbuffer overflow. \n\n2) An unspecified error can be exploited to cause a buffer overflow. \n\n3) An unspecified error can be exploited to corrupt memory. \n\n4) Another unspecified error can be exploited to corrupt memory. \n\n5) Another unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to cause a heap-based buffer\noverflow. \n\n7) Multiple unspecified errors can be exploited to corrupt memory. \n\n8) Two unspecified errors can be exploited to corrupt memory. \n\nNote: Vulnerability #8 affects the Macintosh platform only. \n\nSuccessful exploitation of the vulnerabilities may allow execution of\narbitrary code. \n\nSOLUTION:\nApply updates. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1) Pavel Polischouk, TELUS Security Labs\n2) An anonymous person via Beyond Security\n3) Mateusz Jurczyk, Google Security Team\n4, 8) James Quirk\n5) John Leitch, Microsoft\n6) Nicolas Gr\\xe9goire via iDefense\n7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team\n\nORIGINAL ADVISORY:\nhttp://www.adobe.com/support/security/bulletins/apsb12-16.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4158"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003646"
},
{
"db": "BID",
"id": "55019"
},
{
"db": "VULHUB",
"id": "VHN-57439"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-4158",
"trust": 2.9
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003646",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201208-257",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "50281",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "20336",
"trust": 0.6
},
{
"db": "BID",
"id": "55019",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-57439",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "122930",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "115524",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57439"
},
{
"db": "BID",
"id": "55019"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003646"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-257"
},
{
"db": "NVD",
"id": "CVE-2012-4158"
}
]
},
"id": "VAR-201208-0440",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-57439"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:57:08.251000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"title": "APSB12-16 (cq08100817)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/acrobat/kb/cq08100817.html"
},
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb12-16.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20120816.html"
},
{
"title": "AcrobatUpd1014",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44040"
},
{
"title": "AdbeRdrUpd952_all_ppc",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44044"
},
{
"title": "AcroProUpd952_all",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44039"
},
{
"title": "AdbeRdrUpd952_all_i386",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44043"
},
{
"title": "AcrobatUpd1014",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44038"
},
{
"title": "AdbeRdrUpd1014",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44042"
},
{
"title": "AcrobatUpd952_all_incr",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44037"
},
{
"title": "AdbeRdrUpd952_all_incr",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44041"
},
{
"title": "AdbeRdrUpd1014",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44045"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003646"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-257"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57439"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003646"
},
{
"db": "NVD",
"id": "CVE-2012-4158"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"trust": 1.2,
"url": "http://security.gentoo.org/glsa/glsa-201308-03.xml"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16236"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4158"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2012/at120023.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4158"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50281"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/20336"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3338"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4147"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4155"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4152"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2729"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2718"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0611"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2719"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2722"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4147"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4152"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0620"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2725"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2721"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1525"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4153"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0607"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0617"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4151"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0615"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0601"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1525"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2735"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2726"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2737"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2549"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4154"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2727"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0608"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4157"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1530"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2734"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4157"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4153"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4150"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3342"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0641"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0610"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2731"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0623"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2049"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2733"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2736"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3337"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2050"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2720"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0614"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1530"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2730"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0616"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4151"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0619"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4150"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4154"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3341"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2550"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0640"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4155"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2049"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2732"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2724"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0612"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0613"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2723"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2050"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0621"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0601"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/"
},
{
"trust": 0.1,
"url": "http://secunia.com/csi6beta"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57439"
},
{
"db": "BID",
"id": "55019"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003646"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-257"
},
{
"db": "NVD",
"id": "CVE-2012-4158"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-57439"
},
{
"db": "BID",
"id": "55019"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003646"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-257"
},
{
"db": "NVD",
"id": "CVE-2012-4158"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-15T00:00:00",
"db": "VULHUB",
"id": "VHN-57439"
},
{
"date": "2012-08-14T00:00:00",
"db": "BID",
"id": "55019"
},
{
"date": "2012-08-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003646"
},
{
"date": "2013-08-23T06:29:02",
"db": "PACKETSTORM",
"id": "122930"
},
{
"date": "2012-08-14T04:36:45",
"db": "PACKETSTORM",
"id": "115524"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-257"
},
{
"date": "2012-08-15T10:31:41.630000",
"db": "NVD",
"id": "CVE-2012-4158"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-57439"
},
{
"date": "2013-08-26T06:14:00",
"db": "BID",
"id": "55019"
},
{
"date": "2012-08-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003646"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-257"
},
{
"date": "2017-09-19T01:35:17.217000",
"db": "NVD",
"id": "CVE-2012-4158"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-257"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X upper Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003646"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-257"
}
],
"trust": 0.6
}
}
var-201603-0202
Vulnerability from variot
Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.20060 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1009. This vulnerability CVE-2016-1009 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of annotation gestures. The issue lies in the failure to properly initialize the gestures property prior to using it, leading to memory corruption. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A security vulnerability exists in several Adobe products due to the program not properly initializing gesture properties
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201603-0202",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.14"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.010.20059"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30119"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.010.20059"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30119"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.14"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.15 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30121 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20060 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30121 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20060 (windows/macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.15 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.14"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.010.20059"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.010.20059"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.006.30119"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.006.30119"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.14"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-189"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001698"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-077"
},
{
"db": "NVD",
"id": "CVE-2016-1007"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001698"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-189"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-077"
}
],
"trust": 1.3
},
"cve": "CVE-2016-1007",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2016-1007",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2016-1007",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-88809",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2016-1007",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-1007",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2016-1007",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2016-1007",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-077",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-88809",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-1007",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-189"
},
{
"db": "VULHUB",
"id": "VHN-88809"
},
{
"db": "VULMON",
"id": "CVE-2016-1007"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001698"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-077"
},
{
"db": "NVD",
"id": "CVE-2016-1007"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.20060 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1009. This vulnerability CVE-2016-1009 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of annotation gestures. The issue lies in the failure to properly initialize the gestures property prior to using it, leading to memory corruption. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A security vulnerability exists in several Adobe products due to the program not properly initializing gesture properties",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1007"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001698"
},
{
"db": "ZDI",
"id": "ZDI-16-189"
},
{
"db": "VULHUB",
"id": "VHN-88809"
},
{
"db": "VULMON",
"id": "CVE-2016-1007"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-1007",
"trust": 3.3
},
{
"db": "ZDI",
"id": "ZDI-16-189",
"trust": 1.8
},
{
"db": "BID",
"id": "84215",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1035199",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001698",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3022",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201603-077",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-88809",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-1007",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-189"
},
{
"db": "VULHUB",
"id": "VHN-88809"
},
{
"db": "VULMON",
"id": "CVE-2016-1007"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001698"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-077"
},
{
"db": "NVD",
"id": "CVE-2016-1007"
}
]
},
"id": "VAR-201603-0202",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88809"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T14:06:08.190000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-09",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-09.html"
},
{
"title": "APSB16-09",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/acrobat/apsb16-09.html"
},
{
"title": "Multiple Adobe Fixes for product arbitrary code execution vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60437"
},
{
"title": null,
"trust": 0.1,
"url": "https://threatpost.com/adobe-patches-reader-and-acrobat-teases-upcoming-flash-update/116662/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-189"
},
{
"db": "VULMON",
"id": "CVE-2016-1007"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001698"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-077"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88809"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001698"
},
{
"db": "NVD",
"id": "CVE-2016-1007"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-09.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/84215"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-189"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1035199"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1007"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1007"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-189"
},
{
"db": "VULHUB",
"id": "VHN-88809"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001698"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-077"
},
{
"db": "NVD",
"id": "CVE-2016-1007"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-16-189"
},
{
"db": "VULHUB",
"id": "VHN-88809"
},
{
"db": "VULMON",
"id": "CVE-2016-1007"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001698"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-077"
},
{
"db": "NVD",
"id": "CVE-2016-1007"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-08T00:00:00",
"db": "ZDI",
"id": "ZDI-16-189"
},
{
"date": "2016-03-09T00:00:00",
"db": "VULHUB",
"id": "VHN-88809"
},
{
"date": "2016-03-09T00:00:00",
"db": "VULMON",
"id": "CVE-2016-1007"
},
{
"date": "2016-03-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001698"
},
{
"date": "2016-03-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-077"
},
{
"date": "2016-03-09T11:59:37.500000",
"db": "NVD",
"id": "CVE-2016-1007"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-08T00:00:00",
"db": "ZDI",
"id": "ZDI-16-189"
},
{
"date": "2016-12-03T00:00:00",
"db": "VULHUB",
"id": "VHN-88809"
},
{
"date": "2016-12-03T00:00:00",
"db": "VULMON",
"id": "CVE-2016-1007"
},
{
"date": "2016-03-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001698"
},
{
"date": "2016-03-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-077"
},
{
"date": "2016-12-03T03:19:30.003000",
"db": "NVD",
"id": "CVE-2016-1007"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-077"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001698"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-077"
}
],
"trust": 0.6
}
}
var-201102-0069
Vulnerability from variot
Integer overflow in ACE.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code via crafted ICC data, a different vulnerability than CVE-2011-0596, CVE-2011-0599, and CVE-2011-0602. Adobe Reader and Acrobat of ACE.dll Contains an integer overflow vulnerability. This vulnerability CVE-2011-0596 , CVE-2011-0599 and CVE-2011-0602 Is a different vulnerability.Skillfully crafted by a third party ICC An arbitrary code may be executed via the data. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The flaw exists within the ICC parsing component of ACE.dll. It is possible to cause an integer overflow due to several multiplications of controlled byte values. This leads to the allocation of a small buffer which can subsequently be overflowed. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the user running Reader.
The flaw exists within the ICC parsing component of ACE.dll.
-- Vendor Response: Adobe has issued an update to correct this vulnerability. More details can be found at:
http://www.adobe.com/support/security/bulletins/apsb11-03.html
-- Disclosure Timeline: 2010-11-15 - Vulnerability reported to vendor 2011-02-08 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by: * Sebastian Apelt (www.siberas.de)
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
Follow the ZDI on Twitter:
http://twitter.com/thezdi
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ .
For more information: SA43207
SOLUTION: Updated packages are available via Red Hat Network. ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA43207
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43207/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
RELEASE DATE: 2011-02-09
DISCUSS ADVISORY: http://secunia.com/advisories/43207/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43207/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader / Acrobat, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks and compromise a user's system.
2) An unspecified error can be exploited to corrupt memory.
3) An unspecified error related to file permissions in Windows-based versions can be exploited to gain escalated privileges.
4) An unspecified error may allow code execution.
5) An unspecified error when parsing images can be exploited to corrupt memory.
6) An error in AcroRd32.dll when parsing certain images can be exploited to corrupt memory.
7) An unspecified error in the Macintosh-based versions may allow code execution.
9) An unspecified error may allow code execution.
10) A input validation error may allow code execution.
11) An input validation error can be exploited to conduct cross-site scripting attacks.
13) An unspecified error can be exploited to corrupt memory.
14) A boundary error when decoding U3D image data in an IFF file can be exploited to cause a buffer overflow.
15) A boundary error when decoding U3D image data in a RGBA file can be exploited to cause a buffer overflow.
16) A boundary error when decoding U3D image data in a BMP file can be exploited to cause a buffer overflow.
17) A boundary error when decoding U3D image data in a PSD file can be exploited to cause a buffer overflow.
18) An input validation error when parsing fonts may allow code execution.
19) A boundary error when decoding U3D image data in a FLI file can be exploited to cause a buffer overflow.
20) An error in 2d.dll when parsing height and width values of RLE_8 compressed BMP files can be exploited to cause a heap-based buffer overflow.
22) A boundary error in rt3d.dll when parsing bits per pixel and number of colors if 4/8-bit RLE compressed BMP files can be exploited to cause a heap-based buffer overflow.
23) An error in the U3D implementation when handling the Parent Node count can be exploited to cause a buffer overflow.
24) A boundary error when processing JPEG files embedded in a PDF file can be exploited to corrupt heap memory.
25) An unspecified error when parsing images may allow code execution.
26) An input validation error can be exploited to conduct cross-site scripting attacks.
27) An unspecified error in the Macintosh-based versions may allow code execution.
28) A boundary error in rt3d.dll when parsing certain files can be exploited to cause a stack-based buffer overflow.
30) Some vulnerabilities are caused due to vulnerabilities in the bundled version of Adobe Flash Player.
For more information: SA43267
The vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1 and prior, and 10.0 and prior.
SOLUTION: Update to version 8.2.6, 9.4.2, or 10.0.1.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: 2) Bing Liu, Fortinet's FortiGuard Labs. 6) Abdullah Ada via ZDI. 8) Haifei Li, Fortinet's FortiGuard Labs. 14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. 21) Sebastian Apelt via ZDI. 23) el via ZDI. 14) Sean Larsson, iDefense Labs. 28) An anonymous person via ZDI.
The vendor also credits: 1) Mitja Kolsek, ACROS Security. 3) Matthew Pun. 4, 5, 18) Tavis Ormandy, Google Security Team. 7) James Quirk. 9) Brett Gervasoni, Sense of Security. 10) Joe Schatz. 11, 26) Billy Rios, Google Security Team. 12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. 13) CESG. 25) Will Dormann, CERT. 27) Marc Schoenefeld, Red Hat Security Response Team.
ORIGINAL ADVISORY: Adobe (APSB11-03) http://www.adobe.com/support/security/bulletins/apsb11-03.html http://www.adobe.com/support/security/bulletins/apsb11-02.html
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-065/ http://www.zerodayinitiative.com/advisories/ZDI-11-066/ http://www.zerodayinitiative.com/advisories/ZDI-11-067/ http://www.zerodayinitiative.com/advisories/ZDI-11-068/ http://www.zerodayinitiative.com/advisories/ZDI-11-069/ http://www.zerodayinitiative.com/advisories/ZDI-11-070/ http://www.zerodayinitiative.com/advisories/ZDI-11-071/ http://www.zerodayinitiative.com/advisories/ZDI-11-072/ http://www.zerodayinitiative.com/advisories/ZDI-11-073/ http://www.zerodayinitiative.com/advisories/ZDI-11-074/ http://www.zerodayinitiative.com/advisories/ZDI-11-075/ http://www.zerodayinitiative.com/advisories/ZDI-11-077/
FortiGuard Labs: http://www.fortiguard.com/advisory/FGA-2011-06.html
iDefense: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.7"
References
[ 1 ] CVE-2010-4091 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091 [ 2 ] CVE-2011-0562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562 [ 3 ] CVE-2011-0563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563 [ 4 ] CVE-2011-0565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565 [ 5 ] CVE-2011-0566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566 [ 6 ] CVE-2011-0567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567 [ 7 ] CVE-2011-0570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570 [ 8 ] CVE-2011-0585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585 [ 9 ] CVE-2011-0586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586 [ 10 ] CVE-2011-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587 [ 11 ] CVE-2011-0588 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588 [ 12 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 13 ] CVE-2011-0590 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590 [ 14 ] CVE-2011-0591 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591 [ 15 ] CVE-2011-0592 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592 [ 16 ] CVE-2011-0593 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593 [ 17 ] CVE-2011-0594 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594 [ 18 ] CVE-2011-0595 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595 [ 19 ] CVE-2011-0596 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596 [ 20 ] CVE-2011-0598 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598 [ 21 ] CVE-2011-0599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599 [ 22 ] CVE-2011-0600 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600 [ 23 ] CVE-2011-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602 [ 24 ] CVE-2011-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603 [ 25 ] CVE-2011-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604 [ 26 ] CVE-2011-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605 [ 27 ] CVE-2011-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606 [ 28 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 29 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 30 ] CVE-2011-2135 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 31 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 32 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 33 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 34 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 35 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 36 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 37 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 38 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 39 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 40 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 41 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 42 ] CVE-2011-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431 [ 43 ] CVE-2011-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432 [ 44 ] CVE-2011-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433 [ 45 ] CVE-2011-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434 [ 46 ] CVE-2011-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435 [ 47 ] CVE-2011-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436 [ 48 ] CVE-2011-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437 [ 49 ] CVE-2011-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438 [ 50 ] CVE-2011-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439 [ 51 ] CVE-2011-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440 [ 52 ] CVE-2011-2441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441 [ 53 ] CVE-2011-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442 [ 54 ] CVE-2011-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462 [ 55 ] CVE-2011-4369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201201-19.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0069",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat professional extended",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-073"
},
{
"db": "BID",
"id": "46219"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001209"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-138"
},
{
"db": "NVD",
"id": "CVE-2011-0598"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_server_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_workstation_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001209"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sebastian Apelt through TippingPoint\u0027s Zero Day Initiative",
"sources": [
{
"db": "BID",
"id": "46219"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-138"
}
],
"trust": 0.9
},
"cve": "CVE-2011-0598",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2011-0598",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2011-0598",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-48543",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-0598",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-0598",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2011-0598",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-138",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-48543",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2011-0598",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-073"
},
{
"db": "VULHUB",
"id": "VHN-48543"
},
{
"db": "VULMON",
"id": "CVE-2011-0598"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001209"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-138"
},
{
"db": "NVD",
"id": "CVE-2011-0598"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Integer overflow in ACE.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code via crafted ICC data, a different vulnerability than CVE-2011-0596, CVE-2011-0599, and CVE-2011-0602. Adobe Reader and Acrobat of ACE.dll Contains an integer overflow vulnerability. This vulnerability CVE-2011-0596 , CVE-2011-0599 and CVE-2011-0602 Is a different vulnerability.Skillfully crafted by a third party ICC An arbitrary code may be executed via the data. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The flaw exists within the ICC parsing component of ACE.dll. It is possible to cause an integer overflow due to several multiplications of controlled byte values. This leads to the allocation of a small buffer which can subsequently be overflowed. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the user running Reader. \n\nThe flaw exists within the ICC parsing component of ACE.dll. \n\n-- Vendor Response:\nAdobe has issued an update to correct this vulnerability. More\ndetails can be found at:\n\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\n\n-- Disclosure Timeline:\n2010-11-15 - Vulnerability reported to vendor\n2011-02-08 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n * Sebastian Apelt (www.siberas.de)\n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. TippingPoint does not re-sell the vulnerability details or any\nexploit code. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nFollow the ZDI on Twitter:\n\n http://twitter.com/thezdi\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. \n\nFor more information:\nSA43207\n\nSOLUTION:\nUpdated packages are available via Red Hat Network. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA43207\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43207/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nRELEASE DATE:\n2011-02-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43207/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43207/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader /\nAcrobat, which can be exploited by malicious, local users to gain\nescalated privileges and by malicious people to conduct cross-site\nscripting attacks and compromise a user\u0027s system. \n\n2) An unspecified error can be exploited to corrupt memory. \n\n3) An unspecified error related to file permissions in Windows-based\nversions can be exploited to gain escalated privileges. \n\n4) An unspecified error may allow code execution. \n\n5) An unspecified error when parsing images can be exploited to\ncorrupt memory. \n\n6) An error in AcroRd32.dll when parsing certain images can be\nexploited to corrupt memory. \n\n7) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n9) An unspecified error may allow code execution. \n\n10) A input validation error may allow code execution. \n\n11) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n13) An unspecified error can be exploited to corrupt memory. \n\n14) A boundary error when decoding U3D image data in an IFF file can\nbe exploited to cause a buffer overflow. \n\n15) A boundary error when decoding U3D image data in a RGBA file can\nbe exploited to cause a buffer overflow. \n\n16) A boundary error when decoding U3D image data in a BMP file can\nbe exploited to cause a buffer overflow. \n\n17) A boundary error when decoding U3D image data in a PSD file can\nbe exploited to cause a buffer overflow. \n\n18) An input validation error when parsing fonts may allow code\nexecution. \n\n19) A boundary error when decoding U3D image data in a FLI file can\nbe exploited to cause a buffer overflow. \n\n20) An error in 2d.dll when parsing height and width values of RLE_8\ncompressed BMP files can be exploited to cause a heap-based buffer\noverflow. \n\n22) A boundary error in rt3d.dll when parsing bits per pixel and\nnumber of colors if 4/8-bit RLE compressed BMP files can be exploited\nto cause a heap-based buffer overflow. \n\n23) An error in the U3D implementation when handling the Parent Node\ncount can be exploited to cause a buffer overflow. \n\n24) A boundary error when processing JPEG files embedded in a PDF\nfile can be exploited to corrupt heap memory. \n\n25) An unspecified error when parsing images may allow code\nexecution. \n\n26) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n27) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n28) A boundary error in rt3d.dll when parsing certain files can be\nexploited to cause a stack-based buffer overflow. \n\n30) Some vulnerabilities are caused due to vulnerabilities in the\nbundled version of Adobe Flash Player. \n\nFor more information:\nSA43267\n\nThe vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1\nand prior, and 10.0 and prior. \n\nSOLUTION:\nUpdate to version 8.2.6, 9.4.2, or 10.0.1. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\n2) Bing Liu, Fortinet\u0027s FortiGuard Labs. \n6) Abdullah Ada via ZDI. \n8) Haifei Li, Fortinet\u0027s FortiGuard Labs. \n14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. \n21) Sebastian Apelt via ZDI. \n23) el via ZDI. \n14) Sean Larsson, iDefense Labs. \n28) An anonymous person via ZDI. \n\nThe vendor also credits:\n1) Mitja Kolsek, ACROS Security. \n3) Matthew Pun. \n4, 5, 18) Tavis Ormandy, Google Security Team. \n7) James Quirk. \n9) Brett Gervasoni, Sense of Security. \n10) Joe Schatz. \n11, 26) Billy Rios, Google Security Team. \n12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. \n13) CESG. \n25) Will Dormann, CERT. \n27) Marc Schoenefeld, Red Hat Security Response Team. \n\nORIGINAL ADVISORY:\nAdobe (APSB11-03)\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-02.html\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-065/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-066/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-067/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-068/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-069/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-070/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-071/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-072/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-073/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-074/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-075/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-077/\n\nFortiGuard Labs:\nhttp://www.fortiguard.com/advisory/FGA-2011-06.html\n\niDefense:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. Please\nreview the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.4.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-4091\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091\n[ 2 ] CVE-2011-0562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562\n[ 3 ] CVE-2011-0563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563\n[ 4 ] CVE-2011-0565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565\n[ 5 ] CVE-2011-0566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566\n[ 6 ] CVE-2011-0567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567\n[ 7 ] CVE-2011-0570\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570\n[ 8 ] CVE-2011-0585\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585\n[ 9 ] CVE-2011-0586\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586\n[ 10 ] CVE-2011-0587\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587\n[ 11 ] CVE-2011-0588\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588\n[ 12 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 13 ] CVE-2011-0590\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590\n[ 14 ] CVE-2011-0591\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591\n[ 15 ] CVE-2011-0592\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592\n[ 16 ] CVE-2011-0593\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593\n[ 17 ] CVE-2011-0594\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594\n[ 18 ] CVE-2011-0595\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595\n[ 19 ] CVE-2011-0596\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596\n[ 20 ] CVE-2011-0598\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598\n[ 21 ] CVE-2011-0599\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599\n[ 22 ] CVE-2011-0600\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600\n[ 23 ] CVE-2011-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602\n[ 24 ] CVE-2011-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603\n[ 25 ] CVE-2011-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604\n[ 26 ] CVE-2011-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605\n[ 27 ] CVE-2011-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606\n[ 28 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 29 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 30 ] CVE-2011-2135\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 31 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 32 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 33 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 34 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 35 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 36 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 37 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 38 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 39 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 40 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 41 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 42 ] CVE-2011-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431\n[ 43 ] CVE-2011-2432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432\n[ 44 ] CVE-2011-2433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433\n[ 45 ] CVE-2011-2434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434\n[ 46 ] CVE-2011-2435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435\n[ 47 ] CVE-2011-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436\n[ 48 ] CVE-2011-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437\n[ 49 ] CVE-2011-2438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438\n[ 50 ] CVE-2011-2439\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439\n[ 51 ] CVE-2011-2440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440\n[ 52 ] CVE-2011-2441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441\n[ 53 ] CVE-2011-2442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442\n[ 54 ] CVE-2011-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462\n[ 55 ] CVE-2011-4369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201201-19.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0598"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001209"
},
{
"db": "ZDI",
"id": "ZDI-11-073"
},
{
"db": "BID",
"id": "46219"
},
{
"db": "VULHUB",
"id": "VHN-48543"
},
{
"db": "VULMON",
"id": "CVE-2011-0598"
},
{
"db": "PACKETSTORM",
"id": "98284"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
}
],
"trust": 3.06
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-48543",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48543"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-0598",
"trust": 3.8
},
{
"db": "ZDI",
"id": "ZDI-11-073",
"trust": 2.4
},
{
"db": "BID",
"id": "46219",
"trust": 2.3
},
{
"db": "SECTRACK",
"id": "1025033",
"trust": 2.0
},
{
"db": "VUPEN",
"id": "ADV-2011-0337",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "43470",
"trust": 1.3
},
{
"db": "VUPEN",
"id": "ADV-2011-0492",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "43207",
"trust": 1.0
},
{
"db": "XF",
"id": "65302",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001209",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-973",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201102-138",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "98284",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-48543",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2011-0598",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99246",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-074",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-071",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-070",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-066",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-067",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-077",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-072",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-065",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-068",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-075",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-069",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98320",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109194",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-073"
},
{
"db": "VULHUB",
"id": "VHN-48543"
},
{
"db": "VULMON",
"id": "CVE-2011-0598"
},
{
"db": "BID",
"id": "46219"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001209"
},
{
"db": "PACKETSTORM",
"id": "98284"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-138"
},
{
"db": "NVD",
"id": "CVE-2011-0598"
}
]
},
"id": "VAR-201102-0069",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48543"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:56:30.783000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-03",
"trust": 1.5,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"title": "cpsid_89065",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/890/cpsid_89065.html"
},
{
"title": "RHSA-2011:0301",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2011-0301.html"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/0xCyberY/CVE-T4PDF "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-073"
},
{
"db": "VULMON",
"id": "CVE-2011-0598"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001209"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-189",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48543"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001209"
},
{
"db": "NVD",
"id": "CVE-2011-0598"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"trust": 2.1,
"url": "http://www.securityfocus.com/bid/46219"
},
{
"trust": 2.0,
"url": "http://www.securitytracker.com/id?1025033"
},
{
"trust": 2.0,
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"trust": 1.6,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-073/"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/516315/100/0/threaded"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12081"
},
{
"trust": 1.2,
"url": "http://www.redhat.com/support/errata/rhsa-2011-0301.html"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/43470"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2011/0492"
},
{
"trust": 1.2,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65302"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0598"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/65302"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2011/at110004.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0598"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/43207"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/vim/section_179/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/189.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/0xcybery/cve-t4pdf"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-073"
},
{
"trust": 0.1,
"url": "https://www.siberas.de)"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://twitter.com/thezdi"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/#comments"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-0301.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43470"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-066/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-068/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/#comments"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-065/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-072/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-069/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-075/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-070/"
},
{
"trust": 0.1,
"url": "http://www.fortiguard.com/advisory/fga-2011-06.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-077/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-067/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-071/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-074/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-073"
},
{
"db": "VULHUB",
"id": "VHN-48543"
},
{
"db": "VULMON",
"id": "CVE-2011-0598"
},
{
"db": "BID",
"id": "46219"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001209"
},
{
"db": "PACKETSTORM",
"id": "98284"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-138"
},
{
"db": "NVD",
"id": "CVE-2011-0598"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-11-073"
},
{
"db": "VULHUB",
"id": "VHN-48543"
},
{
"db": "VULMON",
"id": "CVE-2011-0598"
},
{
"db": "BID",
"id": "46219"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001209"
},
{
"db": "PACKETSTORM",
"id": "98284"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-138"
},
{
"db": "NVD",
"id": "CVE-2011-0598"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-08T00:00:00",
"db": "ZDI",
"id": "ZDI-11-073"
},
{
"date": "2011-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-48543"
},
{
"date": "2011-02-10T00:00:00",
"db": "VULMON",
"id": "CVE-2011-0598"
},
{
"date": "2011-02-08T00:00:00",
"db": "BID",
"id": "46219"
},
{
"date": "2011-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001209"
},
{
"date": "2011-02-08T22:36:05",
"db": "PACKETSTORM",
"id": "98284"
},
{
"date": "2011-03-14T11:37:12",
"db": "PACKETSTORM",
"id": "99246"
},
{
"date": "2011-02-09T03:30:01",
"db": "PACKETSTORM",
"id": "98320"
},
{
"date": "2012-01-31T00:07:37",
"db": "PACKETSTORM",
"id": "109194"
},
{
"date": "2011-02-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-138"
},
{
"date": "2011-02-10T18:00:58.723000",
"db": "NVD",
"id": "CVE-2011-0598"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-08T00:00:00",
"db": "ZDI",
"id": "ZDI-11-073"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-48543"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2011-0598"
},
{
"date": "2015-03-19T09:46:00",
"db": "BID",
"id": "46219"
},
{
"date": "2011-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001209"
},
{
"date": "2011-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-138"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2011-0598"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "98284"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-138"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat of ACE.dll Integer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001209"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "digital error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-138"
}
],
"trust": 0.6
}
}
var-201412-0498
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. Adobe Reader and Acrobat are prone to an unspecified information-disclosure vulnerability. Attackers can exploit this issue to gain access to sensitive information that may lead to further attacks. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201412-0498",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.06"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.02"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.01"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.03"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.07"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.04"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "71567"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005927"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-227"
},
{
"db": "NVD",
"id": "CVE-2014-8452"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005927"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alex Inf\u00fchr of Cure53.de",
"sources": [
{
"db": "BID",
"id": "71567"
}
],
"trust": 0.3
},
"cve": "CVE-2014-8452",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2014-8452",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-76397",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-8452",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-8452",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201412-227",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-76397",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76397"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005927"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-227"
},
{
"db": "NVD",
"id": "CVE-2014-8452"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. Adobe Reader and Acrobat are prone to an unspecified information-disclosure vulnerability. \nAttackers can exploit this issue to gain access to sensitive information that may lead to further attacks. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8452"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005927"
},
{
"db": "BID",
"id": "71567"
},
{
"db": "VULHUB",
"id": "VHN-76397"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-8452",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005927",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201412-227",
"trust": 0.7
},
{
"db": "BID",
"id": "71567",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-76397",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76397"
},
{
"db": "BID",
"id": "71567"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005927"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-227"
},
{
"db": "NVD",
"id": "CVE-2014-8452"
}
]
},
"id": "VAR-201412-0498",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-76397"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T14:58:03.812000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb14-28.html"
},
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb15-10.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150514.html"
},
{
"title": "AdbeRdrUpd10113",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52690"
},
{
"title": "AcrobatUpd11010",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52693"
},
{
"title": "AcrobatUpd10113",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52692"
},
{
"title": "AdbeRdrUpd11010",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52691"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005927"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-227"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76397"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005927"
},
{
"db": "NVD",
"id": "CVE-2014-8452"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8452"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150513-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20141210-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140053.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8452"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=16279"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=15071"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76397"
},
{
"db": "BID",
"id": "71567"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005927"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-227"
},
{
"db": "NVD",
"id": "CVE-2014-8452"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-76397"
},
{
"db": "BID",
"id": "71567"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005927"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-227"
},
{
"db": "NVD",
"id": "CVE-2014-8452"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-10T00:00:00",
"db": "VULHUB",
"id": "VHN-76397"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71567"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005927"
},
{
"date": "2014-12-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-227"
},
{
"date": "2014-12-10T21:59:23.493000",
"db": "NVD",
"id": "CVE-2014-8452"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-76397"
},
{
"date": "2015-05-15T00:08:00",
"db": "BID",
"id": "71567"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005927"
},
{
"date": "2014-12-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-227"
},
{
"date": "2014-12-12T01:30:39.283000",
"db": "NVD",
"id": "CVE-2014-8452"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-227"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to reading arbitrary files",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005927"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-227"
}
],
"trust": 0.6
}
}
var-201505-0210
Vulnerability from variot
Multiple heap-based buffer overflows in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code via unknown vectors. Attackers can exploit these issues to execute arbitrary code within the context of the affected application. Failed exploit attempts likely result in denial-of-service conditions. The affected products are: Adobe Reader 11.x versions prior to 11.0.11 Adobe Reader 10.x versions prior to 10.1.14 Adobe Acrobat 11.x versions prior to 11.0.11 Adobe Acrobat 10.x versions prior to 10.1.14. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201505-0210",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
}
],
"sources": [
{
"db": "BID",
"id": "74599"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002623"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-113"
},
{
"db": "NVD",
"id": "CVE-2014-9160"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002623"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mateusz Jurczyk of Google Project Zero and Gynvael Coldwind of Google Security Team.",
"sources": [
{
"db": "BID",
"id": "74599"
}
],
"trust": 0.3
},
"cve": "CVE-2014-9160",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-9160",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-77105",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-9160",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-9160",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-113",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-77105",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2014-9160",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-77105"
},
{
"db": "VULMON",
"id": "CVE-2014-9160"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002623"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-113"
},
{
"db": "NVD",
"id": "CVE-2014-9160"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple heap-based buffer overflows in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code via unknown vectors. \nAttackers can exploit these issues to execute arbitrary code within the context of the affected application. Failed exploit attempts likely result in denial-of-service conditions. \nThe affected products are:\nAdobe Reader 11.x versions prior to 11.0.11\nAdobe Reader 10.x versions prior to 10.1.14\nAdobe Acrobat 11.x versions prior to 11.0.11\nAdobe Acrobat 10.x versions prior to 10.1.14. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-9160"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002623"
},
{
"db": "BID",
"id": "74599"
},
{
"db": "VULHUB",
"id": "VHN-77105"
},
{
"db": "VULMON",
"id": "CVE-2014-9160"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-9160",
"trust": 2.9
},
{
"db": "SECTRACK",
"id": "1032284",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002623",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201505-113",
"trust": 0.7
},
{
"db": "BID",
"id": "74599",
"trust": 0.4
},
{
"db": "PACKETSTORM",
"id": "133603",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-77105",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2014-9160",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-77105"
},
{
"db": "VULMON",
"id": "CVE-2014-9160"
},
{
"db": "BID",
"id": "74599"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002623"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-113"
},
{
"db": "NVD",
"id": "CVE-2014-9160"
}
]
},
"id": "VAR-201505-0210",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-77105"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:34:02.978000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb15-10.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150514.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002623"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-77105"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002623"
},
{
"db": "NVD",
"id": "CVE-2014-9160"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1032284"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9160"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150513-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-9160"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=16279"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/reader/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://www.rapid7.com/db/vulnerabilities/adobe-reader-apsb15-10-cve-2014-9160"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-77105"
},
{
"db": "VULMON",
"id": "CVE-2014-9160"
},
{
"db": "BID",
"id": "74599"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002623"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-113"
},
{
"db": "NVD",
"id": "CVE-2014-9160"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-77105"
},
{
"db": "VULMON",
"id": "CVE-2014-9160"
},
{
"db": "BID",
"id": "74599"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002623"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-113"
},
{
"db": "NVD",
"id": "CVE-2014-9160"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-77105"
},
{
"date": "2015-05-13T00:00:00",
"db": "VULMON",
"id": "CVE-2014-9160"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74599"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002623"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-113"
},
{
"date": "2015-05-13T10:59:00.097000",
"db": "NVD",
"id": "CVE-2014-9160"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-03T00:00:00",
"db": "VULHUB",
"id": "VHN-77105"
},
{
"date": "2017-01-03T00:00:00",
"db": "VULMON",
"id": "CVE-2014-9160"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74599"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002623"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-113"
},
{
"date": "2017-01-03T02:59:22.783000",
"db": "NVD",
"id": "CVE-2014-9160"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-113"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Heap-based buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002623"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-113"
}
],
"trust": 0.6
}
}
var-201510-0355
Vulnerability from variot
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5586, CVE-2015-6683, CVE-2015-6687, CVE-2015-6688, CVE-2015-6689, CVE-2015-6690, CVE-2015-6691, CVE-2015-7615, CVE-2015-7617, and CVE-2015-7621. This vulnerability CVE-2015-5586 , CVE-2015-6683 , CVE-2015-6687 , CVE-2015-6688 , CVE-2015-6689 , CVE-2015-6690 , CVE-2015-6691 , CVE-2015-7615 , CVE-2015-7617 ,and CVE-2015-7621 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. Adobe Acrobat and Reader are prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A use-after-free vulnerability exists in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0355",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005241"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-197"
},
{
"db": "NVD",
"id": "CVE-2015-6684"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005241"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri of HP Zero Day Initiative, Bill Finlayson of Vectra Networks, bilou working with VeriSign iDefense Labs, James Loureiro of MWR Labs, kdot working with HP\u0027s\u0027s Zero Day Initiative, Wei Lei and Wu Hongjun of Nanyang Technological University w",
"sources": [
{
"db": "BID",
"id": "77064"
}
],
"trust": 0.3
},
"cve": "CVE-2015-6684",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-6684",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-84645",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6684",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-6684",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-197",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-84645",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84645"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005241"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-197"
},
{
"db": "NVD",
"id": "CVE-2015-6684"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5586, CVE-2015-6683, CVE-2015-6687, CVE-2015-6688, CVE-2015-6689, CVE-2015-6690, CVE-2015-6691, CVE-2015-7615, CVE-2015-7617, and CVE-2015-7621. This vulnerability CVE-2015-5586 , CVE-2015-6683 , CVE-2015-6687 , CVE-2015-6688 , CVE-2015-6689 , CVE-2015-6690 , CVE-2015-6691 , CVE-2015-7615 , CVE-2015-7617 ,and CVE-2015-7621 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. Adobe Acrobat and Reader are prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A use-after-free vulnerability exists in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6684"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005241"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "VULHUB",
"id": "VHN-84645"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6684",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005241",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201510-197",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-15-508",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-470",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-493",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-469",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-474",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-492",
"trust": 0.3
},
{
"db": "BID",
"id": "77064",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84645",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84645"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005241"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-197"
},
{
"db": "NVD",
"id": "CVE-2015-6684"
}
]
},
"id": "VAR-201510-0355",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84645"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:36.717000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Remediation measures for reusing vulnerabilities after product release",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58046"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005241"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-197"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84645"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005241"
},
{
"db": "NVD",
"id": "CVE-2015-6684"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "https://www.verisign.com/en_us/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1205"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6684"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6684"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-469/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-470/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-474/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-492/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-493/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-508/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84645"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005241"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-197"
},
{
"db": "NVD",
"id": "CVE-2015-6684"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-84645"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005241"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-197"
},
{
"db": "NVD",
"id": "CVE-2015-6684"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84645"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77064"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005241"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-197"
},
{
"date": "2015-10-14T23:59:05.327000",
"db": "NVD",
"id": "CVE-2015-6684"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-18T00:00:00",
"db": "VULHUB",
"id": "VHN-84645"
},
{
"date": "2015-10-26T17:00:00",
"db": "BID",
"id": "77064"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005241"
},
{
"date": "2020-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-197"
},
{
"date": "2021-09-08T17:19:31.460000",
"db": "NVD",
"id": "CVE-2015-6684"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-197"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005241"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-197"
}
],
"trust": 0.6
}
}
var-201102-0064
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, related to "Texture bmp," a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0593, CVE-2011-0595, and CVE-2011-0600. Adobe Reader and Acrobat Contains a vulnerability that allows arbitrary code execution. This vulnerability CVE-2011-0590 , CVE-2011-0591 , CVE-2011-0593 , CVE-2011-0595 and CVE-2011-0600 Is a different vulnerability.By a third party 3D An arbitrary code may be executed via the file. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the application's implementation of an image format supported by the Universal 3D compressed file format. When decoding the image data provided by the file, the application will one size for allocating space for the destination buffer and then trust the data when decompressing into that buffer. Due to the decompression being unbounded by the actual buffer size, a buffer overflow can be triggered leading to code execution under the context of the application.
For more information: SA43207
SOLUTION: Updated packages are available via Red Hat Network. ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA43207
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43207/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
RELEASE DATE: 2011-02-09
DISCUSS ADVISORY: http://secunia.com/advisories/43207/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43207/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader / Acrobat, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks and compromise a user's system.
2) An unspecified error can be exploited to corrupt memory.
3) An unspecified error related to file permissions in Windows-based versions can be exploited to gain escalated privileges.
4) An unspecified error may allow code execution.
5) An unspecified error when parsing images can be exploited to corrupt memory.
6) An error in AcroRd32.dll when parsing certain images can be exploited to corrupt memory.
7) An unspecified error in the Macintosh-based versions may allow code execution.
9) An unspecified error may allow code execution.
10) A input validation error may allow code execution.
11) An input validation error can be exploited to conduct cross-site scripting attacks.
13) An unspecified error can be exploited to corrupt memory.
18) An input validation error when parsing fonts may allow code execution.
20) An error in 2d.dll when parsing height and width values of RLE_8 compressed BMP files can be exploited to cause a heap-based buffer overflow.
21) An integer overflow in ACE.dll when parsing certain ICC data can be exploited to cause a buffer overflow.
22) A boundary error in rt3d.dll when parsing bits per pixel and number of colors if 4/8-bit RLE compressed BMP files can be exploited to cause a heap-based buffer overflow.
23) An error in the U3D implementation when handling the Parent Node count can be exploited to cause a buffer overflow.
24) A boundary error when processing JPEG files embedded in a PDF file can be exploited to corrupt heap memory.
25) An unspecified error when parsing images may allow code execution.
26) An input validation error can be exploited to conduct cross-site scripting attacks.
27) An unspecified error in the Macintosh-based versions may allow code execution.
28) A boundary error in rt3d.dll when parsing certain files can be exploited to cause a stack-based buffer overflow.
29) An integer overflow in the U3D implementation when parsing a ILBM texture file can be exploited to cause a buffer overflow.
30) Some vulnerabilities are caused due to vulnerabilities in the bundled version of Adobe Flash Player.
For more information: SA43267
The vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1 and prior, and 10.0 and prior.
SOLUTION: Update to version 8.2.6, 9.4.2, or 10.0.1.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: 2) Bing Liu, Fortinet's FortiGuard Labs. 6) Abdullah Ada via ZDI. 8) Haifei Li, Fortinet's FortiGuard Labs. 14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. 21) Sebastian Apelt via ZDI. 23) el via ZDI. 14) Sean Larsson, iDefense Labs. 28) An anonymous person via ZDI.
The vendor also credits: 1) Mitja Kolsek, ACROS Security. 3) Matthew Pun. 4, 5, 18) Tavis Ormandy, Google Security Team. 7) James Quirk. 9) Brett Gervasoni, Sense of Security. 10) Joe Schatz. 11, 26) Billy Rios, Google Security Team. 12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. 13) CESG. 25) Will Dormann, CERT. 27) Marc Schoenefeld, Red Hat Security Response Team.
ORIGINAL ADVISORY: Adobe (APSB11-03) http://www.adobe.com/support/security/bulletins/apsb11-03.html http://www.adobe.com/support/security/bulletins/apsb11-02.html
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-065/ http://www.zerodayinitiative.com/advisories/ZDI-11-066/ http://www.zerodayinitiative.com/advisories/ZDI-11-067/ http://www.zerodayinitiative.com/advisories/ZDI-11-068/ http://www.zerodayinitiative.com/advisories/ZDI-11-069/ http://www.zerodayinitiative.com/advisories/ZDI-11-070/ http://www.zerodayinitiative.com/advisories/ZDI-11-071/ http://www.zerodayinitiative.com/advisories/ZDI-11-072/ http://www.zerodayinitiative.com/advisories/ZDI-11-073/ http://www.zerodayinitiative.com/advisories/ZDI-11-074/ http://www.zerodayinitiative.com/advisories/ZDI-11-075/ http://www.zerodayinitiative.com/advisories/ZDI-11-077/
FortiGuard Labs: http://www.fortiguard.com/advisory/FGA-2011-06.html
iDefense: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.7"
References
[ 1 ] CVE-2010-4091 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091 [ 2 ] CVE-2011-0562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562 [ 3 ] CVE-2011-0563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563 [ 4 ] CVE-2011-0565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565 [ 5 ] CVE-2011-0566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566 [ 6 ] CVE-2011-0567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567 [ 7 ] CVE-2011-0570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570 [ 8 ] CVE-2011-0585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585 [ 9 ] CVE-2011-0586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586 [ 10 ] CVE-2011-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587 [ 11 ] CVE-2011-0588 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588 [ 12 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 13 ] CVE-2011-0590 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590 [ 14 ] CVE-2011-0591 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591 [ 15 ] CVE-2011-0592 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592 [ 16 ] CVE-2011-0593 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593 [ 17 ] CVE-2011-0594 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594 [ 18 ] CVE-2011-0595 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595 [ 19 ] CVE-2011-0596 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596 [ 20 ] CVE-2011-0598 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598 [ 21 ] CVE-2011-0599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599 [ 22 ] CVE-2011-0600 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600 [ 23 ] CVE-2011-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602 [ 24 ] CVE-2011-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603 [ 25 ] CVE-2011-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604 [ 26 ] CVE-2011-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605 [ 27 ] CVE-2011-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606 [ 28 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 29 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 30 ] CVE-2011-2135 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 31 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 32 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 33 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 34 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 35 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 36 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 37 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 38 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 39 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 40 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 41 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 42 ] CVE-2011-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431 [ 43 ] CVE-2011-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432 [ 44 ] CVE-2011-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433 [ 45 ] CVE-2011-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434 [ 46 ] CVE-2011-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435 [ 47 ] CVE-2011-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436 [ 48 ] CVE-2011-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437 [ 49 ] CVE-2011-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438 [ 50 ] CVE-2011-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439 [ 51 ] CVE-2011-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440 [ 52 ] CVE-2011-2441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441 [ 53 ] CVE-2011-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442 [ 54 ] CVE-2011-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462 [ 55 ] CVE-2011-4369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201201-19.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 .
-- Vendor Response: Adobe has issued an update to correct this vulnerability. More details can be found at:
http://www.adobe.com/support/security/bulletins/apsb11-03.html
-- Disclosure Timeline: 2010-09-29 - Vulnerability reported to vendor 2011-02-08 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by: * Peter Vreugdenhil ( http://vreugdenhilresearch.nl )
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
Follow the ZDI on Twitter:
http://twitter.com/thezdi
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0064",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat professional extended",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-068"
},
{
"db": "BID",
"id": "46210"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001204"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-143"
},
{
"db": "NVD",
"id": "CVE-2011-0592"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_server_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_workstation_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001204"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Peter Vreugdenhil through TippingPoint\u0027s Zero Day Initiative",
"sources": [
{
"db": "BID",
"id": "46210"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-143"
}
],
"trust": 0.9
},
"cve": "CVE-2011-0592",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2011-0592",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2011-0592",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-48537",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-0592",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-0592",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2011-0592",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-143",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-48537",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-068"
},
{
"db": "VULHUB",
"id": "VHN-48537"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001204"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-143"
},
{
"db": "NVD",
"id": "CVE-2011-0592"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, related to \"Texture bmp,\" a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0593, CVE-2011-0595, and CVE-2011-0600. Adobe Reader and Acrobat Contains a vulnerability that allows arbitrary code execution. This vulnerability CVE-2011-0590 , CVE-2011-0591 , CVE-2011-0593 , CVE-2011-0595 and CVE-2011-0600 Is a different vulnerability.By a third party 3D An arbitrary code may be executed via the file. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the application\u0027s implementation of an image format supported by the Universal 3D compressed file format. When decoding the image data provided by the file, the application will one size for allocating space for the destination buffer and then trust the data when decompressing into that buffer. Due to the decompression being unbounded by the actual buffer size, a buffer overflow can be triggered leading to code execution under the context of the application. \n\nFor more information:\nSA43207\n\nSOLUTION:\nUpdated packages are available via Red Hat Network. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA43207\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43207/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nRELEASE DATE:\n2011-02-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43207/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43207/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader /\nAcrobat, which can be exploited by malicious, local users to gain\nescalated privileges and by malicious people to conduct cross-site\nscripting attacks and compromise a user\u0027s system. \n\n2) An unspecified error can be exploited to corrupt memory. \n\n3) An unspecified error related to file permissions in Windows-based\nversions can be exploited to gain escalated privileges. \n\n4) An unspecified error may allow code execution. \n\n5) An unspecified error when parsing images can be exploited to\ncorrupt memory. \n\n6) An error in AcroRd32.dll when parsing certain images can be\nexploited to corrupt memory. \n\n7) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n9) An unspecified error may allow code execution. \n\n10) A input validation error may allow code execution. \n\n11) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n13) An unspecified error can be exploited to corrupt memory. \n\n18) An input validation error when parsing fonts may allow code\nexecution. \n\n20) An error in 2d.dll when parsing height and width values of RLE_8\ncompressed BMP files can be exploited to cause a heap-based buffer\noverflow. \n\n21) An integer overflow in ACE.dll when parsing certain ICC data can\nbe exploited to cause a buffer overflow. \n\n22) A boundary error in rt3d.dll when parsing bits per pixel and\nnumber of colors if 4/8-bit RLE compressed BMP files can be exploited\nto cause a heap-based buffer overflow. \n\n23) An error in the U3D implementation when handling the Parent Node\ncount can be exploited to cause a buffer overflow. \n\n24) A boundary error when processing JPEG files embedded in a PDF\nfile can be exploited to corrupt heap memory. \n\n25) An unspecified error when parsing images may allow code\nexecution. \n\n26) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n27) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n28) A boundary error in rt3d.dll when parsing certain files can be\nexploited to cause a stack-based buffer overflow. \n\n29) An integer overflow in the U3D implementation when parsing a ILBM\ntexture file can be exploited to cause a buffer overflow. \n\n30) Some vulnerabilities are caused due to vulnerabilities in the\nbundled version of Adobe Flash Player. \n\nFor more information:\nSA43267\n\nThe vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1\nand prior, and 10.0 and prior. \n\nSOLUTION:\nUpdate to version 8.2.6, 9.4.2, or 10.0.1. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\n2) Bing Liu, Fortinet\u0027s FortiGuard Labs. \n6) Abdullah Ada via ZDI. \n8) Haifei Li, Fortinet\u0027s FortiGuard Labs. \n14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. \n21) Sebastian Apelt via ZDI. \n23) el via ZDI. \n14) Sean Larsson, iDefense Labs. \n28) An anonymous person via ZDI. \n\nThe vendor also credits:\n1) Mitja Kolsek, ACROS Security. \n3) Matthew Pun. \n4, 5, 18) Tavis Ormandy, Google Security Team. \n7) James Quirk. \n9) Brett Gervasoni, Sense of Security. \n10) Joe Schatz. \n11, 26) Billy Rios, Google Security Team. \n12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. \n13) CESG. \n25) Will Dormann, CERT. \n27) Marc Schoenefeld, Red Hat Security Response Team. \n\nORIGINAL ADVISORY:\nAdobe (APSB11-03)\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-02.html\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-065/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-066/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-067/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-068/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-069/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-070/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-071/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-072/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-073/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-074/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-075/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-077/\n\nFortiGuard Labs:\nhttp://www.fortiguard.com/advisory/FGA-2011-06.html\n\niDefense:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. Please\nreview the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.4.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-4091\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091\n[ 2 ] CVE-2011-0562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562\n[ 3 ] CVE-2011-0563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563\n[ 4 ] CVE-2011-0565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565\n[ 5 ] CVE-2011-0566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566\n[ 6 ] CVE-2011-0567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567\n[ 7 ] CVE-2011-0570\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570\n[ 8 ] CVE-2011-0585\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585\n[ 9 ] CVE-2011-0586\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586\n[ 10 ] CVE-2011-0587\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587\n[ 11 ] CVE-2011-0588\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588\n[ 12 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 13 ] CVE-2011-0590\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590\n[ 14 ] CVE-2011-0591\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591\n[ 15 ] CVE-2011-0592\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592\n[ 16 ] CVE-2011-0593\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593\n[ 17 ] CVE-2011-0594\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594\n[ 18 ] CVE-2011-0595\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595\n[ 19 ] CVE-2011-0596\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596\n[ 20 ] CVE-2011-0598\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598\n[ 21 ] CVE-2011-0599\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599\n[ 22 ] CVE-2011-0600\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600\n[ 23 ] CVE-2011-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602\n[ 24 ] CVE-2011-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603\n[ 25 ] CVE-2011-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604\n[ 26 ] CVE-2011-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605\n[ 27 ] CVE-2011-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606\n[ 28 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 29 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 30 ] CVE-2011-2135\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 31 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 32 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 33 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 34 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 35 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 36 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 37 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 38 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 39 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 40 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 41 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 42 ] CVE-2011-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431\n[ 43 ] CVE-2011-2432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432\n[ 44 ] CVE-2011-2433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433\n[ 45 ] CVE-2011-2434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434\n[ 46 ] CVE-2011-2435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435\n[ 47 ] CVE-2011-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436\n[ 48 ] CVE-2011-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437\n[ 49 ] CVE-2011-2438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438\n[ 50 ] CVE-2011-2439\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439\n[ 51 ] CVE-2011-2440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440\n[ 52 ] CVE-2011-2441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441\n[ 53 ] CVE-2011-2442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442\n[ 54 ] CVE-2011-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462\n[ 55 ] CVE-2011-4369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201201-19.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. \n\n-- Vendor Response:\nAdobe has issued an update to correct this vulnerability. More\ndetails can be found at:\n\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\n\n-- Disclosure Timeline:\n2010-09-29 - Vulnerability reported to vendor\n2011-02-08 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n * Peter Vreugdenhil ( http://vreugdenhilresearch.nl )\n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. TippingPoint does not re-sell the vulnerability details or any\nexploit code. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nFollow the ZDI on Twitter:\n\n http://twitter.com/thezdi\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0592"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001204"
},
{
"db": "ZDI",
"id": "ZDI-11-068"
},
{
"db": "BID",
"id": "46210"
},
{
"db": "VULHUB",
"id": "VHN-48537"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "98276"
}
],
"trust": 2.97
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-48537",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48537"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-0592",
"trust": 3.7
},
{
"db": "ZDI",
"id": "ZDI-11-068",
"trust": 2.3
},
{
"db": "BID",
"id": "46210",
"trust": 2.2
},
{
"db": "SECTRACK",
"id": "1025033",
"trust": 1.9
},
{
"db": "VUPEN",
"id": "ADV-2011-0337",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "43470",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2011-0492",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "43207",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001204",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-923",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201102-143",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "98276",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-48537",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99246",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-074",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-071",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-070",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-066",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-067",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-077",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-073",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-072",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-065",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-075",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-069",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98320",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109194",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-068"
},
{
"db": "VULHUB",
"id": "VHN-48537"
},
{
"db": "BID",
"id": "46210"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001204"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "98276"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-143"
},
{
"db": "NVD",
"id": "CVE-2011-0592"
}
]
},
"id": "VAR-201102-0064",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48537"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:09:25.475000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-03",
"trust": 1.5,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"title": "cpsid_89065",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/890/cpsid_89065.html"
},
{
"title": "RHSA-2011:0301",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2011-0301.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-068"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001204"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48537"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001204"
},
{
"db": "NVD",
"id": "CVE-2011-0592"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/46210"
},
{
"trust": 1.9,
"url": "http://www.securitytracker.com/id?1025033"
},
{
"trust": 1.9,
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"trust": 1.5,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-068/"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11819"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2011-0301.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/43470"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2011/0492"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0592"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2011/at110004.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0592"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/43207"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/vim/section_179/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/#comments"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-0301.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43470"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-066/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/#comments"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-065/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-072/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-073/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-069/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-075/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-070/"
},
{
"trust": 0.1,
"url": "http://www.fortiguard.com/advisory/fga-2011-06.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-077/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-067/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-071/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-074/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
},
{
"trust": 0.1,
"url": "http://vreugdenhilresearch.nl"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-068"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://twitter.com/thezdi"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-068"
},
{
"db": "VULHUB",
"id": "VHN-48537"
},
{
"db": "BID",
"id": "46210"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001204"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "98276"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-143"
},
{
"db": "NVD",
"id": "CVE-2011-0592"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-11-068"
},
{
"db": "VULHUB",
"id": "VHN-48537"
},
{
"db": "BID",
"id": "46210"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001204"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "98276"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-143"
},
{
"db": "NVD",
"id": "CVE-2011-0592"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-08T00:00:00",
"db": "ZDI",
"id": "ZDI-11-068"
},
{
"date": "2011-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-48537"
},
{
"date": "2011-02-08T00:00:00",
"db": "BID",
"id": "46210"
},
{
"date": "2011-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001204"
},
{
"date": "2011-03-14T11:37:12",
"db": "PACKETSTORM",
"id": "99246"
},
{
"date": "2011-02-09T03:30:01",
"db": "PACKETSTORM",
"id": "98320"
},
{
"date": "2012-01-31T00:07:37",
"db": "PACKETSTORM",
"id": "109194"
},
{
"date": "2011-02-08T22:28:21",
"db": "PACKETSTORM",
"id": "98276"
},
{
"date": "2011-02-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-143"
},
{
"date": "2011-02-10T18:00:58.503000",
"db": "NVD",
"id": "CVE-2011-0592"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-08T00:00:00",
"db": "ZDI",
"id": "ZDI-11-068"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-48537"
},
{
"date": "2015-03-19T09:11:00",
"db": "BID",
"id": "46210"
},
{
"date": "2011-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001204"
},
{
"date": "2011-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-143"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2011-0592"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "98276"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-143"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001204"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-143"
}
],
"trust": 0.6
}
}
var-201102-0065
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0595, and CVE-2011-0600. Adobe Reader and Acrobat Contains a vulnerability that allows arbitrary code execution. This vulnerability CVE-2011-0590 , CVE-2011-0591 , CVE-2011-0592 , CVE-2011-0595 and CVE-2011-0600 Is a different vulnerability.By a third party 3D An arbitrary code may be executed via the file. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the application's implementation of an image format supported by the Universal 3D compressed file format. When decoding the image data provided by the file, the application will use a supplied size for allocating space for the destination buffer and then trust the data when decompressing into that buffer. Due to the decompression being unbounded by the actual buffer size, a buffer overflow can be triggered leading to code execution under the context of the application.
-- Vendor Response: Adobe has issued an update to correct this vulnerability. More details can be found at:
http://www.adobe.com/support/security/bulletins/apsb11-03.html
-- Disclosure Timeline: 2010-09-29 - Vulnerability reported to vendor 2011-02-08 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by: * Peter Vreugdenhil ( http://vreugdenhilresearch.nl )
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
Follow the ZDI on Twitter:
http://twitter.com/thezdi
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ .
For more information: SA43207
SOLUTION: Updated packages are available via Red Hat Network. ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA43207
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43207/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
RELEASE DATE: 2011-02-09
DISCUSS ADVISORY: http://secunia.com/advisories/43207/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43207/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader / Acrobat, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks and compromise a user's system.
2) An unspecified error can be exploited to corrupt memory.
3) An unspecified error related to file permissions in Windows-based versions can be exploited to gain escalated privileges.
4) An unspecified error may allow code execution.
5) An unspecified error when parsing images can be exploited to corrupt memory.
6) An error in AcroRd32.dll when parsing certain images can be exploited to corrupt memory.
7) An unspecified error in the Macintosh-based versions may allow code execution.
9) An unspecified error may allow code execution.
10) A input validation error may allow code execution.
11) An input validation error can be exploited to conduct cross-site scripting attacks.
13) An unspecified error can be exploited to corrupt memory.
18) An input validation error when parsing fonts may allow code execution.
20) An error in 2d.dll when parsing height and width values of RLE_8 compressed BMP files can be exploited to cause a heap-based buffer overflow.
21) An integer overflow in ACE.dll when parsing certain ICC data can be exploited to cause a buffer overflow.
22) A boundary error in rt3d.dll when parsing bits per pixel and number of colors if 4/8-bit RLE compressed BMP files can be exploited to cause a heap-based buffer overflow.
23) An error in the U3D implementation when handling the Parent Node count can be exploited to cause a buffer overflow.
24) A boundary error when processing JPEG files embedded in a PDF file can be exploited to corrupt heap memory.
25) An unspecified error when parsing images may allow code execution.
26) An input validation error can be exploited to conduct cross-site scripting attacks.
27) An unspecified error in the Macintosh-based versions may allow code execution.
28) A boundary error in rt3d.dll when parsing certain files can be exploited to cause a stack-based buffer overflow.
29) An integer overflow in the U3D implementation when parsing a ILBM texture file can be exploited to cause a buffer overflow.
30) Some vulnerabilities are caused due to vulnerabilities in the bundled version of Adobe Flash Player.
For more information: SA43267
The vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1 and prior, and 10.0 and prior.
SOLUTION: Update to version 8.2.6, 9.4.2, or 10.0.1.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: 2) Bing Liu, Fortinet's FortiGuard Labs. 6) Abdullah Ada via ZDI. 8) Haifei Li, Fortinet's FortiGuard Labs. 14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. 21) Sebastian Apelt via ZDI. 23) el via ZDI. 14) Sean Larsson, iDefense Labs. 28) An anonymous person via ZDI.
The vendor also credits: 1) Mitja Kolsek, ACROS Security. 3) Matthew Pun. 4, 5, 18) Tavis Ormandy, Google Security Team. 7) James Quirk. 9) Brett Gervasoni, Sense of Security. 10) Joe Schatz. 11, 26) Billy Rios, Google Security Team. 12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. 13) CESG. 25) Will Dormann, CERT. 27) Marc Schoenefeld, Red Hat Security Response Team.
ORIGINAL ADVISORY: Adobe (APSB11-03) http://www.adobe.com/support/security/bulletins/apsb11-03.html http://www.adobe.com/support/security/bulletins/apsb11-02.html
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-065/ http://www.zerodayinitiative.com/advisories/ZDI-11-066/ http://www.zerodayinitiative.com/advisories/ZDI-11-067/ http://www.zerodayinitiative.com/advisories/ZDI-11-068/ http://www.zerodayinitiative.com/advisories/ZDI-11-069/ http://www.zerodayinitiative.com/advisories/ZDI-11-070/ http://www.zerodayinitiative.com/advisories/ZDI-11-071/ http://www.zerodayinitiative.com/advisories/ZDI-11-072/ http://www.zerodayinitiative.com/advisories/ZDI-11-073/ http://www.zerodayinitiative.com/advisories/ZDI-11-074/ http://www.zerodayinitiative.com/advisories/ZDI-11-075/ http://www.zerodayinitiative.com/advisories/ZDI-11-077/
FortiGuard Labs: http://www.fortiguard.com/advisory/FGA-2011-06.html
iDefense: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.7"
References
[ 1 ] CVE-2010-4091 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091 [ 2 ] CVE-2011-0562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562 [ 3 ] CVE-2011-0563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563 [ 4 ] CVE-2011-0565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565 [ 5 ] CVE-2011-0566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566 [ 6 ] CVE-2011-0567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567 [ 7 ] CVE-2011-0570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570 [ 8 ] CVE-2011-0585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585 [ 9 ] CVE-2011-0586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586 [ 10 ] CVE-2011-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587 [ 11 ] CVE-2011-0588 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588 [ 12 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 13 ] CVE-2011-0590 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590 [ 14 ] CVE-2011-0591 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591 [ 15 ] CVE-2011-0592 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592 [ 16 ] CVE-2011-0593 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593 [ 17 ] CVE-2011-0594 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594 [ 18 ] CVE-2011-0595 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595 [ 19 ] CVE-2011-0596 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596 [ 20 ] CVE-2011-0598 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598 [ 21 ] CVE-2011-0599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599 [ 22 ] CVE-2011-0600 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600 [ 23 ] CVE-2011-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602 [ 24 ] CVE-2011-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603 [ 25 ] CVE-2011-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604 [ 26 ] CVE-2011-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605 [ 27 ] CVE-2011-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606 [ 28 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 29 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 30 ] CVE-2011-2135 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 31 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 32 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 33 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 34 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 35 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 36 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 37 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 38 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 39 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 40 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 41 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 42 ] CVE-2011-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431 [ 43 ] CVE-2011-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432 [ 44 ] CVE-2011-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433 [ 45 ] CVE-2011-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434 [ 46 ] CVE-2011-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435 [ 47 ] CVE-2011-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436 [ 48 ] CVE-2011-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437 [ 49 ] CVE-2011-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438 [ 50 ] CVE-2011-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439 [ 51 ] CVE-2011-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440 [ 52 ] CVE-2011-2441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441 [ 53 ] CVE-2011-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442 [ 54 ] CVE-2011-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462 [ 55 ] CVE-2011-4369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201201-19.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0065",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat professional extended",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-069"
},
{
"db": "BID",
"id": "46211"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001205"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-142"
},
{
"db": "NVD",
"id": "CVE-2011-0593"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_server_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_workstation_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001205"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Peter Vreugdenhil through TippingPoint\u0027s Zero Day Initiative",
"sources": [
{
"db": "BID",
"id": "46211"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-142"
}
],
"trust": 0.9
},
"cve": "CVE-2011-0593",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2011-0593",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2011-0593",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-48538",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-0593",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-0593",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2011-0593",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-142",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-48538",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-069"
},
{
"db": "VULHUB",
"id": "VHN-48538"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001205"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-142"
},
{
"db": "NVD",
"id": "CVE-2011-0593"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0595, and CVE-2011-0600. Adobe Reader and Acrobat Contains a vulnerability that allows arbitrary code execution. This vulnerability CVE-2011-0590 , CVE-2011-0591 , CVE-2011-0592 , CVE-2011-0595 and CVE-2011-0600 Is a different vulnerability.By a third party 3D An arbitrary code may be executed via the file. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the application\u0027s implementation of an image format supported by the Universal 3D compressed file format. When decoding the image data provided by the file, the application will use a supplied size for allocating space for the destination buffer and then trust the data when decompressing into that buffer. Due to the decompression being unbounded by the actual buffer size, a buffer overflow can be triggered leading to code execution under the context of the application. \n\n-- Vendor Response:\nAdobe has issued an update to correct this vulnerability. More\ndetails can be found at:\n\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\n\n-- Disclosure Timeline:\n2010-09-29 - Vulnerability reported to vendor\n2011-02-08 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n * Peter Vreugdenhil ( http://vreugdenhilresearch.nl )\n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. TippingPoint does not re-sell the vulnerability details or any\nexploit code. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nFollow the ZDI on Twitter:\n\n http://twitter.com/thezdi\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. \n\nFor more information:\nSA43207\n\nSOLUTION:\nUpdated packages are available via Red Hat Network. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA43207\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43207/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nRELEASE DATE:\n2011-02-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43207/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43207/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader /\nAcrobat, which can be exploited by malicious, local users to gain\nescalated privileges and by malicious people to conduct cross-site\nscripting attacks and compromise a user\u0027s system. \n\n2) An unspecified error can be exploited to corrupt memory. \n\n3) An unspecified error related to file permissions in Windows-based\nversions can be exploited to gain escalated privileges. \n\n4) An unspecified error may allow code execution. \n\n5) An unspecified error when parsing images can be exploited to\ncorrupt memory. \n\n6) An error in AcroRd32.dll when parsing certain images can be\nexploited to corrupt memory. \n\n7) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n9) An unspecified error may allow code execution. \n\n10) A input validation error may allow code execution. \n\n11) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n13) An unspecified error can be exploited to corrupt memory. \n\n18) An input validation error when parsing fonts may allow code\nexecution. \n\n20) An error in 2d.dll when parsing height and width values of RLE_8\ncompressed BMP files can be exploited to cause a heap-based buffer\noverflow. \n\n21) An integer overflow in ACE.dll when parsing certain ICC data can\nbe exploited to cause a buffer overflow. \n\n22) A boundary error in rt3d.dll when parsing bits per pixel and\nnumber of colors if 4/8-bit RLE compressed BMP files can be exploited\nto cause a heap-based buffer overflow. \n\n23) An error in the U3D implementation when handling the Parent Node\ncount can be exploited to cause a buffer overflow. \n\n24) A boundary error when processing JPEG files embedded in a PDF\nfile can be exploited to corrupt heap memory. \n\n25) An unspecified error when parsing images may allow code\nexecution. \n\n26) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n27) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n28) A boundary error in rt3d.dll when parsing certain files can be\nexploited to cause a stack-based buffer overflow. \n\n29) An integer overflow in the U3D implementation when parsing a ILBM\ntexture file can be exploited to cause a buffer overflow. \n\n30) Some vulnerabilities are caused due to vulnerabilities in the\nbundled version of Adobe Flash Player. \n\nFor more information:\nSA43267\n\nThe vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1\nand prior, and 10.0 and prior. \n\nSOLUTION:\nUpdate to version 8.2.6, 9.4.2, or 10.0.1. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\n2) Bing Liu, Fortinet\u0027s FortiGuard Labs. \n6) Abdullah Ada via ZDI. \n8) Haifei Li, Fortinet\u0027s FortiGuard Labs. \n14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. \n21) Sebastian Apelt via ZDI. \n23) el via ZDI. \n14) Sean Larsson, iDefense Labs. \n28) An anonymous person via ZDI. \n\nThe vendor also credits:\n1) Mitja Kolsek, ACROS Security. \n3) Matthew Pun. \n4, 5, 18) Tavis Ormandy, Google Security Team. \n7) James Quirk. \n9) Brett Gervasoni, Sense of Security. \n10) Joe Schatz. \n11, 26) Billy Rios, Google Security Team. \n12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. \n13) CESG. \n25) Will Dormann, CERT. \n27) Marc Schoenefeld, Red Hat Security Response Team. \n\nORIGINAL ADVISORY:\nAdobe (APSB11-03)\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-02.html\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-065/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-066/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-067/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-068/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-069/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-070/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-071/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-072/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-073/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-074/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-075/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-077/\n\nFortiGuard Labs:\nhttp://www.fortiguard.com/advisory/FGA-2011-06.html\n\niDefense:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. Please\nreview the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.4.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-4091\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091\n[ 2 ] CVE-2011-0562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562\n[ 3 ] CVE-2011-0563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563\n[ 4 ] CVE-2011-0565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565\n[ 5 ] CVE-2011-0566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566\n[ 6 ] CVE-2011-0567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567\n[ 7 ] CVE-2011-0570\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570\n[ 8 ] CVE-2011-0585\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585\n[ 9 ] CVE-2011-0586\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586\n[ 10 ] CVE-2011-0587\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587\n[ 11 ] CVE-2011-0588\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588\n[ 12 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 13 ] CVE-2011-0590\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590\n[ 14 ] CVE-2011-0591\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591\n[ 15 ] CVE-2011-0592\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592\n[ 16 ] CVE-2011-0593\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593\n[ 17 ] CVE-2011-0594\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594\n[ 18 ] CVE-2011-0595\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595\n[ 19 ] CVE-2011-0596\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596\n[ 20 ] CVE-2011-0598\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598\n[ 21 ] CVE-2011-0599\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599\n[ 22 ] CVE-2011-0600\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600\n[ 23 ] CVE-2011-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602\n[ 24 ] CVE-2011-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603\n[ 25 ] CVE-2011-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604\n[ 26 ] CVE-2011-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605\n[ 27 ] CVE-2011-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606\n[ 28 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 29 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 30 ] CVE-2011-2135\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 31 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 32 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 33 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 34 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 35 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 36 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 37 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 38 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 39 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 40 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 41 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 42 ] CVE-2011-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431\n[ 43 ] CVE-2011-2432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432\n[ 44 ] CVE-2011-2433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433\n[ 45 ] CVE-2011-2434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434\n[ 46 ] CVE-2011-2435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435\n[ 47 ] CVE-2011-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436\n[ 48 ] CVE-2011-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437\n[ 49 ] CVE-2011-2438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438\n[ 50 ] CVE-2011-2439\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439\n[ 51 ] CVE-2011-2440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440\n[ 52 ] CVE-2011-2441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441\n[ 53 ] CVE-2011-2442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442\n[ 54 ] CVE-2011-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462\n[ 55 ] CVE-2011-4369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201201-19.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0593"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001205"
},
{
"db": "ZDI",
"id": "ZDI-11-069"
},
{
"db": "BID",
"id": "46211"
},
{
"db": "VULHUB",
"id": "VHN-48538"
},
{
"db": "PACKETSTORM",
"id": "98277"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
}
],
"trust": 2.97
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-48538",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48538"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-0593",
"trust": 3.7
},
{
"db": "ZDI",
"id": "ZDI-11-069",
"trust": 2.3
},
{
"db": "BID",
"id": "46211",
"trust": 2.2
},
{
"db": "SECTRACK",
"id": "1025033",
"trust": 1.9
},
{
"db": "VUPEN",
"id": "ADV-2011-0337",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "43470",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2011-0492",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "43207",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001205",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-948",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201102-142",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "98277",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-48538",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99246",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-074",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-071",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-070",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-066",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-067",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-077",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-073",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-072",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-065",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-068",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-075",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98320",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109194",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-069"
},
{
"db": "VULHUB",
"id": "VHN-48538"
},
{
"db": "BID",
"id": "46211"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001205"
},
{
"db": "PACKETSTORM",
"id": "98277"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-142"
},
{
"db": "NVD",
"id": "CVE-2011-0593"
}
]
},
"id": "VAR-201102-0065",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48538"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:15:39.795000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-03",
"trust": 1.5,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"title": "cpsid_89065",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/890/cpsid_89065.html"
},
{
"title": "RHSA-2011:0301",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2011-0301.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-069"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001205"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48538"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001205"
},
{
"db": "NVD",
"id": "CVE-2011-0593"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/46211"
},
{
"trust": 1.9,
"url": "http://www.securitytracker.com/id?1025033"
},
{
"trust": 1.9,
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"trust": 1.5,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-069/"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12258"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2011-0301.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/43470"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2011/0492"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0593"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2011/at110004.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0593"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/43207"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/vim/section_179/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-069"
},
{
"trust": 0.1,
"url": "http://vreugdenhilresearch.nl"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://twitter.com/thezdi"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/#comments"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-0301.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43470"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-066/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-068/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/#comments"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-065/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-072/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-073/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-075/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-070/"
},
{
"trust": 0.1,
"url": "http://www.fortiguard.com/advisory/fga-2011-06.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-077/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-067/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-071/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-074/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-069"
},
{
"db": "VULHUB",
"id": "VHN-48538"
},
{
"db": "BID",
"id": "46211"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001205"
},
{
"db": "PACKETSTORM",
"id": "98277"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-142"
},
{
"db": "NVD",
"id": "CVE-2011-0593"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-11-069"
},
{
"db": "VULHUB",
"id": "VHN-48538"
},
{
"db": "BID",
"id": "46211"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001205"
},
{
"db": "PACKETSTORM",
"id": "98277"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-142"
},
{
"db": "NVD",
"id": "CVE-2011-0593"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-08T00:00:00",
"db": "ZDI",
"id": "ZDI-11-069"
},
{
"date": "2011-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-48538"
},
{
"date": "2011-02-08T00:00:00",
"db": "BID",
"id": "46211"
},
{
"date": "2011-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001205"
},
{
"date": "2011-02-08T22:28:31",
"db": "PACKETSTORM",
"id": "98277"
},
{
"date": "2011-03-14T11:37:12",
"db": "PACKETSTORM",
"id": "99246"
},
{
"date": "2011-02-09T03:30:01",
"db": "PACKETSTORM",
"id": "98320"
},
{
"date": "2012-01-31T00:07:37",
"db": "PACKETSTORM",
"id": "109194"
},
{
"date": "2011-02-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-142"
},
{
"date": "2011-02-10T18:00:58.537000",
"db": "NVD",
"id": "CVE-2011-0593"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-08T00:00:00",
"db": "ZDI",
"id": "ZDI-11-069"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-48538"
},
{
"date": "2015-03-19T08:22:00",
"db": "BID",
"id": "46211"
},
{
"date": "2011-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001205"
},
{
"date": "2011-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-142"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2011-0593"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "98277"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-142"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001205"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-142"
}
],
"trust": 0.6
}
}
var-201601-0602
Vulnerability from variot
Use-after-free vulnerability in the Search object implementation in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0932, CVE-2016-0934, CVE-2016-0937, and CVE-2016-0940. This vulnerability CVE-2016-0932 , CVE-2016-0934 , CVE-2016-0937 ,and CVE-2016-0940 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the Search object. By calling the query method while Adobe Acrobat Reader DC is saving a global variable, an attacker can force a dangling pointer to be reused after it has been freed. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A use-after-free vulnerability exists in the Search object implementation of several Adobe products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201601-0602",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.14 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30119 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20056 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30119 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20056 (windows/macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.14 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-010"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001043"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-241"
},
{
"db": "NVD",
"id": "CVE-2016-0941"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001043"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri and Jasiel Spelman - HPE Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-010"
}
],
"trust": 0.7
},
"cve": "CVE-2016-0941",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0941",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 2.5,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-88451",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2016-0941",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-0941",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-0941",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2016-0941",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-241",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-88451",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-010"
},
{
"db": "VULHUB",
"id": "VHN-88451"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001043"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-241"
},
{
"db": "NVD",
"id": "CVE-2016-0941"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in the Search object implementation in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0932, CVE-2016-0934, CVE-2016-0937, and CVE-2016-0940. This vulnerability CVE-2016-0932 , CVE-2016-0934 , CVE-2016-0937 ,and CVE-2016-0940 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the Search object. By calling the query method while Adobe Acrobat Reader DC is saving a global variable, an attacker can force a dangling pointer to be reused after it has been freed. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A use-after-free vulnerability exists in the Search object implementation of several Adobe products",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0941"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001043"
},
{
"db": "ZDI",
"id": "ZDI-16-010"
},
{
"db": "BID",
"id": "80358"
},
{
"db": "VULHUB",
"id": "VHN-88451"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0941",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-16-010",
"trust": 2.7
},
{
"db": "SECTRACK",
"id": "1034646",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001043",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3336",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201601-241",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-011",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-008",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-016",
"trust": 0.3
},
{
"db": "BID",
"id": "80358",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-88451",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-010"
},
{
"db": "VULHUB",
"id": "VHN-88451"
},
{
"db": "BID",
"id": "80358"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001043"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-241"
},
{
"db": "NVD",
"id": "CVE-2016-0941"
}
]
},
"id": "VAR-201601-0602",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88451"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:32:57.822000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-02",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
},
{
"title": "APSB16-02",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb16-02.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160114.html"
},
{
"title": "Multiple Adobe Remediation measures for reusing vulnerabilities after product release",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59588"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-010"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001043"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-241"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001043"
},
{
"db": "NVD",
"id": "CVE-2016-0941"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
},
{
"trust": 1.7,
"url": "http://zerodayinitiative.com/advisories/zdi-16-010"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1034646"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0941"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160113-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160003.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0941"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17575"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "https://helpx.adobe.com/security/products/reader/apsb16-02.html"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-008/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-010/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-011/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-016/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-010"
},
{
"db": "VULHUB",
"id": "VHN-88451"
},
{
"db": "BID",
"id": "80358"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001043"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-241"
},
{
"db": "NVD",
"id": "CVE-2016-0941"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-16-010"
},
{
"db": "VULHUB",
"id": "VHN-88451"
},
{
"db": "BID",
"id": "80358"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001043"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-241"
},
{
"db": "NVD",
"id": "CVE-2016-0941"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-12T00:00:00",
"db": "ZDI",
"id": "ZDI-16-010"
},
{
"date": "2016-01-14T00:00:00",
"db": "VULHUB",
"id": "VHN-88451"
},
{
"date": "2016-01-12T00:00:00",
"db": "BID",
"id": "80358"
},
{
"date": "2016-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001043"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-241"
},
{
"date": "2016-01-14T05:59:10.157000",
"db": "NVD",
"id": "CVE-2016-0941"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-12T00:00:00",
"db": "ZDI",
"id": "ZDI-16-010"
},
{
"date": "2016-12-07T00:00:00",
"db": "VULHUB",
"id": "VHN-88451"
},
{
"date": "2016-01-14T23:58:00",
"db": "BID",
"id": "80358"
},
{
"date": "2016-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001043"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-241"
},
{
"date": "2016-12-07T23:43:21.453000",
"db": "NVD",
"id": "CVE-2016-0941"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-241"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of Search Vulnerability in arbitrary code execution in object implementation",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001043"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-241"
}
],
"trust": 0.6
}
}
var-201001-0021
Vulnerability from variot
Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow attackers to cause a denial of service (NULL pointer dereference) via unspecified vectors. The Doc.media.newPlayer method in Adobe Acrobat and Reader contains a use-after-free vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Adobe Reader and Acrobat are prone to a denial-of-service vulnerability. Successfully exploiting this issue may allow attackers to crash the affected applications, denying service to legitimate users. NOTE: This issue was previously covered in BID 37667 (Adobe Acrobat and Reader January 2010 Multiple Remote Vulnerabilities), but has been given its own record to better document it. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability intelligence source on the market.
Implement it through Secunia.
For more information visit: http://secunia.com/advisories/business_solutions/
Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com
TITLE: Adobe Reader/Acrobat Code Execution Vulnerability
SECUNIA ADVISORY ID: SA37690
VERIFY ADVISORY: http://secunia.com/advisories/37690/
DESCRIPTION: A vulnerability has been reported in Adobe Reader and Acrobat, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an unspecified error and can be exploited to execute arbitrary code.
The vulnerability is reported in versions 9.2 and prior.
SOLUTION: Do not open untrusted PDF files.
Do not visit untrusted websites or follow untrusted links.
PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day.
ORIGINAL ADVISORY: http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA10-013A
Adobe Reader and Acrobat Vulnerabilities
Original release date: Last revised: -- Source: US-CERT
Systems Affected
* Adobe Reader and Acrobat 9.2 and earlier 9.x versions
* Adobe Reader and Acrobat 8.1.7 and earlier 8.x versions
Overview
Adobe has released Security bulletin APSB10-02, which describes multiple vulnerabilities affecting Adobe Reader and Acrobat.
I. These vulnerabilities affect Reader 9.2 and earlier 9.x versions and 8.1.7 and earlier 8.x versions. Further details are available in the US-CERT Vulnerability Notes Database.
An attacker could exploit these vulnerabilities by convincing a user to open a specially crafted PDF file. The Adobe Reader browser plug-in is available for multiple web browsers and operating systems, which can automatically open PDF documents hosted on a website.
Some of these vulnerabilities are being actively exploited.
II.
III. Solution
Update
Adobe has released updates to address this issue. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; un-check Enable Acrobat JavaScript).
Prevent Internet Explorer from automatically opening PDF documents
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7] "EditFlags"=hex:00,00,00,00
Disable the display of PDF documents in the web browser
Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied it may also mitigate future vulnerabilities.
To prevent PDF documents from automatically being opened in a web browser, do the following:
- Open the Edit menu.
- Choose the preferences option.
- Choose the Internet section.
- Un-check the "Display PDF in browser" check box.
Do not access PDF documents from untrusted sources
Do not open unfamiliar or unexpected PDF documents, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. References
-
Adobe Security Bulletin APSB10-02 - http://www.adobe.com/support/security/bulletins/apsb10-02.html
-
Vulnerability Note VU#508357 - https://www.kb.cert.org/vuls/id/508357
-
Vulnerability Note VU#773545 - https://www.kb.cert.org/vuls/id/773545
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA10-013A.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA10-013A Feedback VU#508357" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
January 13, 2010: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBS0402NucaIvSvh1ZAQJ3NQf+IbEop63x4l0P2ns/qPIVL3XaBd6xx11n +8eqQk0+ZtpmrPb03UjWaeh1tkNu98R4sMWZQENOWVbbeYLzAKLHPNf48ewqvzbl UvmW/kLxdu88Ux1BPNpJahX3zZgGqIswYSlGyIhlkpiLhUVrzfssykwyYbGZvGVn so9Euz4/1ZThOgAFoGY8xsqXVZ45lcS6YY2ACkl84r6BBcayzVtIsvfxKDfNMvfP bxjrXNqoLB/9n6x150uo2iF1dtB6uj/V+GVRFZa/X6lySTp/R+InBK8mpsxWMPB4 /la9+twnIB5cPHpNq1WVPhxbElsM3JCAndKEiLLTencMYPLc4i1cLQ== =KC5F -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201001-0021",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "4.0.5c"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "4.0.5a"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "5.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "4.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "3.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "5.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "3.02"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "4.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "4.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "3.01"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "3.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5a"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5c"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "networks callpilot 600r",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "linux enterprise sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "networks callpilot 1002rp",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "linux enterprise sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "networks self-service mps",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "10000"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "networks self-service mps",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "5000"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "networks callpilot 1005r",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "networks self-service peri application",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "networks self-service media processing server",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "networks self-service speech server",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "networks callpilot 703t",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "networks callpilot 201i",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "networks callpilot 200i",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#773545"
},
{
"db": "CERT/CC",
"id": "VU#508357"
},
{
"db": "BID",
"id": "37760"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001018"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-091"
},
{
"db": "NVD",
"id": "CVE-2009-3957"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001018"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Didier Stevens",
"sources": [
{
"db": "BID",
"id": "37760"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-091"
}
],
"trust": 0.9
},
"cve": "CVE-2009-3957",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2009-3957",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-41403",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2009-3957",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#773545",
"trust": 0.8,
"value": "3.65"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#508357",
"trust": 0.8,
"value": "65.84"
},
{
"author": "NVD",
"id": "CVE-2009-3957",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201001-091",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-41403",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#773545"
},
{
"db": "CERT/CC",
"id": "VU#508357"
},
{
"db": "VULHUB",
"id": "VHN-41403"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001018"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-091"
},
{
"db": "NVD",
"id": "CVE-2009-3957"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow attackers to cause a denial of service (NULL pointer dereference) via unspecified vectors. The Doc.media.newPlayer method in Adobe Acrobat and Reader contains a use-after-free vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Adobe Reader and Acrobat are prone to a denial-of-service vulnerability. \nSuccessfully exploiting this issue may allow attackers to crash the affected applications, denying service to legitimate users. \nNOTE: This issue was previously covered in BID 37667 (Adobe Acrobat and Reader January 2010 Multiple Remote Vulnerabilities), but has been given its own record to better document it. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management) \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nFor more information visit:\nhttp://secunia.com/advisories/business_solutions/\n\nAlternatively request a call from a Secunia representative today to\ndiscuss how we can help you with our capabilities contact us at:\nsales@secunia.com\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader/Acrobat Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA37690\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/37690/\n\nDESCRIPTION:\nA vulnerability has been reported in Adobe Reader and Acrobat, which\ncan be exploited by malicious people to compromise a user\u0027s system. \n\nThe vulnerability is caused due to an unspecified error and can be\nexploited to execute arbitrary code. \n\nThe vulnerability is reported in versions 9.2 and prior. \n\nSOLUTION:\nDo not open untrusted PDF files. \n\nDo not visit untrusted websites or follow untrusted links. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported as a 0-day. \n\nORIGINAL ADVISORY:\nhttp://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n National Cyber Alert System\n\n Technical Cyber Security Alert TA10-013A\n\n\nAdobe Reader and Acrobat Vulnerabilities\n\n Original release date: \n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n * Adobe Reader and Acrobat 9.2 and earlier 9.x versions\n * Adobe Reader and Acrobat 8.1.7 and earlier 8.x versions\n\n\nOverview\n\n Adobe has released Security bulletin APSB10-02, which describes\n multiple vulnerabilities affecting Adobe Reader and Acrobat. \n\n\nI. These\n vulnerabilities affect Reader 9.2 and earlier 9.x versions and\n 8.1.7 and earlier 8.x versions. Further details are available in\n the US-CERT Vulnerability Notes Database. \n \n An attacker could exploit these vulnerabilities by convincing a\n user to open a specially crafted PDF file. The Adobe Reader browser\n plug-in is available for multiple web browsers and operating\n systems, which can automatically open PDF documents hosted on a\n website. \n \n Some of these vulnerabilities are being actively exploited. \n\n\nII. \n\n\nIII. Solution\n\n Update\n \n Adobe has released updates to address this issue. Acrobat JavaScript can be disabled using the\n Preferences menu (Edit -\u003e Preferences -\u003e JavaScript; un-check\n Enable Acrobat JavaScript). \n \n Prevent Internet Explorer from automatically opening PDF documents\n \n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n \n Windows Registry Editor Version 5.00\n \n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n \n Disable the display of PDF documents in the web browser\n \n Preventing PDF documents from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied it may also mitigate future vulnerabilities. \n \n To prevent PDF documents from automatically being opened in a web\n browser, do the following:\n \n 1. \n 2. Open the Edit menu. \n 3. Choose the preferences option. \n 4. Choose the Internet section. \n 5. Un-check the \"Display PDF in browser\" check box. \n \n Do not access PDF documents from untrusted sources\n \n Do not open unfamiliar or unexpected PDF documents, particularly\n those hosted on websites or delivered as email attachments. Please\n see Cyber Security Tip ST04-010. \n\n\nIV. References\n\n * Adobe Security Bulletin APSB10-02 -\n \u003chttp://www.adobe.com/support/security/bulletins/apsb10-02.html\u003e\n\n * Vulnerability Note VU#508357 -\n \u003chttps://www.kb.cert.org/vuls/id/508357\u003e\n\n * Vulnerability Note VU#773545 -\n \u003chttps://www.kb.cert.org/vuls/id/773545\u003e\n\n ____________________________________________________________________\n\n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA10-013A.html\u003e\n ____________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-013A Feedback VU#508357\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n \n January 13, 2010: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBS0402NucaIvSvh1ZAQJ3NQf+IbEop63x4l0P2ns/qPIVL3XaBd6xx11n\n+8eqQk0+ZtpmrPb03UjWaeh1tkNu98R4sMWZQENOWVbbeYLzAKLHPNf48ewqvzbl\nUvmW/kLxdu88Ux1BPNpJahX3zZgGqIswYSlGyIhlkpiLhUVrzfssykwyYbGZvGVn\nso9Euz4/1ZThOgAFoGY8xsqXVZ45lcS6YY2ACkl84r6BBcayzVtIsvfxKDfNMvfP\nbxjrXNqoLB/9n6x150uo2iF1dtB6uj/V+GVRFZa/X6lySTp/R+InBK8mpsxWMPB4\n/la9+twnIB5cPHpNq1WVPhxbElsM3JCAndKEiLLTencMYPLc4i1cLQ==\n=KC5F\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-3957"
},
{
"db": "CERT/CC",
"id": "VU#773545"
},
{
"db": "CERT/CC",
"id": "VU#508357"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001018"
},
{
"db": "BID",
"id": "37760"
},
{
"db": "VULHUB",
"id": "VHN-41403"
},
{
"db": "PACKETSTORM",
"id": "83870"
},
{
"db": "PACKETSTORM",
"id": "85057"
},
{
"db": "PACKETSTORM",
"id": "85087"
}
],
"trust": 3.69
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-3957",
"trust": 2.8
},
{
"db": "USCERT",
"id": "TA10-013A",
"trust": 2.6
},
{
"db": "VUPEN",
"id": "ADV-2010-0103",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1023446",
"trust": 2.5
},
{
"db": "BID",
"id": "37760",
"trust": 2.2
},
{
"db": "CERT/CC",
"id": "VU#773545",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "37690",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#508357",
"trust": 0.9
},
{
"db": "OSVDB",
"id": "60980",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA10-013A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001018",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201001-091",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "14336",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "TA10-013A",
"trust": 0.6
},
{
"db": "SUSE",
"id": "SUSE-SA:2010:008",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "38131",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-41403",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83870",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "85057",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "85087",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#773545"
},
{
"db": "CERT/CC",
"id": "VU#508357"
},
{
"db": "VULHUB",
"id": "VHN-41403"
},
{
"db": "BID",
"id": "37760"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001018"
},
{
"db": "PACKETSTORM",
"id": "83870"
},
{
"db": "PACKETSTORM",
"id": "85057"
},
{
"db": "PACKETSTORM",
"id": "85087"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-091"
},
{
"db": "NVD",
"id": "CVE-2009-3957"
}
]
},
"id": "VAR-201001-0021",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-41403"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:02:05.312000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-02",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"title": "APSB10-02",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-02.html"
},
{
"title": "TA10-013A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-013a.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001018"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001018"
},
{
"db": "NVD",
"id": "CVE-2009-3957"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-013a.html"
},
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id?1023446"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2010/0103"
},
{
"trust": 2.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/37760"
},
{
"trust": 1.7,
"url": "http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7975"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55555"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/37690/"
},
{
"trust": 0.8,
"url": "about vulnerability notes"
},
{
"trust": 0.8,
"url": "contact us about this vulnerability"
},
{
"trust": 0.8,
"url": "provide a vendor statement"
},
{
"trust": 0.8,
"url": "http://www.adobe.com/support/security/advisories/apsa09-07.html"
},
{
"trust": 0.8,
"url": "http://kb2.adobe.com/cps/532/cpsid_53237.html"
},
{
"trust": 0.8,
"url": "http://osvdb.org/show/osvdb/60980"
},
{
"trust": 0.8,
"url": "http://www.symantec.com/connect/blogs/zero-day-xmas-present"
},
{
"trust": 0.8,
"url": "http://voices.washingtonpost.com/securityfix/2009/12/hackers_target_unpatched_adobe.html"
},
{
"trust": 0.8,
"url": "http://vrt-sourcefire.blogspot.com/2009/12/this-is-what-happens-when-you-try-to-do.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3957"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20100113-adobe.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2010/at100003.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-013a/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-03/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-3957"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-013a.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/index.html#topics"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/14336"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026id=991610"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/773545"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/38131/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html\u003e"
},
{
"trust": 0.1,
"url": "https://www.kb.cert.org/vuls/id/773545\u003e"
},
{
"trust": 0.1,
"url": "https://www.kb.cert.org/vuls/id/508357\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-013a.html\u003e"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#773545"
},
{
"db": "CERT/CC",
"id": "VU#508357"
},
{
"db": "VULHUB",
"id": "VHN-41403"
},
{
"db": "BID",
"id": "37760"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001018"
},
{
"db": "PACKETSTORM",
"id": "83870"
},
{
"db": "PACKETSTORM",
"id": "85057"
},
{
"db": "PACKETSTORM",
"id": "85087"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-091"
},
{
"db": "NVD",
"id": "CVE-2009-3957"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#773545"
},
{
"db": "CERT/CC",
"id": "VU#508357"
},
{
"db": "VULHUB",
"id": "VHN-41403"
},
{
"db": "BID",
"id": "37760"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001018"
},
{
"db": "PACKETSTORM",
"id": "83870"
},
{
"db": "PACKETSTORM",
"id": "85057"
},
{
"db": "PACKETSTORM",
"id": "85087"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-091"
},
{
"db": "NVD",
"id": "CVE-2009-3957"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-01-13T00:00:00",
"db": "CERT/CC",
"id": "VU#773545"
},
{
"date": "2009-12-15T00:00:00",
"db": "CERT/CC",
"id": "VU#508357"
},
{
"date": "2010-01-13T00:00:00",
"db": "VULHUB",
"id": "VHN-41403"
},
{
"date": "2010-01-12T00:00:00",
"db": "BID",
"id": "37760"
},
{
"date": "2010-02-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001018"
},
{
"date": "2009-12-15T13:39:57",
"db": "PACKETSTORM",
"id": "83870"
},
{
"date": "2010-01-13T17:35:06",
"db": "PACKETSTORM",
"id": "85057"
},
{
"date": "2010-01-14T02:46:00",
"db": "PACKETSTORM",
"id": "85087"
},
{
"date": "2010-01-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201001-091"
},
{
"date": "2010-01-13T19:30:00.530000",
"db": "NVD",
"id": "CVE-2009-3957"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-01-13T00:00:00",
"db": "CERT/CC",
"id": "VU#773545"
},
{
"date": "2010-06-18T00:00:00",
"db": "CERT/CC",
"id": "VU#508357"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-41403"
},
{
"date": "2010-02-01T21:22:00",
"db": "BID",
"id": "37760"
},
{
"date": "2010-02-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001018"
},
{
"date": "2010-01-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201001-091"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2009-3957"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201001-091"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NOS Microsystems Adobe getPlus Helper ActiveX control stack buffer overflows",
"sources": [
{
"db": "CERT/CC",
"id": "VU#773545"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201001-091"
}
],
"trust": 0.6
}
}
var-201608-0295
Vulnerability from variot
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4267, CVE-2016-4268, CVE-2016-4269, and CVE-2016-4270. This vulnerability CVE-2016-4191 , CVE-2016-4192 , CVE-2016-4193 , CVE-2016-4194 , CVE-2016-4195 , CVE-2016-4196 , CVE-2016-4197 , CVE-2016-4198 , CVE-2016-4199 , CVE-2016-4200 , CVE-2016-4201 , CVE-2016-4202 , CVE-2016-4203 , CVE-2016-4204 , CVE-2016-4205 , CVE-2016-4206 , CVE-2016-4207 , CVE-2016-4208 , CVE-2016-4211 , CVE-2016-4212 , CVE-2016-4213 , CVE-2016-4214 , CVE-2016-4250 , CVE-2016-4251 , CVE-2016-4252 , CVE-2016-4254 , CVE-2016-4265 , CVE-2016-4267 , CVE-2016-4268 , CVE-2016-4269 ,and CVE-2016-4270 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of FlateDecode streams. A crafted FlateDecode stream can trigger a read past the end of an allocated buffer. Adobe Reader and Acrobat are prone to an memory-corruption vulnerability. Failed attacks may cause a denial-of-service condition. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Security flaws exist in several Adobe products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201608-0295",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30174"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.16"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30174"
},
{
"model": "reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.16"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.016.20045"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.016.20045"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.17 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30198 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.017.20050 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30198 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.017.20050 (windows/macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.17 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "mac os x",
"scope": null,
"trust": 0.6,
"vendor": "apple",
"version": null
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "5.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "4.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.6.30172"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.6.30121"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.006.30119"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.16.20039"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "15.17.20050"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.14"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.02"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "4.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.9.20077"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "5.0.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.6.30097"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.6.30174"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.10.20059"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.14"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.6.30097"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.10.20059"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "5.0.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "5.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.16.20045"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "5.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.16.20045"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "4.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.9.20077"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "5.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "5.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "5.1"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "15.6.30198"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.15"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.010.20056"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "15.17.20050"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "15.6.30198"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.17"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.6"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.010.20056"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "5.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "4.05"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.10.20060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.01"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.15"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.6.30174"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "5.0.5"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.6.30172"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.10.20060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.17"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "4.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.6.30121"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "5.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.006.30119"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.16.20039"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-489"
},
{
"db": "BID",
"id": "92636"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004465"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-476"
},
{
"db": "NVD",
"id": "CVE-2016-4266"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004465"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Steven Seeley of Source Incite",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-489"
},
{
"db": "BID",
"id": "92636"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-476"
}
],
"trust": 1.6
},
"cve": "CVE-2016-4266",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2016-4266",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2016-4266",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-93085",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2016-4266",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-4266",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2016-4266",
"trust": 0.8,
"value": "Critical"
},
{
"author": "ZDI",
"id": "CVE-2016-4266",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201608-476",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-93085",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-489"
},
{
"db": "VULHUB",
"id": "VHN-93085"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004465"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-476"
},
{
"db": "NVD",
"id": "CVE-2016-4266"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4267, CVE-2016-4268, CVE-2016-4269, and CVE-2016-4270. This vulnerability CVE-2016-4191 , CVE-2016-4192 , CVE-2016-4193 , CVE-2016-4194 , CVE-2016-4195 , CVE-2016-4196 , CVE-2016-4197 , CVE-2016-4198 , CVE-2016-4199 , CVE-2016-4200 , CVE-2016-4201 , CVE-2016-4202 , CVE-2016-4203 , CVE-2016-4204 , CVE-2016-4205 , CVE-2016-4206 , CVE-2016-4207 , CVE-2016-4208 , CVE-2016-4211 , CVE-2016-4212 , CVE-2016-4213 , CVE-2016-4214 , CVE-2016-4250 , CVE-2016-4251 , CVE-2016-4252 , CVE-2016-4254 , CVE-2016-4265 , CVE-2016-4267 , CVE-2016-4268 , CVE-2016-4269 ,and CVE-2016-4270 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of FlateDecode streams. A crafted FlateDecode stream can trigger a read past the end of an allocated buffer. Adobe Reader and Acrobat are prone to an memory-corruption vulnerability. Failed attacks may cause a denial-of-service condition. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Security flaws exist in several Adobe products",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4266"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004465"
},
{
"db": "ZDI",
"id": "ZDI-16-489"
},
{
"db": "BID",
"id": "92636"
},
{
"db": "VULHUB",
"id": "VHN-93085"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-4266",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-16-489",
"trust": 2.1
},
{
"db": "BID",
"id": "92636",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004465",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3835",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201608-476",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-93085",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-489"
},
{
"db": "VULHUB",
"id": "VHN-93085"
},
{
"db": "BID",
"id": "92636"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004465"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-476"
},
{
"db": "NVD",
"id": "CVE-2016-4266"
}
]
},
"id": "VAR-201608-0295",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-93085"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T15:13:42.772000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-26",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"title": "APSB16-26",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/acrobat/apsb16-26.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160714.html"
},
{
"title": "Multiple Adobe Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=63795"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-489"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004465"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-476"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93085"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004465"
},
{
"db": "NVD",
"id": "CVE-2016-4266"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/92636"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-489"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4266"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20160713-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160030.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4266"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=18716"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/reader/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-489/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-489"
},
{
"db": "VULHUB",
"id": "VHN-93085"
},
{
"db": "BID",
"id": "92636"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004465"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-476"
},
{
"db": "NVD",
"id": "CVE-2016-4266"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-16-489"
},
{
"db": "VULHUB",
"id": "VHN-93085"
},
{
"db": "BID",
"id": "92636"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004465"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-476"
},
{
"db": "NVD",
"id": "CVE-2016-4266"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-08-24T00:00:00",
"db": "ZDI",
"id": "ZDI-16-489"
},
{
"date": "2016-08-26T00:00:00",
"db": "VULHUB",
"id": "VHN-93085"
},
{
"date": "2016-08-23T00:00:00",
"db": "BID",
"id": "92636"
},
{
"date": "2016-08-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004465"
},
{
"date": "2016-08-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201608-476"
},
{
"date": "2016-08-26T19:59:02.600000",
"db": "NVD",
"id": "CVE-2016-4266"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-08-24T00:00:00",
"db": "ZDI",
"id": "ZDI-16-489"
},
{
"date": "2016-11-28T00:00:00",
"db": "VULHUB",
"id": "VHN-93085"
},
{
"date": "2016-08-23T00:00:00",
"db": "BID",
"id": "92636"
},
{
"date": "2016-08-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004465"
},
{
"date": "2016-08-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201608-476"
},
{
"date": "2016-11-28T20:17:04.580000",
"db": "NVD",
"id": "CVE-2016-4266"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201608-476"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004465"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201608-476"
}
],
"trust": 0.6
}
}
var-201601-0600
Vulnerability from variot
Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of PDF files. By providing a malformed PDF file, an attacker can cause uninitialized memory to be dereferenced. An attacker could leverage this to execute arbitrary code under the context of the process. Adobe Acrobat and Reader are prone to multiple memory-corruption vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Security flaws exist in several Adobe products. 13 and earlier versions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201601-0600",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.14 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30119 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20056 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30119 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20056 (windows/macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.14 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.009.20077"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-015"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001041"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-239"
},
{
"db": "NVD",
"id": "CVE-2016-0939"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001041"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jaanus Kp Clarified Security",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-015"
}
],
"trust": 0.7
},
"cve": "CVE-2016-0939",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0939",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 2.5,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-88449",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2016-0939",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-0939",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-0939",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2016-0939",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-239",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-88449",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-015"
},
{
"db": "VULHUB",
"id": "VHN-88449"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001041"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-239"
},
{
"db": "NVD",
"id": "CVE-2016-0939"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of PDF files. By providing a malformed PDF file, an attacker can cause uninitialized memory to be dereferenced. An attacker could leverage this to execute arbitrary code under the context of the process. Adobe Acrobat and Reader are prone to multiple memory-corruption vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Security flaws exist in several Adobe products. 13 and earlier versions",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0939"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001041"
},
{
"db": "ZDI",
"id": "ZDI-16-015"
},
{
"db": "BID",
"id": "80361"
},
{
"db": "VULHUB",
"id": "VHN-88449"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0939",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-16-015",
"trust": 2.7
},
{
"db": "SECTRACK",
"id": "1034646",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001041",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3264",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201601-239",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-014",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-009",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-013",
"trust": 0.3
},
{
"db": "BID",
"id": "80361",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-88449",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-015"
},
{
"db": "VULHUB",
"id": "VHN-88449"
},
{
"db": "BID",
"id": "80361"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001041"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-239"
},
{
"db": "NVD",
"id": "CVE-2016-0939"
}
]
},
"id": "VAR-201601-0600",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88449"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:32:58.141000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-02",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
},
{
"title": "APSB16-02",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb16-02.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160114.html"
},
{
"title": "Multiple Adobe Product Buffer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59586"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-015"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001041"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-239"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88449"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001041"
},
{
"db": "NVD",
"id": "CVE-2016-0939"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
},
{
"trust": 1.7,
"url": "http://zerodayinitiative.com/advisories/zdi-16-015"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1034646"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0939"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160113-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160003.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0939"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17575"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
},
{
"trust": 0.3,
"url": "https://helpx.adobe.com/security/products/reader/apsb16-02.html"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-009/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-013/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-014/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-015/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-015"
},
{
"db": "VULHUB",
"id": "VHN-88449"
},
{
"db": "BID",
"id": "80361"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001041"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-239"
},
{
"db": "NVD",
"id": "CVE-2016-0939"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-16-015"
},
{
"db": "VULHUB",
"id": "VHN-88449"
},
{
"db": "BID",
"id": "80361"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001041"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-239"
},
{
"db": "NVD",
"id": "CVE-2016-0939"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-12T00:00:00",
"db": "ZDI",
"id": "ZDI-16-015"
},
{
"date": "2016-01-14T00:00:00",
"db": "VULHUB",
"id": "VHN-88449"
},
{
"date": "2016-01-12T00:00:00",
"db": "BID",
"id": "80361"
},
{
"date": "2016-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001041"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-239"
},
{
"date": "2016-01-14T05:59:08.013000",
"db": "NVD",
"id": "CVE-2016-0939"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-12T00:00:00",
"db": "ZDI",
"id": "ZDI-16-015"
},
{
"date": "2016-12-07T00:00:00",
"db": "VULHUB",
"id": "VHN-88449"
},
{
"date": "2016-01-14T23:58:00",
"db": "BID",
"id": "80361"
},
{
"date": "2016-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001041"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-239"
},
{
"date": "2016-12-07T23:39:48.063000",
"db": "NVD",
"id": "CVE-2016-0939"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-239"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001041"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-239"
}
],
"trust": 0.6
}
}
var-201601-0590
Vulnerability from variot
Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0945, and CVE-2016-0946. This vulnerability CVE-2016-0931 , CVE-2016-0933 , CVE-2016-0936 , CVE-2016-0938 , CVE-2016-0939 , CVE-2016-0942 , CVE-2016-0945 ,and CVE-2016-0946 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Adobe Acrobat and Reader are prone to multiple memory-corruption vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Security flaws exist in several Adobe products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201601-0590",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.14 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30119 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20056 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30119 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20056 (windows/macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.14 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.13"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001046"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-244"
},
{
"db": "NVD",
"id": "CVE-2016-0944"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001046"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Brian Gorenc of HPE\u0027s Zero Day Initiative, Mahinthan Chandramohan, Wei Lei and Liu Yang working with iDefense\u0027s Vulnerability Contributor Program, Jaanus Kp of Clarified Security, working with HPE\u0027s Zero Day Initiative, Chris Navarrete of Fortinet\u0027s FortiG",
"sources": [
{
"db": "BID",
"id": "80361"
}
],
"trust": 0.3
},
"cve": "CVE-2016-0944",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2016-0944",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-88454",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2016-0944",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-0944",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2016-0944",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-244",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-88454",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88454"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001046"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-244"
},
{
"db": "NVD",
"id": "CVE-2016-0944"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0945, and CVE-2016-0946. This vulnerability CVE-2016-0931 , CVE-2016-0933 , CVE-2016-0936 , CVE-2016-0938 , CVE-2016-0939 , CVE-2016-0942 , CVE-2016-0945 ,and CVE-2016-0946 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Adobe Acrobat and Reader are prone to multiple memory-corruption vulnerabilities. \nAttackers can exploit these issues to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Security flaws exist in several Adobe products",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0944"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001046"
},
{
"db": "BID",
"id": "80361"
},
{
"db": "VULHUB",
"id": "VHN-88454"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0944",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1034646",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001046",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201601-244",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-014",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-015",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-009",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-013",
"trust": 0.3
},
{
"db": "BID",
"id": "80361",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-88454",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88454"
},
{
"db": "BID",
"id": "80361"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001046"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-244"
},
{
"db": "NVD",
"id": "CVE-2016-0944"
}
]
},
"id": "VAR-201601-0590",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88454"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:32:58.108000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-02",
"trust": 0.8,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
},
{
"title": "APSB16-02",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb16-02.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160114.html"
},
{
"title": "Multiple Adobe Product Buffer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59591"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001046"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-244"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88454"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001046"
},
{
"db": "NVD",
"id": "CVE-2016-0944"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1034646"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0944"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160113-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160003.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0944"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17575"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
},
{
"trust": 0.3,
"url": "https://helpx.adobe.com/security/products/reader/apsb16-02.html"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-009/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-013/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-014/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-015/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88454"
},
{
"db": "BID",
"id": "80361"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001046"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-244"
},
{
"db": "NVD",
"id": "CVE-2016-0944"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-88454"
},
{
"db": "BID",
"id": "80361"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001046"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-244"
},
{
"db": "NVD",
"id": "CVE-2016-0944"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-14T00:00:00",
"db": "VULHUB",
"id": "VHN-88454"
},
{
"date": "2016-01-12T00:00:00",
"db": "BID",
"id": "80361"
},
{
"date": "2016-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001046"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-244"
},
{
"date": "2016-01-14T05:59:12.813000",
"db": "NVD",
"id": "CVE-2016-0944"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-07T00:00:00",
"db": "VULHUB",
"id": "VHN-88454"
},
{
"date": "2016-01-14T23:58:00",
"db": "BID",
"id": "80361"
},
{
"date": "2016-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001046"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-244"
},
{
"date": "2016-12-07T23:41:34.547000",
"db": "NVD",
"id": "CVE-2016-0944"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-244"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001046"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-244"
}
],
"trust": 0.6
}
}
var-201510-0361
Vulnerability from variot
Use-after-free vulnerability in the popUpMenuEx method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via crafted arguments, a different vulnerability than CVE-2015-5586, CVE-2015-6683, CVE-2015-6684, CVE-2015-6687, CVE-2015-6688, CVE-2015-6689, CVE-2015-6691, CVE-2015-7615, CVE-2015-7617, and CVE-2015-7621. This vulnerability CVE-2015-5586 , CVE-2015-6683 , CVE-2015-6684 , CVE-2015-6687 , CVE-2015-6688 , CVE-2015-6689 , CVE-2015-6691 , CVE-2015-7615 , CVE-2015-7617 ,and CVE-2015-7621 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code via crafted arguments. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the popUpMenuEx method. Specially crafted arguments passed to popUpMenuEx can force a dangling pointer to be reused after it has been freed. Adobe Acrobat and Reader are prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A use-after-free vulnerability exists in the popUpMenuEx method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0361",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-474"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005247"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-203"
},
{
"db": "NVD",
"id": "CVE-2015-6690"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005247"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-474"
}
],
"trust": 0.7
},
"cve": "CVE-2015-6690",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6690",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.7,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-6690",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84651",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6690",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6690",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-6690",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-203",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-84651",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-474"
},
{
"db": "VULHUB",
"id": "VHN-84651"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005247"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-203"
},
{
"db": "NVD",
"id": "CVE-2015-6690"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in the popUpMenuEx method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via crafted arguments, a different vulnerability than CVE-2015-5586, CVE-2015-6683, CVE-2015-6684, CVE-2015-6687, CVE-2015-6688, CVE-2015-6689, CVE-2015-6691, CVE-2015-7615, CVE-2015-7617, and CVE-2015-7621. This vulnerability CVE-2015-5586 , CVE-2015-6683 , CVE-2015-6684 , CVE-2015-6687 , CVE-2015-6688 , CVE-2015-6689 , CVE-2015-6691 , CVE-2015-7615 , CVE-2015-7617 ,and CVE-2015-7621 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code via crafted arguments. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the popUpMenuEx method. Specially crafted arguments passed to popUpMenuEx can force a dangling pointer to be reused after it has been freed. Adobe Acrobat and Reader are prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A use-after-free vulnerability exists in the popUpMenuEx method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6690"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005247"
},
{
"db": "ZDI",
"id": "ZDI-15-474"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "VULHUB",
"id": "VHN-84651"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6690",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-474",
"trust": 2.7
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005247",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3018",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-203",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-15-508",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-470",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-493",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-469",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-492",
"trust": 0.3
},
{
"db": "BID",
"id": "77064",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84651",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-474"
},
{
"db": "VULHUB",
"id": "VHN-84651"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005247"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-203"
},
{
"db": "NVD",
"id": "CVE-2015-6690"
}
]
},
"id": "VAR-201510-0361",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84651"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:37.306000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Remediation measures for reusing vulnerabilities after product release",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58052"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-474"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005247"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-203"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84651"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005247"
},
{
"db": "NVD",
"id": "CVE-2015-6690"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-474"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6690"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6690"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-469/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-470/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-474/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-492/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-493/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-508/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-474"
},
{
"db": "VULHUB",
"id": "VHN-84651"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005247"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-203"
},
{
"db": "NVD",
"id": "CVE-2015-6690"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-474"
},
{
"db": "VULHUB",
"id": "VHN-84651"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005247"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-203"
},
{
"db": "NVD",
"id": "CVE-2015-6690"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-474"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84651"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77064"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005247"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-203"
},
{
"date": "2015-10-14T23:59:12.143000",
"db": "NVD",
"id": "CVE-2015-6690"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-474"
},
{
"date": "2020-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-84651"
},
{
"date": "2015-10-26T17:00:00",
"db": "BID",
"id": "77064"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005247"
},
{
"date": "2020-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-203"
},
{
"date": "2021-09-08T17:19:31.617000",
"db": "NVD",
"id": "CVE-2015-6690"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-203"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of popUpMenuEx Vulnerability in arbitrary code execution in method",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005247"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-203"
}
],
"trust": 0.6
}
}
var-200912-0751
Vulnerability from variot
Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted JPC_MS_RGN marker in the Jp2c stream of a JpxDecode encoded data stream, which triggers an integer sign extension that bypasses a sanity check, leading to memory corruption. The Doc.media.newPlayer method in Adobe Acrobat and Reader contains a use-after-free vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Adobe Reader and Acrobat are prone to a memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code. Failed exploit attempts will likely cause denial-of-service conditions. This issue affects Reader and Acrobat 9.2 and prior versions. NOTE: This issue was previously covered in BID 37667 (Adobe Acrobat and Reader January 2010 Multiple Remote Vulnerabilities), but has been given its own record to better document it. iDefense Security Advisory 01.12.10 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 12, 2010
I. For more information, please visit following pages:
http://www.adobe.com/products/reader/ http://www.adobe.com/products/acrobat/
II.
The vulnerability occurs when processing the Jp2c stream of a JpxDecode encoded data stream within a PDF file. During the processing of a JPC_MS_RGN marker, an integer sign extension may cause a bounds check to be bypassed. This results in an exploitable memory corruption vulnerability.
III. The attacker will have to create a malicious PDF file and convince the victim to open it. This can be accomplished by embedding the PDF file into an IFrame inside of a Web page, which will result in automatic exploitation once the page is viewed. The file could also be e-mailed as an attachment or placed on a file share. In these cases, a user would have to manually open the file to trigger exploitation. If preview is enabled in Windows Explorer, Acrobat will try to generate a preview for PDF files when a folder containing PDF files is accessed, thus triggering the exploitation.
IV. DETECTION
iDefense has confirmed the existence of this vulnerability in latest version of Adobe Reader, at the time of testing, version 9.1.0. Previous versions may also be affected.
Adobe has stated that all 9.2 and below versions, as well as all 8.1.7 and below versions are vulnerable.
V. WORKAROUND
None of the following workarounds will prevent exploitation, but they can reduce potential attack vectors and make exploitation more difficult.
Prevent PDF documents from being opened automatically by the Web browser Disable JavaScript Disable PDFShell extension by removing or renaming the Acrord32info.exe file
VI. VENDOR RESPONSE
Adobe has released a patch which addresses this issue. Information about downloadable vendor updates can be found by clicking on the URLs shown.
http://www.adobe.com/support/security/bulletins/apsb10-02.html
VII. CVE INFORMATION
The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2009-3955 to this issue. This is a candidate for inclusion in the CVE list (http://cve.mitre.org/), which standardizes names for security problems.
VIII. DISCLOSURE TIMELINE
08/06/2009 Initial Contact 08/06/2009 Initial Response 09/16/2009 Vendor requested POC. iDefense sent POC. 09/17/2009 Vendor response. 01/12/2010 Coordinated public disclosure.
IX. CREDIT
This vulnerability was reported to iDefense by Code Audit Labs http://www.vulnhunt.com.
Get paid for vulnerability research http://labs.idefense.com/methodology/vulnerability/vcp.php
Free tools, research and upcoming events http://labs.idefense.com/
X. LEGAL NOTICES
Copyright \xa9 2010 iDefense, Inc.
Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDefense. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please e-mail customerservice@idefense.com for permission.
Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability intelligence source on the market.
Implement it through Secunia.
For more information visit: http://secunia.com/advisories/business_solutions/
Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com
TITLE: Adobe Reader/Acrobat Code Execution Vulnerability
SECUNIA ADVISORY ID: SA37690
VERIFY ADVISORY: http://secunia.com/advisories/37690/
DESCRIPTION: A vulnerability has been reported in Adobe Reader and Acrobat, which can be exploited by malicious people to compromise a user's system.
NOTE: This vulnerability is currently being actively exploited.
SOLUTION: Do not open untrusted PDF files.
Do not visit untrusted websites or follow untrusted links.
PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day.
ORIGINAL ADVISORY: http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200912-0751",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "4.0.5c"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "4.0.5a"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "5.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "4.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "3.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "5.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "3.02"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "4.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "4.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "3.01"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "3.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5a"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5c"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.4.z (server)"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "networks self-service speech server",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "networks self-service peri application",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "networks self-service mps",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "5000"
},
{
"model": "networks self-service mps",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "10000"
},
{
"model": "networks self-service media processing server",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "networks callpilot 703t",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "networks callpilot 600r",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "networks callpilot 201i",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "networks callpilot 200i",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "networks callpilot 1005r",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "networks callpilot 1002rp",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#508357"
},
{
"db": "BID",
"id": "37757"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001016"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-089"
},
{
"db": "NVD",
"id": "CVE-2009-3955"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001016"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Code Audit Labs\u203bhttp://www.vulnhunt.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201001-089"
}
],
"trust": 0.6
},
"cve": "CVE-2009-3955",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2009-3955",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-41401",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2009-3955",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#508357",
"trust": 0.8,
"value": "65.84"
},
{
"author": "NVD",
"id": "CVE-2009-3955",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201001-089",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-41401",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#508357"
},
{
"db": "VULHUB",
"id": "VHN-41401"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001016"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-089"
},
{
"db": "NVD",
"id": "CVE-2009-3955"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted JPC_MS_RGN marker in the Jp2c stream of a JpxDecode encoded data stream, which triggers an integer sign extension that bypasses a sanity check, leading to memory corruption. The Doc.media.newPlayer method in Adobe Acrobat and Reader contains a use-after-free vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Adobe Reader and Acrobat are prone to a memory-corruption vulnerability. \nAn attacker can exploit this issue to execute arbitrary code. Failed exploit attempts will likely cause denial-of-service conditions. \nThis issue affects Reader and Acrobat 9.2 and prior versions. \nNOTE: This issue was previously covered in BID 37667 (Adobe Acrobat and Reader January 2010 Multiple Remote Vulnerabilities), but has been given its own record to better document it. iDefense Security Advisory 01.12.10\nhttp://labs.idefense.com/intelligence/vulnerabilities/\nJan 12, 2010\n\nI. For more information, please visit following pages:\n\nhttp://www.adobe.com/products/reader/\nhttp://www.adobe.com/products/acrobat/\n\nII. \n\nThe vulnerability occurs when processing the Jp2c stream of a JpxDecode\nencoded data stream within a PDF file. During the processing of a\nJPC_MS_RGN marker, an integer sign extension may cause a bounds check\nto be bypassed. This results in an exploitable memory corruption\nvulnerability. \n\nIII. The\nattacker will have to create a malicious PDF file and convince the\nvictim to open it. This can be accomplished by embedding the PDF file\ninto an IFrame inside of a Web page, which will result in automatic\nexploitation once the page is viewed. The file could also be e-mailed\nas an attachment or placed on a file share. In these cases, a user\nwould have to manually open the file to trigger exploitation. If\npreview is enabled in Windows Explorer, Acrobat will try to generate a\npreview for PDF files when a folder containing PDF files is accessed,\nthus triggering the exploitation. \n\nIV. DETECTION\n\niDefense has confirmed the existence of this vulnerability in latest\nversion of Adobe Reader, at the time of testing, version 9.1.0. \nPrevious versions may also be affected. \n\nAdobe has stated that all 9.2 and below versions, as well as all 8.1.7\nand below versions are vulnerable. \n\nV. WORKAROUND\n\nNone of the following workarounds will prevent exploitation, but they\ncan reduce potential attack vectors and make exploitation more\ndifficult. \n\nPrevent PDF documents from being opened automatically by the Web browser\nDisable JavaScript\nDisable PDFShell extension by removing or renaming the Acrord32info.exe file\n\nVI. VENDOR RESPONSE\n\nAdobe has released a patch which addresses this issue. Information about\ndownloadable vendor updates can be found by clicking on the URLs shown. \n\nhttp://www.adobe.com/support/security/bulletins/apsb10-02.html\n\nVII. CVE INFORMATION\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\nname CVE-2009-3955 to this issue. This is a candidate for inclusion in\nthe CVE list (http://cve.mitre.org/), which standardizes names for\nsecurity problems. \n\nVIII. DISCLOSURE TIMELINE\n\n08/06/2009 Initial Contact\n08/06/2009 Initial Response\n09/16/2009 Vendor requested POC. iDefense sent POC. \n09/17/2009 Vendor response. \n01/12/2010 Coordinated public disclosure. \n\nIX. CREDIT\n\nThis vulnerability was reported to iDefense by \tCode Audit Labs\nhttp://www.vulnhunt.com. \n\nGet paid for vulnerability research\nhttp://labs.idefense.com/methodology/vulnerability/vcp.php\n\nFree tools, research and upcoming events\nhttp://labs.idefense.com/\n\nX. LEGAL NOTICES\n\nCopyright \\xa9 2010 iDefense, Inc. \n\nPermission is granted for the redistribution of this alert\nelectronically. It may not be edited in any way without the express\nwritten consent of iDefense. If you wish to reprint the whole or any\npart of this alert in any other medium other than electronically,\nplease e-mail customerservice@idefense.com for permission. \n\nDisclaimer: The information in the advisory is believed to be accurate\nat the time of publishing based on currently available information. Use\nof the information constitutes acceptance for use in an AS IS condition. \n There are no warranties with regard to this information. Neither the\nauthor nor the publisher accepts any liability for any direct,\nindirect, or consequential loss or damage arising from use of, or\nreliance on, this information. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management) \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nFor more information visit:\nhttp://secunia.com/advisories/business_solutions/\n\nAlternatively request a call from a Secunia representative today to\ndiscuss how we can help you with our capabilities contact us at:\nsales@secunia.com\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader/Acrobat Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA37690\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/37690/\n\nDESCRIPTION:\nA vulnerability has been reported in Adobe Reader and Acrobat, which\ncan be exploited by malicious people to compromise a user\u0027s system. \n\nNOTE: This vulnerability is currently being actively exploited. \n\nSOLUTION:\nDo not open untrusted PDF files. \n\nDo not visit untrusted websites or follow untrusted links. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported as a 0-day. \n\nORIGINAL ADVISORY:\nhttp://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-3955"
},
{
"db": "CERT/CC",
"id": "VU#508357"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001016"
},
{
"db": "BID",
"id": "37757"
},
{
"db": "VULHUB",
"id": "VHN-41401"
},
{
"db": "PACKETSTORM",
"id": "85088"
},
{
"db": "PACKETSTORM",
"id": "83870"
}
],
"trust": 2.88
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-41401",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41401"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-3955",
"trust": 2.9
},
{
"db": "BID",
"id": "37757",
"trust": 2.8
},
{
"db": "VUPEN",
"id": "ADV-2010-0103",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1023446",
"trust": 2.5
},
{
"db": "USCERT",
"id": "TA10-013A",
"trust": 2.5
},
{
"db": "XF",
"id": "55553",
"trust": 1.4
},
{
"db": "SECUNIA",
"id": "38215",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "38138",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "37690",
"trust": 0.9
},
{
"db": "OSVDB",
"id": "60980",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#508357",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA10-013A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001016",
"trust": 0.8
},
{
"db": "IDEFENSE",
"id": "20100113 ADOBE READER AND ACROBAT JPXDECODE MEMORY CORRUPTION VULNERABILITY",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "TA10-013A",
"trust": 0.6
},
{
"db": "SUSE",
"id": "SUSE-SA:2010:008",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "14341",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201001-089",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "85088",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-41401",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83870",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#508357"
},
{
"db": "VULHUB",
"id": "VHN-41401"
},
{
"db": "BID",
"id": "37757"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001016"
},
{
"db": "PACKETSTORM",
"id": "85088"
},
{
"db": "PACKETSTORM",
"id": "83870"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-089"
},
{
"db": "NVD",
"id": "CVE-2009-3955"
}
]
},
"id": "VAR-200912-0751",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-41401"
}
],
"trust": 0.01
},
"last_update_date": "2024-09-19T19:31:24.494000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-02",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"title": "APSB10-02",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-02.html"
},
{
"title": "RHSA-2010:0037",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0037.html"
},
{
"title": "RHSA-2010:0038",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0038.html"
},
{
"title": "RHSA-2010:0060",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0060.html"
},
{
"title": "TA10-013A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-013a.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001016"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41401"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001016"
},
{
"db": "NVD",
"id": "CVE-2009-3955"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/37757"
},
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-013a.html"
},
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id?1023446"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2010/0103"
},
{
"trust": 2.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"trust": 2.0,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=836"
},
{
"trust": 1.7,
"url": "http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/55553"
},
{
"trust": 1.1,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=554293"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a8255"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2010-0060.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/38138"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/38215"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55553"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/37690/"
},
{
"trust": 0.8,
"url": "http://www.adobe.com/support/security/advisories/apsa09-07.html"
},
{
"trust": 0.8,
"url": "http://kb2.adobe.com/cps/532/cpsid_53237.html"
},
{
"trust": 0.8,
"url": "http://osvdb.org/show/osvdb/60980"
},
{
"trust": 0.8,
"url": "http://www.symantec.com/connect/blogs/zero-day-xmas-present"
},
{
"trust": 0.8,
"url": "http://voices.washingtonpost.com/securityfix/2009/12/hackers_target_unpatched_adobe.html"
},
{
"trust": 0.8,
"url": "http://vrt-sourcefire.blogspot.com/2009/12/this-is-what-happens-when-you-try-to-do.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3955"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20100113-adobe.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2010/at100003.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-013a/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-03/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-3955"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-013a.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/index.html#topics"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/14341"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026id=991610"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3955"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/),"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/products/reader/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/"
},
{
"trust": 0.1,
"url": "http://www.vulnhunt.com."
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/methodology/vulnerability/vcp.php"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#508357"
},
{
"db": "VULHUB",
"id": "VHN-41401"
},
{
"db": "BID",
"id": "37757"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001016"
},
{
"db": "PACKETSTORM",
"id": "85088"
},
{
"db": "PACKETSTORM",
"id": "83870"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-089"
},
{
"db": "NVD",
"id": "CVE-2009-3955"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#508357"
},
{
"db": "VULHUB",
"id": "VHN-41401"
},
{
"db": "BID",
"id": "37757"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001016"
},
{
"db": "PACKETSTORM",
"id": "85088"
},
{
"db": "PACKETSTORM",
"id": "83870"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-089"
},
{
"db": "NVD",
"id": "CVE-2009-3955"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-12-15T00:00:00",
"db": "CERT/CC",
"id": "VU#508357"
},
{
"date": "2010-01-13T00:00:00",
"db": "VULHUB",
"id": "VHN-41401"
},
{
"date": "2010-01-12T00:00:00",
"db": "BID",
"id": "37757"
},
{
"date": "2010-02-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001016"
},
{
"date": "2010-01-14T02:57:07",
"db": "PACKETSTORM",
"id": "85088"
},
{
"date": "2009-12-15T13:39:57",
"db": "PACKETSTORM",
"id": "83870"
},
{
"date": "2010-01-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201001-089"
},
{
"date": "2010-01-13T19:30:00.483000",
"db": "NVD",
"id": "CVE-2009-3955"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-06-18T00:00:00",
"db": "CERT/CC",
"id": "VU#508357"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-41401"
},
{
"date": "2015-03-19T09:27:00",
"db": "BID",
"id": "37757"
},
{
"date": "2010-02-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001016"
},
{
"date": "2011-07-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201001-089"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2009-3955"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "85088"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-089"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat JpxDecode Memory Corruption Vulnerability",
"sources": [
{
"db": "BID",
"id": "37757"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-089"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201001-089"
}
],
"trust": 0.6
}
}
var-201510-0335
Vulnerability from variot
The CBSharedReviewIfOfflineDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the CBSharedReviewIfOfflineDialog method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the CBSharedReviewIfOfflineDialog method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0335",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-503"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005275"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-231"
},
{
"db": "NVD",
"id": "CVE-2015-6718"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005275"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Matt Molinyawe and Jasiel Spelman of HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-503"
}
],
"trust": 0.7
},
"cve": "CVE-2015-6718",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6718",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.7,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-6718",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84679",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6718",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6718",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-6718",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-231",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-84679",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-503"
},
{
"db": "VULHUB",
"id": "VHN-84679"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005275"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-231"
},
{
"db": "NVD",
"id": "CVE-2015-6718"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The CBSharedReviewIfOfflineDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the CBSharedReviewIfOfflineDialog method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the CBSharedReviewIfOfflineDialog method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6718"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005275"
},
{
"db": "ZDI",
"id": "ZDI-15-503"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "VULHUB",
"id": "VHN-84679"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6718",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-503",
"trust": 2.4
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005275",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3087",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-231",
"trust": 0.7
},
{
"db": "BID",
"id": "77074",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84679",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-503"
},
{
"db": "VULHUB",
"id": "VHN-84679"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005275"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-231"
},
{
"db": "NVD",
"id": "CVE-2015-6718"
}
]
},
"id": "VAR-201510-0335",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84679"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:36.215000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product Privilege License and Access Control Vulnerability Fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58080"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-503"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005275"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-231"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84679"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005275"
},
{
"db": "NVD",
"id": "CVE-2015-6718"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-503"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6718"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6718"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-503"
},
{
"db": "VULHUB",
"id": "VHN-84679"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005275"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-231"
},
{
"db": "NVD",
"id": "CVE-2015-6718"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-503"
},
{
"db": "VULHUB",
"id": "VHN-84679"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005275"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-231"
},
{
"db": "NVD",
"id": "CVE-2015-6718"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-503"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84679"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005275"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-231"
},
{
"date": "2015-10-14T23:59:39.743000",
"db": "NVD",
"id": "CVE-2015-6718"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-503"
},
{
"date": "2020-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-84679"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005275"
},
{
"date": "2020-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-231"
},
{
"date": "2021-09-08T17:19:32.290000",
"db": "NVD",
"id": "CVE-2015-6718"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-231"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of CBSharedReviewIfOfflineDialog In the method JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005275"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-231"
}
],
"trust": 0.6
}
}
var-201102-0068
Vulnerability from variot
The Bitmap parsing component in 2d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via an image with crafted (1) height and (2) width values for an RLE_8 compressed bitmap, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2011-0598, CVE-2011-0599, and CVE-2011-0602. Adobe Reader and Acrobat Contains a vulnerability that allows arbitrary code execution. This vulnerability CVE-2011-0598 , CVE-2011-0599 and CVE-2011-0602 Is a different vulnerability.A third party may execute arbitrary code through the image. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The flaw exists within the Bitmap parsing component of 2d.dll. When allocating a destination buffer for handling RLE_8 compressed bitmaps the process uses the bitmap height and width values directly. Certain assumptions are made regarding minimum values of these fields during decompression resulting in a copy user supplied data into a fixed-length buffer on the heap.
For more information: SA43207
SOLUTION: Updated packages are available via Red Hat Network.
-- Vendor Response: Adobe has issued an update to correct this vulnerability. More details can be found at:
http://www.adobe.com/support/security/bulletins/apsb11-03.html
-- Disclosure Timeline: 2010-11-05 - Vulnerability reported to vendor 2011-02-08 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by: * Peter Vreugdenhil ( http://vreugdenhilresearch.nl )
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
Follow the ZDI on Twitter:
http://twitter.com/thezdi
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA43207
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43207/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
RELEASE DATE: 2011-02-09
DISCUSS ADVISORY: http://secunia.com/advisories/43207/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43207/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader / Acrobat, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks and compromise a user's system.
2) An unspecified error can be exploited to corrupt memory.
3) An unspecified error related to file permissions in Windows-based versions can be exploited to gain escalated privileges.
4) An unspecified error may allow code execution.
5) An unspecified error when parsing images can be exploited to corrupt memory.
6) An error in AcroRd32.dll when parsing certain images can be exploited to corrupt memory.
7) An unspecified error in the Macintosh-based versions may allow code execution.
9) An unspecified error may allow code execution.
10) A input validation error may allow code execution.
11) An input validation error can be exploited to conduct cross-site scripting attacks.
13) An unspecified error can be exploited to corrupt memory.
14) A boundary error when decoding U3D image data in an IFF file can be exploited to cause a buffer overflow.
15) A boundary error when decoding U3D image data in a RGBA file can be exploited to cause a buffer overflow.
16) A boundary error when decoding U3D image data in a BMP file can be exploited to cause a buffer overflow.
17) A boundary error when decoding U3D image data in a PSD file can be exploited to cause a buffer overflow.
18) An input validation error when parsing fonts may allow code execution.
19) A boundary error when decoding U3D image data in a FLI file can be exploited to cause a buffer overflow.
21) An integer overflow in ACE.dll when parsing certain ICC data can be exploited to cause a buffer overflow.
22) A boundary error in rt3d.dll when parsing bits per pixel and number of colors if 4/8-bit RLE compressed BMP files can be exploited to cause a heap-based buffer overflow.
23) An error in the U3D implementation when handling the Parent Node count can be exploited to cause a buffer overflow.
24) A boundary error when processing JPEG files embedded in a PDF file can be exploited to corrupt heap memory.
25) An unspecified error when parsing images may allow code execution.
26) An input validation error can be exploited to conduct cross-site scripting attacks.
27) An unspecified error in the Macintosh-based versions may allow code execution.
28) A boundary error in rt3d.dll when parsing certain files can be exploited to cause a stack-based buffer overflow.
29) An integer overflow in the U3D implementation when parsing a ILBM texture file can be exploited to cause a buffer overflow.
30) Some vulnerabilities are caused due to vulnerabilities in the bundled version of Adobe Flash Player.
For more information: SA43267
The vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1 and prior, and 10.0 and prior.
SOLUTION: Update to version 8.2.6, 9.4.2, or 10.0.1.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: 2) Bing Liu, Fortinet's FortiGuard Labs. 6) Abdullah Ada via ZDI. 8) Haifei Li, Fortinet's FortiGuard Labs. 14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. 21) Sebastian Apelt via ZDI. 23) el via ZDI. 14) Sean Larsson, iDefense Labs. 28) An anonymous person via ZDI.
The vendor also credits: 1) Mitja Kolsek, ACROS Security. 3) Matthew Pun. 4, 5, 18) Tavis Ormandy, Google Security Team. 7) James Quirk. 9) Brett Gervasoni, Sense of Security. 10) Joe Schatz. 11, 26) Billy Rios, Google Security Team. 12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. 13) CESG. 25) Will Dormann, CERT. 27) Marc Schoenefeld, Red Hat Security Response Team.
ORIGINAL ADVISORY: Adobe (APSB11-03) http://www.adobe.com/support/security/bulletins/apsb11-03.html http://www.adobe.com/support/security/bulletins/apsb11-02.html
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-065/ http://www.zerodayinitiative.com/advisories/ZDI-11-066/ http://www.zerodayinitiative.com/advisories/ZDI-11-067/ http://www.zerodayinitiative.com/advisories/ZDI-11-068/ http://www.zerodayinitiative.com/advisories/ZDI-11-069/ http://www.zerodayinitiative.com/advisories/ZDI-11-070/ http://www.zerodayinitiative.com/advisories/ZDI-11-071/ http://www.zerodayinitiative.com/advisories/ZDI-11-072/ http://www.zerodayinitiative.com/advisories/ZDI-11-073/ http://www.zerodayinitiative.com/advisories/ZDI-11-074/ http://www.zerodayinitiative.com/advisories/ZDI-11-075/ http://www.zerodayinitiative.com/advisories/ZDI-11-077/
FortiGuard Labs: http://www.fortiguard.com/advisory/FGA-2011-06.html
iDefense: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.7"
References
[ 1 ] CVE-2010-4091 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091 [ 2 ] CVE-2011-0562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562 [ 3 ] CVE-2011-0563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563 [ 4 ] CVE-2011-0565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565 [ 5 ] CVE-2011-0566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566 [ 6 ] CVE-2011-0567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567 [ 7 ] CVE-2011-0570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570 [ 8 ] CVE-2011-0585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585 [ 9 ] CVE-2011-0586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586 [ 10 ] CVE-2011-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587 [ 11 ] CVE-2011-0588 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588 [ 12 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 13 ] CVE-2011-0590 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590 [ 14 ] CVE-2011-0591 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591 [ 15 ] CVE-2011-0592 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592 [ 16 ] CVE-2011-0593 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593 [ 17 ] CVE-2011-0594 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594 [ 18 ] CVE-2011-0595 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595 [ 19 ] CVE-2011-0596 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596 [ 20 ] CVE-2011-0598 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598 [ 21 ] CVE-2011-0599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599 [ 22 ] CVE-2011-0600 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600 [ 23 ] CVE-2011-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602 [ 24 ] CVE-2011-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603 [ 25 ] CVE-2011-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604 [ 26 ] CVE-2011-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605 [ 27 ] CVE-2011-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606 [ 28 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 29 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 30 ] CVE-2011-2135 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 31 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 32 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 33 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 34 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 35 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 36 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 37 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 38 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 39 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 40 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 41 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 42 ] CVE-2011-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431 [ 43 ] CVE-2011-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432 [ 44 ] CVE-2011-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433 [ 45 ] CVE-2011-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434 [ 46 ] CVE-2011-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435 [ 47 ] CVE-2011-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436 [ 48 ] CVE-2011-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437 [ 49 ] CVE-2011-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438 [ 50 ] CVE-2011-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439 [ 51 ] CVE-2011-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440 [ 52 ] CVE-2011-2441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441 [ 53 ] CVE-2011-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442 [ 54 ] CVE-2011-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462 [ 55 ] CVE-2011-4369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201201-19.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0068",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat professional extended",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-071"
},
{
"db": "BID",
"id": "46218"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001208"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-139"
},
{
"db": "NVD",
"id": "CVE-2011-0596"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_server_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_workstation_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001208"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Peter Vreugdenhil through TippingPoint\u0027s Zero Day Initiative",
"sources": [
{
"db": "BID",
"id": "46218"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-139"
}
],
"trust": 0.9
},
"cve": "CVE-2011-0596",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2011-0596",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2011-0596",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-48541",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-0596",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-0596",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2011-0596",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-139",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-48541",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2011-0596",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-071"
},
{
"db": "VULHUB",
"id": "VHN-48541"
},
{
"db": "VULMON",
"id": "CVE-2011-0596"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001208"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-139"
},
{
"db": "NVD",
"id": "CVE-2011-0596"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Bitmap parsing component in 2d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via an image with crafted (1) height and (2) width values for an RLE_8 compressed bitmap, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2011-0598, CVE-2011-0599, and CVE-2011-0602. Adobe Reader and Acrobat Contains a vulnerability that allows arbitrary code execution. This vulnerability CVE-2011-0598 , CVE-2011-0599 and CVE-2011-0602 Is a different vulnerability.A third party may execute arbitrary code through the image. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The flaw exists within the Bitmap parsing component of 2d.dll. When allocating a destination buffer for handling RLE_8 compressed bitmaps the process uses the bitmap height and width values directly. Certain assumptions are made regarding minimum values of these fields during decompression resulting in a copy user supplied data into a fixed-length buffer on the heap. \n\nFor more information:\nSA43207\n\nSOLUTION:\nUpdated packages are available via Red Hat Network. \n\n-- Vendor Response:\nAdobe has issued an update to correct this vulnerability. More\ndetails can be found at:\n\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\n\n-- Disclosure Timeline:\n2010-11-05 - Vulnerability reported to vendor\n2011-02-08 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n * Peter Vreugdenhil ( http://vreugdenhilresearch.nl )\n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nFollow the ZDI on Twitter:\n\n http://twitter.com/thezdi\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA43207\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43207/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nRELEASE DATE:\n2011-02-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43207/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43207/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader /\nAcrobat, which can be exploited by malicious, local users to gain\nescalated privileges and by malicious people to conduct cross-site\nscripting attacks and compromise a user\u0027s system. \n\n2) An unspecified error can be exploited to corrupt memory. \n\n3) An unspecified error related to file permissions in Windows-based\nversions can be exploited to gain escalated privileges. \n\n4) An unspecified error may allow code execution. \n\n5) An unspecified error when parsing images can be exploited to\ncorrupt memory. \n\n6) An error in AcroRd32.dll when parsing certain images can be\nexploited to corrupt memory. \n\n7) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n9) An unspecified error may allow code execution. \n\n10) A input validation error may allow code execution. \n\n11) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n13) An unspecified error can be exploited to corrupt memory. \n\n14) A boundary error when decoding U3D image data in an IFF file can\nbe exploited to cause a buffer overflow. \n\n15) A boundary error when decoding U3D image data in a RGBA file can\nbe exploited to cause a buffer overflow. \n\n16) A boundary error when decoding U3D image data in a BMP file can\nbe exploited to cause a buffer overflow. \n\n17) A boundary error when decoding U3D image data in a PSD file can\nbe exploited to cause a buffer overflow. \n\n18) An input validation error when parsing fonts may allow code\nexecution. \n\n19) A boundary error when decoding U3D image data in a FLI file can\nbe exploited to cause a buffer overflow. \n\n21) An integer overflow in ACE.dll when parsing certain ICC data can\nbe exploited to cause a buffer overflow. \n\n22) A boundary error in rt3d.dll when parsing bits per pixel and\nnumber of colors if 4/8-bit RLE compressed BMP files can be exploited\nto cause a heap-based buffer overflow. \n\n23) An error in the U3D implementation when handling the Parent Node\ncount can be exploited to cause a buffer overflow. \n\n24) A boundary error when processing JPEG files embedded in a PDF\nfile can be exploited to corrupt heap memory. \n\n25) An unspecified error when parsing images may allow code\nexecution. \n\n26) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n27) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n28) A boundary error in rt3d.dll when parsing certain files can be\nexploited to cause a stack-based buffer overflow. \n\n29) An integer overflow in the U3D implementation when parsing a ILBM\ntexture file can be exploited to cause a buffer overflow. \n\n30) Some vulnerabilities are caused due to vulnerabilities in the\nbundled version of Adobe Flash Player. \n\nFor more information:\nSA43267\n\nThe vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1\nand prior, and 10.0 and prior. \n\nSOLUTION:\nUpdate to version 8.2.6, 9.4.2, or 10.0.1. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\n2) Bing Liu, Fortinet\u0027s FortiGuard Labs. \n6) Abdullah Ada via ZDI. \n8) Haifei Li, Fortinet\u0027s FortiGuard Labs. \n14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. \n21) Sebastian Apelt via ZDI. \n23) el via ZDI. \n14) Sean Larsson, iDefense Labs. \n28) An anonymous person via ZDI. \n\nThe vendor also credits:\n1) Mitja Kolsek, ACROS Security. \n3) Matthew Pun. \n4, 5, 18) Tavis Ormandy, Google Security Team. \n7) James Quirk. \n9) Brett Gervasoni, Sense of Security. \n10) Joe Schatz. \n11, 26) Billy Rios, Google Security Team. \n12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. \n13) CESG. \n25) Will Dormann, CERT. \n27) Marc Schoenefeld, Red Hat Security Response Team. \n\nORIGINAL ADVISORY:\nAdobe (APSB11-03)\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-02.html\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-065/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-066/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-067/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-068/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-069/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-070/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-071/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-072/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-073/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-074/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-075/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-077/\n\nFortiGuard Labs:\nhttp://www.fortiguard.com/advisory/FGA-2011-06.html\n\niDefense:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. Please\nreview the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.4.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-4091\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091\n[ 2 ] CVE-2011-0562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562\n[ 3 ] CVE-2011-0563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563\n[ 4 ] CVE-2011-0565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565\n[ 5 ] CVE-2011-0566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566\n[ 6 ] CVE-2011-0567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567\n[ 7 ] CVE-2011-0570\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570\n[ 8 ] CVE-2011-0585\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585\n[ 9 ] CVE-2011-0586\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586\n[ 10 ] CVE-2011-0587\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587\n[ 11 ] CVE-2011-0588\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588\n[ 12 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 13 ] CVE-2011-0590\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590\n[ 14 ] CVE-2011-0591\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591\n[ 15 ] CVE-2011-0592\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592\n[ 16 ] CVE-2011-0593\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593\n[ 17 ] CVE-2011-0594\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594\n[ 18 ] CVE-2011-0595\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595\n[ 19 ] CVE-2011-0596\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596\n[ 20 ] CVE-2011-0598\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598\n[ 21 ] CVE-2011-0599\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599\n[ 22 ] CVE-2011-0600\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600\n[ 23 ] CVE-2011-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602\n[ 24 ] CVE-2011-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603\n[ 25 ] CVE-2011-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604\n[ 26 ] CVE-2011-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605\n[ 27 ] CVE-2011-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606\n[ 28 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 29 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 30 ] CVE-2011-2135\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 31 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 32 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 33 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 34 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 35 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 36 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 37 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 38 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 39 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 40 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 41 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 42 ] CVE-2011-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431\n[ 43 ] CVE-2011-2432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432\n[ 44 ] CVE-2011-2433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433\n[ 45 ] CVE-2011-2434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434\n[ 46 ] CVE-2011-2435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435\n[ 47 ] CVE-2011-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436\n[ 48 ] CVE-2011-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437\n[ 49 ] CVE-2011-2438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438\n[ 50 ] CVE-2011-2439\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439\n[ 51 ] CVE-2011-2440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440\n[ 52 ] CVE-2011-2441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441\n[ 53 ] CVE-2011-2442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442\n[ 54 ] CVE-2011-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462\n[ 55 ] CVE-2011-4369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201201-19.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0596"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001208"
},
{
"db": "ZDI",
"id": "ZDI-11-071"
},
{
"db": "BID",
"id": "46218"
},
{
"db": "VULHUB",
"id": "VHN-48541"
},
{
"db": "VULMON",
"id": "CVE-2011-0596"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98279"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
}
],
"trust": 3.06
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-48541",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48541"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-0596",
"trust": 3.8
},
{
"db": "SECTRACK",
"id": "1025033",
"trust": 2.0
},
{
"db": "VUPEN",
"id": "ADV-2011-0337",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "43470",
"trust": 1.3
},
{
"db": "BID",
"id": "46218",
"trust": 1.3
},
{
"db": "ZDI",
"id": "ZDI-11-071",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2011-0492",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "43207",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001208",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-972",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201102-139",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "98279",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-48541",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2011-0596",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99246",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-074",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-070",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-066",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-067",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-077",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-073",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-072",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-065",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-068",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-075",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-069",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98320",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109194",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-071"
},
{
"db": "VULHUB",
"id": "VHN-48541"
},
{
"db": "VULMON",
"id": "CVE-2011-0596"
},
{
"db": "BID",
"id": "46218"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001208"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98279"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-139"
},
{
"db": "NVD",
"id": "CVE-2011-0596"
}
]
},
"id": "VAR-201102-0068",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48541"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:29:16.947000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-03",
"trust": 1.5,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"title": "cpsid_89065",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/890/cpsid_89065.html"
},
{
"title": "RHSA-2011:0301",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2011-0301.html"
},
{
"title": "Adobe Reader 10.0.1 update - Tier 1 languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38487"
},
{
"title": "Adobe Acrobat 9.4.2 Pro Extended update - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38491"
},
{
"title": "Adobe Reader MUI 10.0.1 update - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38486"
},
{
"title": "Adobe Reader MUI 9.4.2 update - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38490"
},
{
"title": "Adobe Acrobat 9.4.2 Pro update - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38494"
},
{
"title": "Adobe Reader 10.0.1 update - Tier 2 languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38485"
},
{
"title": "Adobe Reader 9.4.2 update - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38489"
},
{
"title": "Adobe Acrobat 10.0.1 Pro update - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38493"
},
{
"title": "Adobe Reader 10.0.1 update - Tier 3 languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38484"
},
{
"title": "Adobe Reader 10.0.1 update - Tier 4 languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38488"
},
{
"title": "Adobe Acrobat 3D 8.2.6 update - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38492"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/0xCyberY/CVE-T4PDF "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-071"
},
{
"db": "VULMON",
"id": "CVE-2011-0596"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001208"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-139"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48541"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001208"
},
{
"db": "NVD",
"id": "CVE-2011-0596"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"trust": 2.0,
"url": "http://www.securitytracker.com/id?1025033"
},
{
"trust": 2.0,
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11921"
},
{
"trust": 1.2,
"url": "http://www.redhat.com/support/errata/rhsa-2011-0301.html"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/43470"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2011/0492"
},
{
"trust": 0.9,
"url": "http://www.securityfocus.com/bid/46218"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0596"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2011/at110004.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0596"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/43207"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.4,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-071/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "/archive/1/516313"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/vim/section_179/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/0xcybery/cve-t4pdf"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/#comments"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-0301.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43470"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
},
{
"trust": 0.1,
"url": "http://vreugdenhilresearch.nl"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://twitter.com/thezdi"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-071"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-066/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-068/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/#comments"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-065/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-072/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-073/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-069/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-075/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-070/"
},
{
"trust": 0.1,
"url": "http://www.fortiguard.com/advisory/fga-2011-06.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-077/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-067/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-074/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-071"
},
{
"db": "VULHUB",
"id": "VHN-48541"
},
{
"db": "VULMON",
"id": "CVE-2011-0596"
},
{
"db": "BID",
"id": "46218"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001208"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98279"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-139"
},
{
"db": "NVD",
"id": "CVE-2011-0596"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-11-071"
},
{
"db": "VULHUB",
"id": "VHN-48541"
},
{
"db": "VULMON",
"id": "CVE-2011-0596"
},
{
"db": "BID",
"id": "46218"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001208"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98279"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-139"
},
{
"db": "NVD",
"id": "CVE-2011-0596"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-08T00:00:00",
"db": "ZDI",
"id": "ZDI-11-071"
},
{
"date": "2011-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-48541"
},
{
"date": "2011-02-10T00:00:00",
"db": "VULMON",
"id": "CVE-2011-0596"
},
{
"date": "2011-02-08T00:00:00",
"db": "BID",
"id": "46218"
},
{
"date": "2011-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001208"
},
{
"date": "2011-03-14T11:37:12",
"db": "PACKETSTORM",
"id": "99246"
},
{
"date": "2011-02-08T22:28:57",
"db": "PACKETSTORM",
"id": "98279"
},
{
"date": "2011-02-09T03:30:01",
"db": "PACKETSTORM",
"id": "98320"
},
{
"date": "2012-01-31T00:07:37",
"db": "PACKETSTORM",
"id": "109194"
},
{
"date": "2011-02-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-139"
},
{
"date": "2011-02-10T18:00:58.677000",
"db": "NVD",
"id": "CVE-2011-0596"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-08T00:00:00",
"db": "ZDI",
"id": "ZDI-11-071"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-48541"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2011-0596"
},
{
"date": "2015-03-19T08:08:00",
"db": "BID",
"id": "46218"
},
{
"date": "2011-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001208"
},
{
"date": "2011-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-139"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2011-0596"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "98279"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-139"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001208"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-139"
}
],
"trust": 0.6
}
}
var-201106-0030
Vulnerability from variot
Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X do not properly restrict script, which allows attackers to execute arbitrary code via a crafted document, related to a "cross document script execution vulnerability.". Adobe Reader and Acrobat are prone to an unspecified cross-domain scripting vulnerability. Adobe Reader and Acrobat versions prior to 10.1 are affected. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA11-166A
Adobe Updates for Multiple Vulnerabilities
Original release date: June 15, 2011 Last revised: -- Source: US-CERT
Systems Affected
* Adobe Reader X (10.0.1) and earlier 10.x versions for Windows
* Adobe Reader X (10.0.3) and earlier 10.x versions for Macintosh
* Adobe Reader 9.4.3 and earlier 9.x versions for Windows and Macintosh
* Adobe Reader 8.2.6 and earlier 8.x versions for Windows and Macintosh
* Adobe Acrobat X (10.0.3) and earlier 10.x versions for Windows and Macintosh
* Adobe Acrobat 9.4.3 and earlier 9.x versions for Windows and Macintosh
* Adobe Acrobat 8.2.6 and earlier 8.x versions for Windows and Macintosh
* Shockwave Player 11.5.9.620 and earlier versions for Windows and Macintosh.
Adobe has released Security Bulletin APSB11-17, which describes multiple vulnerabilities affecting Adobe Shockwave Player.
Adobe has released Security Bulletin APSB11-18, which describes multiple vulnerabilities affecting Adobe Flash Player.
I.
An attacker could exploit these vulnerabilities by convincing a user to open a specially crafted PDF file. The Adobe Reader browser plug-in, which can automatically open PDF documents hosted on a website, is available for multiple web browsers and operating systems.
Adobe Security Bulletin APSB11-17 describes a number of vulnerabilities affecting Adobe Shockwave Player. These vulnerabilities affect Shockwave Player 11.5.9.620 and earlier versions.
An attacker could exploit this vulnerability by convincing a user to open specially crafted Shockwave content. Shockwave content is commonly hosted on a web page, but it can also be embedded in PDF and other documents or provided as a stand-alone file.
Adobe Security Bulletin APSB11-18 describes a number of vulnerabilities affecting Adobe Flash Player. These vulnerabilities affect Flash Player 10.3.181.23 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems. These vulnerabilities also affect Flash Player 10.3.185.23 and earlier versions for Android.
An attacker could exploit this vulnerability by convincing a user to open specially crafted Flash content. Flash content is commonly hosted on a web page, but it can also be embedded in PDF and other documents or provided as a stand-alone file.
II. Impact
These vulnerabilities could allow a remote attacker to execute arbitrary code, write arbitrary files or folders to the file system, escalate local privileges, or cause a denial of service on an affected system as the result of a user opening a malicious PDF file.
III. Solution
Update Reader
Adobe has released updates to address this issue.
Update Adobe Shockwave Player
Adobe has released updates to address this issue. Users are encouraged to read Adobe Security Bulletin APSB11-17 and update vulnerable versions of Adobe Shockwave Player.
Update Adobe Flash Player
Adobe has released updates to address this issue. Users are encouraged to read Adobe Security Bulletin APSB11-18 and update vulnerable versions of Adobe Adobe Flash Player.
Disable Flash in your web browser
Uninstall Flash or restrict which sites are allowed to run Flash. To the extent possible, only run trusted Flash content on trusted domains. For more information, see Securing Your Web Browser.
Disable Flash in Adobe Reader and Acrobat
Disabling Flash in Adobe Reader will mitigate attacks that rely on Flash content embedded in a PDF file. Disabling 3D & Multimedia support does not directly address the vulnerability, but it does provide additional mitigation and results in a more user-friendly error message instead of a crash. To disable Flash and 3D & Multimedia support in Adobe Reader 9, delete, rename, or remove access to these files:
Microsoft Windows "%ProgramFiles%\Adobe\Reader 9.0\Reader\authplay.dll" "%ProgramFiles%\Adobe\Reader 9.0\Reader\rt3d.dll"
Apple Mac OS X "/Applications/Adobe Reader 9/Adobe Reader.app/Contents/Frameworks/AuthPlayLib.bundle" "/Applications/Adobe Reader 9/Adobe Reader.app/Contents/Frameworks/Adobe3D.framework"
GNU/Linux (locations may vary among distributions) "/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so" "/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so"
File locations may be different for Adobe Acrobat or other Adobe products that include Flash and 3D & Multimedia support. Disabling these plugins will reduce functionality and will not protect against Flash content hosted on websites. Depending on the update schedule for products other than Flash Player, consider leaving Flash and 3D & Multimedia support disabled unless they are absolutely required. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Adobe provides a framework to blacklist specific JavaScipt APIs. If JavaScript must be enabled, this feature may be useful when specific APIs are known to be vulnerable or used in attacks.
Prevent Internet Explorer from automatically opening PDF files
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7] "EditFlags"=hex:00,00,00,00
Disable the display of PDF files in the web browser
Preventing PDF files from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF files from automatically being opened in a web browser, do the following:
- Open the Edit menu.
- Choose the Preferences option.
- Choose the Internet section.
- Uncheck the "Display PDF in browser" checkbox.
Do not access PDF files from untrusted sources
Do not open unfamiliar or unexpected PDF files, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. References
-
Security update available for Adobe Reader and Acrobat - http://www.adobe.com/support/security/bulletins/apsb11-16.html
-
Adobe Reader and Acrobat JavaScript Blacklist Framework - http://kb2.adobe.com/cps/504/cpsid_50431.html
-
Security update available for Adobe Flash Player - http://www.adobe.com/support/security/bulletins/apsb11-18.html
-
Security update available for Adobe Shockwave Player - http://www.adobe.com/support/security/bulletins/apsb11-17.html
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA11-166A.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA11-166A Feedback" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2011 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
June 15, 2011: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBTfjkdz6pPKYJORa3AQL96Af/bfXjpbygssCruFOpIPCRkp2YprLJLjjc D+ydEKvBTLYUqm5QgUD99bKwcUjQvwbZRuQDM2hhb49+TeTQPWR3gKvSqasviAC9 wu73HEw6I5ystOW/v0m+IglgbQH6qBr1VdycxOQf3z63sWbt4XafBpbY3t4klcfj Wc9ysRAY0RbInH5oyxJrOZz68OFUJj+ZsJw7wvnC3kgd3r6Q92nEM0cAiuNxmk0l 4g+HR0LuQRrgurAiX/zdAylByhOVmzBAqHhPk9pEdlf6XgEAhu/nSHrPa9jD+YKh DtDSf9ETAnsqjY7zjP1RdgjcUU1HbzU1Egs3LOy33zfHEzKZZJe2QA== =p3nZ -----END PGP SIGNATURE----- . ----------------------------------------------------------------------
Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA43269
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43269/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43269
RELEASE DATE: 2011-06-16
DISCUSS ADVISORY: http://secunia.com/advisories/43269/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43269/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43269
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader / Acrobat, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, bypass certain security restrictions, and compromise a user's system.
1) An error in 3difr.x3d due to the component trusting the provided string length when processing certain files can be exploited to cause a stack-based buffer overflow.
2) An error in tesselate.x3d due to the component trusting the provided string length when processing certain files can be exploited to cause a stack-based buffer overflow.
3) An unspecified error can be exploited to cause a heap-based buffer overflow.
4) An integer overflow error in ACE.dll when parsing the "desc" ICC chunk can be exploited to corrupt memory via a specially crafted PDF file.
5) An unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to corrupt memory.
7) An error due to the application loading certain unspecified libraries in an insecure manner can be exploited to load arbitrary libraries by tricking a user into e.g. opening a file located on a remote WebDAV or SMB share.
9) An unspecified error can be exploited to bypass certain security restrictions.
10) An unspecified error can be exploited to corrupt memory.
11) An unspecified error can be exploited to corrupt memory.
12) An unspecified error can be exploited to corrupt memory.
13) An unspecified error can be exploited to corrupt memory.
SOLUTION: Apply updates (please see the vendor's advisory for details).
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1, 2) An anonymous person via ZDI. 4) Secunia Research.
The vendor also credits: 3, 6) Tarjei Mandt, Norman. 5) Rodrigo Rubira Branco. 7) Mila Parkour. 8) Billy Rios, Google Security Team. 9) Christian Navarrete, CubilFelino Security Research Lab. 10) Tavis Ormandy, Google Security Team. 11) Brett Gervasoni, Sense of Security. 12) Will Dormann, CERT/CC. 13) James Quirk, Los Alamos, New Mexico.
ORIGINAL ADVISORY: Adobe (APSB11-16): http://www.adobe.com/support/security/bulletins/apsb11-16.html
Secunia Research: http://secunia.com/secunia_research/2011-41/
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-218/ http://www.zerodayinitiative.com/advisories/ZDI-11-219/
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201106-0030",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2.6 for windows and macintosh"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.4 for windows and macintosh"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0.3) for windows and macintosh"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2.6 for windows and macintosh"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.4 for windows and macintosh"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0.1) for windows"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0.3) for macintosh"
},
{
"model": "turbolinux client",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2008"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
}
],
"sources": [
{
"db": "BID",
"id": "48255"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001786"
},
{
"db": "CNNVD",
"id": "CNNVD-201106-147"
},
{
"db": "NVD",
"id": "CVE-2011-2101"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_client",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001786"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Billy Rios from the Google Security Team",
"sources": [
{
"db": "BID",
"id": "48255"
},
{
"db": "CNNVD",
"id": "CNNVD-201106-147"
}
],
"trust": 0.9
},
"cve": "CVE-2011-2101",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2011-2101",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-50046",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-2101",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-2101",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201106-147",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-50046",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50046"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001786"
},
{
"db": "CNNVD",
"id": "CNNVD-201106-147"
},
{
"db": "NVD",
"id": "CVE-2011-2101"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X do not properly restrict script, which allows attackers to execute arbitrary code via a crafted document, related to a \"cross document script execution vulnerability.\". Adobe Reader and Acrobat are prone to an unspecified cross-domain scripting vulnerability. \nAdobe Reader and Acrobat versions prior to 10.1 are affected. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n National Cyber Alert System\n\n Technical Cyber Security Alert TA11-166A\n\n\nAdobe Updates for Multiple Vulnerabilities\n\n Original release date: June 15, 2011\n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n * Adobe Reader X (10.0.1) and earlier 10.x versions for Windows\n * Adobe Reader X (10.0.3) and earlier 10.x versions for Macintosh\n * Adobe Reader 9.4.3 and earlier 9.x versions for Windows and Macintosh\n * Adobe Reader 8.2.6 and earlier 8.x versions for Windows and Macintosh\n * Adobe Acrobat X (10.0.3) and earlier 10.x versions for Windows and Macintosh\n * Adobe Acrobat 9.4.3 and earlier 9.x versions for Windows and Macintosh\n * Adobe Acrobat 8.2.6 and earlier 8.x versions for Windows and Macintosh\n * Shockwave Player 11.5.9.620 and earlier versions for Windows and Macintosh. \n\n Adobe has released Security Bulletin APSB11-17, which describes\n multiple vulnerabilities affecting Adobe Shockwave Player. \n\n Adobe has released Security Bulletin APSB11-18, which describes\n multiple vulnerabilities affecting Adobe Flash Player. \n\n\nI. \n\n An attacker could exploit these vulnerabilities by convincing a\n user to open a specially crafted PDF file. The Adobe Reader browser\n plug-in, which can automatically open PDF documents hosted on a\n website, is available for multiple web browsers and operating\n systems. \n\n Adobe Security Bulletin APSB11-17 describes a number of\n vulnerabilities affecting Adobe Shockwave Player. These\n vulnerabilities affect Shockwave Player 11.5.9.620 and earlier\n versions. \n\n An attacker could exploit this vulnerability by convincing a user\n to open specially crafted Shockwave content. Shockwave content is\n commonly hosted on a web page, but it can also be embedded in PDF\n and other documents or provided as a stand-alone file. \n\n Adobe Security Bulletin APSB11-18 describes a number of\n vulnerabilities affecting Adobe Flash Player. These vulnerabilities\n affect Flash Player 10.3.181.23 and earlier versions for Windows,\n Macintosh, Linux and Solaris operating systems. These\n vulnerabilities also affect Flash Player 10.3.185.23 and earlier\n versions for Android. \n\n An attacker could exploit this vulnerability by convincing a user\n to open specially crafted Flash content. Flash content is commonly\n hosted on a web page, but it can also be embedded in PDF and other\n documents or provided as a stand-alone file. \n\n\nII. Impact\n\n These vulnerabilities could allow a remote attacker to execute\n arbitrary code, write arbitrary files or folders to the file\n system, escalate local privileges, or cause a denial of service on\n an affected system as the result of a user opening a malicious PDF\n file. \n\n\nIII. Solution\n\n Update Reader\n\n Adobe has released updates to address this issue. \n\n Update Adobe Shockwave Player\n\n Adobe has released updates to address this issue. Users are\n encouraged to read Adobe Security Bulletin APSB11-17 and update\n vulnerable versions of Adobe Shockwave Player. \n\n Update Adobe Flash Player\n\n Adobe has released updates to address this issue. Users are\n encouraged to read Adobe Security Bulletin APSB11-18 and update\n vulnerable versions of Adobe Adobe Flash Player. \n\n Disable Flash in your web browser\n\n Uninstall Flash or restrict which sites are allowed to run Flash. \n To the extent possible, only run trusted Flash content on trusted\n domains. For more information, see Securing Your Web Browser. \n\n Disable Flash in Adobe Reader and Acrobat\n\n Disabling Flash in Adobe Reader will mitigate attacks that rely on\n Flash content embedded in a PDF file. Disabling 3D \u0026 Multimedia\n support does not directly address the vulnerability, but it does\n provide additional mitigation and results in a more user-friendly\n error message instead of a crash. To disable Flash and 3D \u0026\n Multimedia support in Adobe Reader 9, delete, rename, or remove\n access to these files:\n\n Microsoft Windows\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\authplay.dll\"\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\rt3d.dll\"\n\n Apple Mac OS X\n \"/Applications/Adobe Reader 9/Adobe Reader.app/Contents/Frameworks/AuthPlayLib.bundle\"\n \"/Applications/Adobe Reader 9/Adobe Reader.app/Contents/Frameworks/Adobe3D.framework\"\n\n GNU/Linux (locations may vary among distributions)\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so\"\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so\"\n\n File locations may be different for Adobe Acrobat or other Adobe\n products that include Flash and 3D \u0026 Multimedia support. Disabling\n these plugins will reduce functionality and will not protect\n against Flash content hosted on websites. Depending on the update\n schedule for products other than Flash Player, consider leaving\n Flash and 3D \u0026 Multimedia support disabled unless they are\n absolutely required. Acrobat JavaScript can be disabled using the\n Preferences menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable\n Acrobat JavaScript). \n\n Adobe provides a framework to blacklist specific JavaScipt APIs. If\n JavaScript must be enabled, this feature may be useful when\n specific APIs are known to be vulnerable or used in attacks. \n\n Prevent Internet Explorer from automatically opening PDF files\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF files in the web browser\n\n Preventing PDF files from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF files from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. \n\n Do not access PDF files from untrusted sources\n\n Do not open unfamiliar or unexpected PDF files, particularly those\n hosted on websites or delivered as email attachments. Please see\n Cyber Security Tip ST04-010. \n\n\nIV. References\n\n * Security update available for Adobe Reader and Acrobat -\n \u003chttp://www.adobe.com/support/security/bulletins/apsb11-16.html\u003e\n\n * Adobe Reader and Acrobat JavaScript Blacklist Framework -\n \u003chttp://kb2.adobe.com/cps/504/cpsid_50431.html\u003e\n\n * Security update available for Adobe Flash Player -\n \u003chttp://www.adobe.com/support/security/bulletins/apsb11-18.html\u003e\n\n * Security update available for Adobe Shockwave Player -\n \u003chttp://www.adobe.com/support/security/bulletins/apsb11-17.html\u003e\n\n ____________________________________________________________________\n\n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA11-166A.html\u003e\n ____________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA11-166A Feedback\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2011 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n June 15, 2011: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBTfjkdz6pPKYJORa3AQL96Af/bfXjpbygssCruFOpIPCRkp2YprLJLjjc\nD+ydEKvBTLYUqm5QgUD99bKwcUjQvwbZRuQDM2hhb49+TeTQPWR3gKvSqasviAC9\nwu73HEw6I5ystOW/v0m+IglgbQH6qBr1VdycxOQf3z63sWbt4XafBpbY3t4klcfj\nWc9ysRAY0RbInH5oyxJrOZz68OFUJj+ZsJw7wvnC3kgd3r6Q92nEM0cAiuNxmk0l\n4g+HR0LuQRrgurAiX/zdAylByhOVmzBAqHhPk9pEdlf6XgEAhu/nSHrPa9jD+YKh\nDtDSf9ETAnsqjY7zjP1RdgjcUU1HbzU1Egs3LOy33zfHEzKZZJe2QA==\n=p3nZ\n-----END PGP SIGNATURE-----\n. ----------------------------------------------------------------------\n\n\nJoin Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria\nSee to the presentation \"The Dynamics and Threats of End-Point Software Portfolios\" by Secunia\u0027s Research Analyst Director, Stefan Frei. \nRead more:\nhttp://conference.first.org/ \n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA43269\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43269/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43269\n\nRELEASE DATE:\n2011-06-16\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43269/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43269/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43269\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader /\nAcrobat, which can be exploited by malicious people to conduct\ncross-site scripting attacks, disclose potentially sensitive\ninformation, bypass certain security restrictions, and compromise a\nuser\u0027s system. \n\n1) An error in 3difr.x3d due to the component trusting the provided\nstring length when processing certain files can be exploited to cause\na stack-based buffer overflow. \n\n2) An error in tesselate.x3d due to the component trusting the\nprovided string length when processing certain files can be exploited\nto cause a stack-based buffer overflow. \n\n3) An unspecified error can be exploited to cause a heap-based buffer\noverflow. \n\n4) An integer overflow error in ACE.dll when parsing the \"desc\" ICC\nchunk can be exploited to corrupt memory via a specially crafted PDF\nfile. \n\n5) An unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to corrupt memory. \n\n7) An error due to the application loading certain unspecified\nlibraries in an insecure manner can be exploited to load arbitrary\nlibraries by tricking a user into e.g. opening a file located on a\nremote WebDAV or SMB share. \n\n9) An unspecified error can be exploited to bypass certain security\nrestrictions. \n\n10) An unspecified error can be exploited to corrupt memory. \n\n11) An unspecified error can be exploited to corrupt memory. \n\n12) An unspecified error can be exploited to corrupt memory. \n\n13) An unspecified error can be exploited to corrupt memory. \n\nSOLUTION:\nApply updates (please see the vendor\u0027s advisory for details). \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1, 2) An anonymous person via ZDI. \n4) Secunia Research. \n\nThe vendor also credits:\n3, 6) Tarjei Mandt, Norman. \n5) Rodrigo Rubira Branco. \n7) Mila Parkour. \n8) Billy Rios, Google Security Team. \n9) Christian Navarrete, CubilFelino Security Research Lab. \n10) Tavis Ormandy, Google Security Team. \n11) Brett Gervasoni, Sense of Security. \n12) Will Dormann, CERT/CC. \n13) James Quirk, Los Alamos, New Mexico. \n\nORIGINAL ADVISORY:\nAdobe (APSB11-16):\nhttp://www.adobe.com/support/security/bulletins/apsb11-16.html\n\nSecunia Research:\nhttp://secunia.com/secunia_research/2011-41/\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-218/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-219/\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2101"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001786"
},
{
"db": "BID",
"id": "48255"
},
{
"db": "VULHUB",
"id": "VHN-50046"
},
{
"db": "PACKETSTORM",
"id": "102327"
},
{
"db": "PACKETSTORM",
"id": "102309"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "48255",
"trust": 2.8
},
{
"db": "NVD",
"id": "CVE-2011-2101",
"trust": 2.8
},
{
"db": "USCERT",
"id": "TA11-166A",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1025658",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "43269",
"trust": 1.6
},
{
"db": "OSVDB",
"id": "73063",
"trust": 1.1
},
{
"db": "USCERT",
"id": "SA11-166A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001786",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201106-147",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "17026",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-50046",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "102327",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-218",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-219",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "102309",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50046"
},
{
"db": "BID",
"id": "48255"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001786"
},
{
"db": "PACKETSTORM",
"id": "102327"
},
{
"db": "PACKETSTORM",
"id": "102309"
},
{
"db": "CNNVD",
"id": "CNNVD-201106-147"
},
{
"db": "NVD",
"id": "CVE-2011-2101"
}
]
},
"id": "VAR-201106-0030",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-50046"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:52:50.944000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-16",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-16.html"
},
{
"title": "APSB11-16 (cpsid_90735)",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/907/cpsid_90735.html"
},
{
"title": "APSB11-16",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb11-16.html"
},
{
"title": "TLSA-2011-20",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-20j.txt"
},
{
"title": "TA11-166A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta11-166a.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001786"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50046"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001786"
},
{
"db": "NVD",
"id": "CVE-2011-2101"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/48255"
},
{
"trust": 2.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-16.html"
},
{
"trust": 1.9,
"url": "http://www.us-cert.gov/cas/techalerts/ta11-166a.html"
},
{
"trust": 1.4,
"url": "http://secunia.com/advisories/43269"
},
{
"trust": 1.1,
"url": "http://osvdb.org/73063"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a13919"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1025658"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68015"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2101"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2011/at110017.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta11-166a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2101"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id/1025658"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa11-166a.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/17026"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-17.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta11-166a.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-18.html\u003e"
},
{
"trust": 0.1,
"url": "http://kb2.adobe.com/cps/504/cpsid_50431.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-16.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43269/"
},
{
"trust": 0.1,
"url": "http://conference.first.org/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43269/#comments"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-218/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-219/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_research/2011-41/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43269"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50046"
},
{
"db": "BID",
"id": "48255"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001786"
},
{
"db": "PACKETSTORM",
"id": "102327"
},
{
"db": "PACKETSTORM",
"id": "102309"
},
{
"db": "CNNVD",
"id": "CNNVD-201106-147"
},
{
"db": "NVD",
"id": "CVE-2011-2101"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-50046"
},
{
"db": "BID",
"id": "48255"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001786"
},
{
"db": "PACKETSTORM",
"id": "102327"
},
{
"db": "PACKETSTORM",
"id": "102309"
},
{
"db": "CNNVD",
"id": "CNNVD-201106-147"
},
{
"db": "NVD",
"id": "CVE-2011-2101"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-06-16T00:00:00",
"db": "VULHUB",
"id": "VHN-50046"
},
{
"date": "2011-06-14T00:00:00",
"db": "BID",
"id": "48255"
},
{
"date": "2011-06-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001786"
},
{
"date": "2011-06-16T10:27:51",
"db": "PACKETSTORM",
"id": "102327"
},
{
"date": "2011-06-16T02:14:44",
"db": "PACKETSTORM",
"id": "102309"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201106-147"
},
{
"date": "2011-06-16T23:55:01.837000",
"db": "NVD",
"id": "CVE-2011-2101"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-50046"
},
{
"date": "2013-06-20T09:38:00",
"db": "BID",
"id": "48255"
},
{
"date": "2011-06-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001786"
},
{
"date": "2011-06-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201106-147"
},
{
"date": "2017-09-19T01:32:53.630000",
"db": "NVD",
"id": "CVE-2011-2101"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201106-147"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001786"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201106-147"
}
],
"trust": 0.6
}
}
var-201510-0347
Vulnerability from variot
Heap-based buffer overflow in the AcroForm implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-6696. This vulnerability CVE-2015-6696 and CVE-2015-8458 Is a different vulnerability.An attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within AcroForm. A specially crafted form can force Adobe Reader DC to write past the end of an allocated object. Adobe Acrobat and Reader are prone to multiple unspecified heap-buffer-overflow vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0347",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-476"
},
{
"db": "BID",
"id": "77068"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005255"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-211"
},
{
"db": "NVD",
"id": "CVE-2015-6698"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005255"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jaanus Kp Clarified Security",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-476"
}
],
"trust": 0.7
},
"cve": "CVE-2015-6698",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6698",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.7,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-6698",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84659",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6698",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6698",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-6698",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-211",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-84659",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-476"
},
{
"db": "VULHUB",
"id": "VHN-84659"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005255"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-211"
},
{
"db": "NVD",
"id": "CVE-2015-6698"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in the AcroForm implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-6696. This vulnerability CVE-2015-6696 and CVE-2015-8458 Is a different vulnerability.An attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within AcroForm. A specially crafted form can force Adobe Reader DC to write past the end of an allocated object. Adobe Acrobat and Reader are prone to multiple unspecified heap-buffer-overflow vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6698"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005255"
},
{
"db": "ZDI",
"id": "ZDI-15-476"
},
{
"db": "BID",
"id": "77068"
},
{
"db": "VULHUB",
"id": "VHN-84659"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6698",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-476",
"trust": 2.4
},
{
"db": "BID",
"id": "77068",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005255",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3044",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-211",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-84659",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-476"
},
{
"db": "VULHUB",
"id": "VHN-84659"
},
{
"db": "BID",
"id": "77068"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005255"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-211"
},
{
"db": "NVD",
"id": "CVE-2015-6698"
}
]
},
"id": "VAR-201510-0347",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84659"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:37.150000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product-based patch-based buffer overflow vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58060"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-476"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005255"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-211"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84659"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005255"
},
{
"db": "NVD",
"id": "CVE-2015-6698"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/77068"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-476"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6698"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6698"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-476"
},
{
"db": "VULHUB",
"id": "VHN-84659"
},
{
"db": "BID",
"id": "77068"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005255"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-211"
},
{
"db": "NVD",
"id": "CVE-2015-6698"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-476"
},
{
"db": "VULHUB",
"id": "VHN-84659"
},
{
"db": "BID",
"id": "77068"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005255"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-211"
},
{
"db": "NVD",
"id": "CVE-2015-6698"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-476"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84659"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77068"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005255"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-211"
},
{
"date": "2015-10-14T23:59:20.393000",
"db": "NVD",
"id": "CVE-2015-6698"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-476"
},
{
"date": "2020-05-18T00:00:00",
"db": "VULHUB",
"id": "VHN-84659"
},
{
"date": "2015-12-07T22:23:00",
"db": "BID",
"id": "77068"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005255"
},
{
"date": "2020-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-211"
},
{
"date": "2021-09-08T17:19:31.800000",
"db": "NVD",
"id": "CVE-2015-6698"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-211"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of AcroForm Implementation of heap-based buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005255"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-211"
}
],
"trust": 0.6
}
}
var-201505-0414
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to cause a denial of service (NULL pointer dereference) via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-476: NULL Pointer Dereference (NULL Pointer dereference ) Has been identified. http://cwe.mitre.org/data/definitions/476.htmlDenial of service by attacker (NULL Pointer dereference ) There is a possibility of being put into a state. Adobe Acrobat and Reader are prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to cause the denial-of-service condition. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. An attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service (memory corruption). The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201505-0414",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
}
],
"sources": [
{
"db": "BID",
"id": "74601"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002625"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-160"
},
{
"db": "NVD",
"id": "CVE-2015-3047"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002625"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wei Lei, as well as Wu Hongjun and Wang Jing of Nanyang Technological University",
"sources": [
{
"db": "BID",
"id": "74601"
}
],
"trust": 0.3
},
"cve": "CVE-2015-3047",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3047",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-81008",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3047",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-3047",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-160",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-81008",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81008"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002625"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-160"
},
{
"db": "NVD",
"id": "CVE-2015-3047"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to cause a denial of service (NULL pointer dereference) via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-476: NULL Pointer Dereference (NULL Pointer dereference ) Has been identified. http://cwe.mitre.org/data/definitions/476.htmlDenial of service by attacker (NULL Pointer dereference ) There is a possibility of being put into a state. Adobe Acrobat and Reader are prone to a remote denial-of-service vulnerability. \nAttackers can exploit this issue to cause the denial-of-service condition. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. An attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service (memory corruption). The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3047"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002625"
},
{
"db": "BID",
"id": "74601"
},
{
"db": "VULHUB",
"id": "VHN-81008"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3047",
"trust": 2.8
},
{
"db": "BID",
"id": "74601",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1032284",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002625",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201505-160",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-81008",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81008"
},
{
"db": "BID",
"id": "74601"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002625"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-160"
},
{
"db": "NVD",
"id": "CVE-2015-3047"
}
]
},
"id": "VAR-201505-0414",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81008"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:34:06.962000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb15-10.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150514.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002625"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002625"
},
{
"db": "NVD",
"id": "CVE-2015-3047"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/74601"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032284"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3047"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150513-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3047"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=16279"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/reader/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81008"
},
{
"db": "BID",
"id": "74601"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002625"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-160"
},
{
"db": "NVD",
"id": "CVE-2015-3047"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-81008"
},
{
"db": "BID",
"id": "74601"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002625"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-160"
},
{
"db": "NVD",
"id": "CVE-2015-3047"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-81008"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74601"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002625"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-160"
},
{
"date": "2015-05-13T10:59:44.120000",
"db": "NVD",
"id": "CVE-2015-3047"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-03T00:00:00",
"db": "VULHUB",
"id": "VHN-81008"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74601"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002625"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-160"
},
{
"date": "2017-01-03T20:03:30.573000",
"db": "NVD",
"id": "CVE-2015-3047"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-160"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002625"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "74601"
}
],
"trust": 0.3
}
}
var-201510-0047
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-6685, CVE-2015-6686, CVE-2015-6693, CVE-2015-6694, and CVE-2015-6695. This vulnerability CVE-2015-6685 , CVE-2015-6686 , CVE-2015-6693 , CVE-2015-6694 , CVE-2015-6695 ,and CVE-2015-7650 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Adobe Acrobat and Reader are prone to multiple memory-corruption vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. Security flaws exist in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0047",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "77069"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005285"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-247"
},
{
"db": "NVD",
"id": "CVE-2015-7622"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005285"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri of HP Zero Day Initiative, Brian Gorenc of HP Zero Day Initiative and Francis Provencher from COSIG.",
"sources": [
{
"db": "BID",
"id": "77069"
}
],
"trust": 0.3
},
"cve": "CVE-2015-7622",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-7622",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-85583",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-7622",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-7622",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-247",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-85583",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-7622",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85583"
},
{
"db": "VULMON",
"id": "CVE-2015-7622"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005285"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-247"
},
{
"db": "NVD",
"id": "CVE-2015-7622"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-6685, CVE-2015-6686, CVE-2015-6693, CVE-2015-6694, and CVE-2015-6695. This vulnerability CVE-2015-6685 , CVE-2015-6686 , CVE-2015-6693 , CVE-2015-6694 , CVE-2015-6695 ,and CVE-2015-7650 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Adobe Acrobat and Reader are prone to multiple memory-corruption vulnerabilities. \nAttackers can exploit these issues to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. Security flaws exist in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7622"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005285"
},
{
"db": "BID",
"id": "77069"
},
{
"db": "VULHUB",
"id": "VHN-85583"
},
{
"db": "VULMON",
"id": "CVE-2015-7622"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-85583",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=38787",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85583"
},
{
"db": "VULMON",
"id": "CVE-2015-7622"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-7622",
"trust": 2.9
},
{
"db": "EXPLOIT-DB",
"id": "38787",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005285",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201510-247",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-15-471",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-466",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-472",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-467",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-473",
"trust": 0.3
},
{
"db": "BID",
"id": "77069",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-85583",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-7622",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85583"
},
{
"db": "VULMON",
"id": "CVE-2015-7622"
},
{
"db": "BID",
"id": "77069"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005285"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-247"
},
{
"db": "NVD",
"id": "CVE-2015-7622"
}
]
},
"id": "VAR-201510-0047",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-85583"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:31.663000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product Buffer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58096"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005285"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-247"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85583"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005285"
},
{
"db": "NVD",
"id": "CVE-2015-7622"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.9,
"url": "https://www.exploit-db.com/exploits/38787/"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7622"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7622"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-467/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-466/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-473/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-471/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-472/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.rapid7.com/db/vulnerabilities/adobe-reader-apsb15-24-cve-2015-6686"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=41495"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85583"
},
{
"db": "VULMON",
"id": "CVE-2015-7622"
},
{
"db": "BID",
"id": "77069"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005285"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-247"
},
{
"db": "NVD",
"id": "CVE-2015-7622"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-85583"
},
{
"db": "VULMON",
"id": "CVE-2015-7622"
},
{
"db": "BID",
"id": "77069"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005285"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-247"
},
{
"db": "NVD",
"id": "CVE-2015-7622"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-85583"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULMON",
"id": "CVE-2015-7622"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77069"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005285"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-247"
},
{
"date": "2015-10-14T23:59:55.793000",
"db": "NVD",
"id": "CVE-2015-7622"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-19T00:00:00",
"db": "VULHUB",
"id": "VHN-85583"
},
{
"date": "2020-05-19T00:00:00",
"db": "VULMON",
"id": "CVE-2015-7622"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77069"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005285"
},
{
"date": "2020-05-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-247"
},
{
"date": "2021-09-08T17:19:32.660000",
"db": "NVD",
"id": "CVE-2015-7622"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-247"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005285"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-247"
}
],
"trust": 0.6
}
}
var-201510-0354
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2015-5583, CVE-2015-6706, and CVE-2015-7624. This vulnerability CVE-2015-5583 , CVE-2015-6706 ,and CVE-2015-7624 Is a different vulnerability.An attacker could bypass access restrictions and obtain important information. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Security flaws exist in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0354",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "BID",
"id": "77070"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005262"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-218"
},
{
"db": "NVD",
"id": "CVE-2015-6705"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005262"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Joel Brewer, Alex Inf\u00fchr of Cure53.de, AbdulAziz Hariri and Jasiel Spelman of HP Zero Day Initiative",
"sources": [
{
"db": "BID",
"id": "77070"
}
],
"trust": 0.3
},
"cve": "CVE-2015-6705",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-6705",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-84666",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6705",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6705",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-218",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-84666",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84666"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005262"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-218"
},
{
"db": "NVD",
"id": "CVE-2015-6705"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2015-5583, CVE-2015-6706, and CVE-2015-7624. This vulnerability CVE-2015-5583 , CVE-2015-6706 ,and CVE-2015-7624 Is a different vulnerability.An attacker could bypass access restrictions and obtain important information. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Security flaws exist in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6705"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005262"
},
{
"db": "BID",
"id": "77070"
},
{
"db": "VULHUB",
"id": "VHN-84666"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6705",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005262",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201510-218",
"trust": 0.7
},
{
"db": "BID",
"id": "77070",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84666",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84666"
},
{
"db": "BID",
"id": "77070"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005262"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-218"
},
{
"db": "NVD",
"id": "CVE-2015-6705"
}
]
},
"id": "VAR-201510-0354",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84666"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:37.343000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58067"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005262"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-218"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84666"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005262"
},
{
"db": "NVD",
"id": "CVE-2015-6705"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6705"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6705"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84666"
},
{
"db": "BID",
"id": "77070"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005262"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-218"
},
{
"db": "NVD",
"id": "CVE-2015-6705"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-84666"
},
{
"db": "BID",
"id": "77070"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005262"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-218"
},
{
"db": "NVD",
"id": "CVE-2015-6705"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84666"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77070"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005262"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-218"
},
{
"date": "2015-10-14T23:59:27.457000",
"db": "NVD",
"id": "CVE-2015-6705"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-84666"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77070"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005262"
},
{
"date": "2020-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-218"
},
{
"date": "2021-09-08T17:19:31.960000",
"db": "NVD",
"id": "CVE-2015-6705"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-218"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to access restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005262"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-218"
}
],
"trust": 0.6
}
}
var-201505-0303
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3046, CVE-2015-3049, CVE-2015-3050, CVE-2015-3052, CVE-2015-3056, CVE-2015-3057, CVE-2015-3070, and CVE-2015-3076. Adobe Reader and Acrobat are prone to multiple memory-corruption vulnerabilities. Failed exploit attempts will likely result in denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201505-0303",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002629"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-164"
},
{
"db": "NVD",
"id": "CVE-2015-3051"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002629"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "instruder of Alibaba Security Research Team, Mateusz Jurczyk of Google Project Zero, Alex Inf\u00fchr of Cure53.de, Mateusz Jurczyk of Google Project Zero and Gynvael Coldwind of Google Security Team, Wei Lei, as well as Wu Hongjun of Nanyang Technological Uni",
"sources": [
{
"db": "BID",
"id": "74600"
}
],
"trust": 0.3
},
"cve": "CVE-2015-3051",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3051",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-81012",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3051",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-3051",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-164",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-81012",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81012"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002629"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-164"
},
{
"db": "NVD",
"id": "CVE-2015-3051"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3046, CVE-2015-3049, CVE-2015-3050, CVE-2015-3052, CVE-2015-3056, CVE-2015-3057, CVE-2015-3070, and CVE-2015-3076. Adobe Reader and Acrobat are prone to multiple memory-corruption vulnerabilities. Failed exploit attempts will likely result in denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3051"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002629"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "VULHUB",
"id": "VHN-81012"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3051",
"trust": 2.8
},
{
"db": "BID",
"id": "74600",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1032284",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002629",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201505-164",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-81012",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81012"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002629"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-164"
},
{
"db": "NVD",
"id": "CVE-2015-3051"
}
]
},
"id": "VAR-201505-0303",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81012"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:34:03.507000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb15-10.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150514.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002629"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81012"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002629"
},
{
"db": "NVD",
"id": "CVE-2015-3051"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/74600"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032284"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3051"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150513-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3051"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=16279"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81012"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002629"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-164"
},
{
"db": "NVD",
"id": "CVE-2015-3051"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-81012"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002629"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-164"
},
{
"db": "NVD",
"id": "CVE-2015-3051"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-81012"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74600"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002629"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-164"
},
{
"date": "2015-05-13T10:59:47.700000",
"db": "NVD",
"id": "CVE-2015-3051"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-03T00:00:00",
"db": "VULHUB",
"id": "VHN-81012"
},
{
"date": "2015-07-15T01:02:00",
"db": "BID",
"id": "74600"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002629"
},
{
"date": "2015-05-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-164"
},
{
"date": "2017-01-03T20:03:51.983000",
"db": "NVD",
"id": "CVE-2015-3051"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-164"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002629"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-164"
}
],
"trust": 0.6
}
}
var-201505-0294
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073, and CVE-2015-3074. This vulnerability CVE-2015-3060 , CVE-2015-3061 , CVE-2015-3062 , CVE-2015-3063 , CVE-2015-3064 , CVE-2015-3065 , CVE-2015-3066 , CVE-2015-3067 , CVE-2015-3069 , CVE-2015-3071 , CVE-2015-3072 , CVE-2015-3073 and CVE-2015-3074 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlBy the attacker, JavaScript API May limit the execution limit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the app.Monitors select method. By creating a specially crafted PDF with specific JavaScript instructions, it is possible to bypass the JavaScript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Reader and Acrobat are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201505-0294",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-202"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002646"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-181"
},
{
"db": "NVD",
"id": "CVE-2015-3068"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002646"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-202"
}
],
"trust": 0.7
},
"cve": "CVE-2015-3068",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3068",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-3068",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-81029",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3068",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-3068",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-3068",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-181",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-81029",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-202"
},
{
"db": "VULHUB",
"id": "VHN-81029"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002646"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-181"
},
{
"db": "NVD",
"id": "CVE-2015-3068"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073, and CVE-2015-3074. This vulnerability CVE-2015-3060 , CVE-2015-3061 , CVE-2015-3062 , CVE-2015-3063 , CVE-2015-3064 , CVE-2015-3065 , CVE-2015-3066 , CVE-2015-3067 , CVE-2015-3069 , CVE-2015-3071 , CVE-2015-3072 , CVE-2015-3073 and CVE-2015-3074 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlBy the attacker, JavaScript API May limit the execution limit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the app.Monitors select method. By creating a specially crafted PDF with specific JavaScript instructions, it is possible to bypass the JavaScript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Reader and Acrobat are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3068"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002646"
},
{
"db": "ZDI",
"id": "ZDI-15-202"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "VULHUB",
"id": "VHN-81029"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3068",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-202",
"trust": 1.8
},
{
"db": "BID",
"id": "74604",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1032284",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002646",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2692",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201505-181",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-81029",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-202"
},
{
"db": "VULHUB",
"id": "VHN-81029"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002646"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-181"
},
{
"db": "NVD",
"id": "CVE-2015-3068"
}
]
},
"id": "VAR-201505-0294",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81029"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:34:02.666000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-10",
"trust": 1.5,
"url": "http://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb15-10.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150514.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-202"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002646"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-284",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81029"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002646"
},
{
"db": "NVD",
"id": "CVE-2015-3068"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/74604"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-202"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032284"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3068"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150513-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3068"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=16279"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-202"
},
{
"db": "VULHUB",
"id": "VHN-81029"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002646"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-181"
},
{
"db": "NVD",
"id": "CVE-2015-3068"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-202"
},
{
"db": "VULHUB",
"id": "VHN-81029"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002646"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-181"
},
{
"db": "NVD",
"id": "CVE-2015-3068"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-202"
},
{
"date": "2015-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-81029"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74604"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002646"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-181"
},
{
"date": "2015-05-13T11:00:03.030000",
"db": "NVD",
"id": "CVE-2015-3068"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-202"
},
{
"date": "2017-01-05T00:00:00",
"db": "VULHUB",
"id": "VHN-81029"
},
{
"date": "2015-05-15T01:17:00",
"db": "BID",
"id": "74604"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002646"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-181"
},
{
"date": "2017-01-05T20:06:13.187000",
"db": "NVD",
"id": "CVE-2015-3068"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-181"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat In JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002646"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "74604"
}
],
"trust": 0.3
}
}
var-201603-0204
Vulnerability from variot
Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.20060 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1007. This vulnerability CVE-2016-1007 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of PDFs. The issue lies in the failure to ensure that indexes are within the bounds of an allocated buffer. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A security vulnerability exists in several Adobe products due to the program not properly initializing gesture properties
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201603-0204",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.14"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.010.20059"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30119"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.010.20059"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30119"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.14"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.15 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30121 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20060 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30121 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20060 (windows/macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.15 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.14"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.010.20059"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.010.20059"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.006.30119"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.006.30119"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.14"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-191"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001700"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-079"
},
{
"db": "NVD",
"id": "CVE-2016-1009"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001700"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jaanus Kp - Clarified Security",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-191"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-079"
}
],
"trust": 1.3
},
"cve": "CVE-2016-1009",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2016-1009",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2016-1009",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-88831",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2016-1009",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-1009",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2016-1009",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2016-1009",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-079",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-88831",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-1009",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-191"
},
{
"db": "VULHUB",
"id": "VHN-88831"
},
{
"db": "VULMON",
"id": "CVE-2016-1009"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001700"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-079"
},
{
"db": "NVD",
"id": "CVE-2016-1009"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.20060 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1007. This vulnerability CVE-2016-1007 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of PDFs. The issue lies in the failure to ensure that indexes are within the bounds of an allocated buffer. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A security vulnerability exists in several Adobe products due to the program not properly initializing gesture properties",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1009"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001700"
},
{
"db": "ZDI",
"id": "ZDI-16-191"
},
{
"db": "VULHUB",
"id": "VHN-88831"
},
{
"db": "VULMON",
"id": "CVE-2016-1009"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-1009",
"trust": 3.3
},
{
"db": "ZDI",
"id": "ZDI-16-191",
"trust": 1.8
},
{
"db": "BID",
"id": "84215",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1035199",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001700",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3253",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201603-079",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-88831",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-1009",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-191"
},
{
"db": "VULHUB",
"id": "VHN-88831"
},
{
"db": "VULMON",
"id": "CVE-2016-1009"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001700"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-079"
},
{
"db": "NVD",
"id": "CVE-2016-1009"
}
]
},
"id": "VAR-201603-0204",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88831"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T14:06:08.226000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-09",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-09.html"
},
{
"title": "APSB16-09",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/acrobat/apsb16-09.html"
},
{
"title": "Multiple Adobe Fixes for product arbitrary code execution vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60439"
},
{
"title": null,
"trust": 0.1,
"url": "https://threatpost.com/adobe-patches-reader-and-acrobat-teases-upcoming-flash-update/116662/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-191"
},
{
"db": "VULMON",
"id": "CVE-2016-1009"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001700"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-079"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88831"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001700"
},
{
"db": "NVD",
"id": "CVE-2016-1009"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-09.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/84215"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-191"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1035199"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1009"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1009"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-191"
},
{
"db": "VULHUB",
"id": "VHN-88831"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001700"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-079"
},
{
"db": "NVD",
"id": "CVE-2016-1009"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-16-191"
},
{
"db": "VULHUB",
"id": "VHN-88831"
},
{
"db": "VULMON",
"id": "CVE-2016-1009"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001700"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-079"
},
{
"db": "NVD",
"id": "CVE-2016-1009"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-08T00:00:00",
"db": "ZDI",
"id": "ZDI-16-191"
},
{
"date": "2016-03-09T00:00:00",
"db": "VULHUB",
"id": "VHN-88831"
},
{
"date": "2016-03-09T00:00:00",
"db": "VULMON",
"id": "CVE-2016-1009"
},
{
"date": "2016-03-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001700"
},
{
"date": "2016-03-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-079"
},
{
"date": "2016-03-09T11:59:39.360000",
"db": "NVD",
"id": "CVE-2016-1009"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-08T00:00:00",
"db": "ZDI",
"id": "ZDI-16-191"
},
{
"date": "2016-12-03T00:00:00",
"db": "VULHUB",
"id": "VHN-88831"
},
{
"date": "2016-12-03T00:00:00",
"db": "VULMON",
"id": "CVE-2016-1009"
},
{
"date": "2016-03-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001700"
},
{
"date": "2016-03-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-079"
},
{
"date": "2016-12-03T03:19:32.287000",
"db": "NVD",
"id": "CVE-2016-1009"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-079"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001700"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-079"
}
],
"trust": 0.6
}
}
var-201809-0888
Vulnerability from variot
Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011.30099 and earlier, and 2015.006.30448 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. The former is a set of PDF file editing and conversion tools, the latter is a set of PDF document reading software. A remote attacker can exploit this vulnerability to obtain sensitive information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-0888",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30448"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "18.011.20058"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "18.011.20058"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "17.011.30099"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "17.011.30059"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "17.011.30059"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30448"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "17.011.30099"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "2017 (classic 2017) 2017.011.30102 (windows/macos)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(classic 2015) 2015.006.30452 (windows/macos)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "( continuous track ) 2018.011.20063 (windows/macos)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(classic 2015) 2015.006.30452 (windows/macos)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "( continuous track ) 2018.011.20063 (windows/macos)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "2017 (classic 2017) 2017.011.30102 (windows/macos)"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 0.6,
"vendor": "adobe",
"version": "\u003c=2018.011.20058"
},
{
"model": "acrobat (classic",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20172017)\u003c=2017.011.30099"
},
{
"model": "acrobat dc (classic",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015)\u003c=2015.006.30448"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 0.6,
"vendor": "adobe",
"version": "\u003c=2018.011.20058"
},
{
"model": "acrobat reader (classic",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20172017)\u003c=2017.011.30099"
},
{
"model": "acrobat reader dc (classic",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015)\u003c=2015.006.30448"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.023.20056"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "17.009.20058"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "18.009.20050"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "17.009.20044"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "17.012.20098"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "18.009.20044"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.023.20070"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "18.011.20055"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "17.012.20095"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "17.012.20093"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2018.11.20058"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2018.11.20055"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2018.11.20040"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2018.11.20038"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2018.11.20035"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2017.11.30099"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2017.11.30080"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30448"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30434"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30418"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30417"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30416"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30413"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30394"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30392"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30355"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30352"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30306"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2017.11.30096"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2017.11.30080"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2017.11.30079"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2017.11.30078"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2017.11.30070"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2017.11.30068"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2017.11.30066"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2017.11.30059"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2018.11.20058"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2018.11.20055"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2018.11.20040"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2018.11.20038"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2018.11.20035"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30448"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30434"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30418"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30417"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30416"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30413"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30394"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30392"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30355"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30352"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30306"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2017.11.30099"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2017.11.30096"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2017.11.30080"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2017.11.30079"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2017.11.30078"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2017.11.30070"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2017.11.30068"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2017.11.30066"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2017.11.30059"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2018.11.20063"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2017.11.30102"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30452"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2018.11.20063"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30452"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2017.11.30102"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20135"
},
{
"db": "BID",
"id": "105358"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009460"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-985"
},
{
"db": "NVD",
"id": "CVE-2018-12801"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009460"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cybellum Technologies LTD and Omri Herscovici via Vulnerability Research Check Point Software Technologies Ltd.",
"sources": [
{
"db": "BID",
"id": "105358"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-985"
}
],
"trust": 0.9
},
"cve": "CVE-2018-12801",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-12801",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-20135",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-12801",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-12801",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-12801",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2018-20135",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201809-985",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20135"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009460"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-985"
},
{
"db": "NVD",
"id": "CVE-2018-12801"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011.30099 and earlier, and 2015.006.30448 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. The former is a set of PDF file editing and conversion tools, the latter is a set of PDF document reading software. A remote attacker can exploit this vulnerability to obtain sensitive information",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-12801"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009460"
},
{
"db": "CNVD",
"id": "CNVD-2018-20135"
},
{
"db": "BID",
"id": "105358"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-12801",
"trust": 3.3
},
{
"db": "BID",
"id": "105358",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1041702",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009460",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2018-20135",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201809-985",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20135"
},
{
"db": "BID",
"id": "105358"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009460"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-985"
},
{
"db": "NVD",
"id": "CVE-2018-12801"
}
]
},
"id": "VAR-201809-0888",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20135"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20135"
}
]
},
"last_update_date": "2024-08-14T14:12:42.258000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB18-34",
"trust": 0.8,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb18-34.html"
},
{
"title": "APSB18-34",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/acrobat/apsb18-34.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20180920.html"
},
{
"title": "Patch for Adobe Acrobat and Reader Transboundary Read Vulnerability (CNVD-2018-20135)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/141331"
},
{
"title": "Adobe Acrobat and Reader Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85093"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20135"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009460"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-985"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009460"
},
{
"db": "NVD",
"id": "CVE-2018-12801"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb18-34.html"
},
{
"trust": 1.6,
"url": "http://www.securitytracker.com/id/1041702"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/105358"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-12801"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20180920-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2018/at180039.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12801"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20135"
},
{
"db": "BID",
"id": "105358"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009460"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-985"
},
{
"db": "NVD",
"id": "CVE-2018-12801"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-20135"
},
{
"db": "BID",
"id": "105358"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009460"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-985"
},
{
"db": "NVD",
"id": "CVE-2018-12801"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-20135"
},
{
"date": "2018-09-19T00:00:00",
"db": "BID",
"id": "105358"
},
{
"date": "2018-11-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009460"
},
{
"date": "2018-09-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-985"
},
{
"date": "2018-09-25T13:29:00.550000",
"db": "NVD",
"id": "CVE-2018-12801"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-20135"
},
{
"date": "2018-09-19T00:00:00",
"db": "BID",
"id": "105358"
},
{
"date": "2018-11-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009460"
},
{
"date": "2019-08-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-985"
},
{
"date": "2019-08-21T16:20:13.350000",
"db": "NVD",
"id": "CVE-2018-12801"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-985"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Out-of-bounds reading vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009460"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-985"
}
],
"trust": 0.6
}
}
var-201102-0038
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0589 and CVE-2011-0606. Adobe Reader and Acrobat Any code that could be executed or service disruption (DoS) There is a vulnerability that becomes a condition. Adobe Reader and Acrobat versions prior to 9.4.2 and 10.0.1 are affected.
For more information: SA43207
SOLUTION: Updated packages are available via Red Hat Network. ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA43207
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43207/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
RELEASE DATE: 2011-02-09
DISCUSS ADVISORY: http://secunia.com/advisories/43207/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43207/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader / Acrobat, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks and compromise a user's system.
2) An unspecified error can be exploited to corrupt memory.
3) An unspecified error related to file permissions in Windows-based versions can be exploited to gain escalated privileges.
4) An unspecified error may allow code execution.
5) An unspecified error when parsing images can be exploited to corrupt memory.
6) An error in AcroRd32.dll when parsing certain images can be exploited to corrupt memory.
7) An unspecified error in the Macintosh-based versions may allow code execution.
9) An unspecified error may allow code execution.
10) A input validation error may allow code execution.
11) An input validation error can be exploited to conduct cross-site scripting attacks.
13) An unspecified error can be exploited to corrupt memory.
14) A boundary error when decoding U3D image data in an IFF file can be exploited to cause a buffer overflow.
15) A boundary error when decoding U3D image data in a RGBA file can be exploited to cause a buffer overflow.
16) A boundary error when decoding U3D image data in a BMP file can be exploited to cause a buffer overflow.
17) A boundary error when decoding U3D image data in a PSD file can be exploited to cause a buffer overflow.
18) An input validation error when parsing fonts may allow code execution.
19) A boundary error when decoding U3D image data in a FLI file can be exploited to cause a buffer overflow.
20) An error in 2d.dll when parsing height and width values of RLE_8 compressed BMP files can be exploited to cause a heap-based buffer overflow.
21) An integer overflow in ACE.dll when parsing certain ICC data can be exploited to cause a buffer overflow.
22) A boundary error in rt3d.dll when parsing bits per pixel and number of colors if 4/8-bit RLE compressed BMP files can be exploited to cause a heap-based buffer overflow.
23) An error in the U3D implementation when handling the Parent Node count can be exploited to cause a buffer overflow.
24) A boundary error when processing JPEG files embedded in a PDF file can be exploited to corrupt heap memory.
25) An unspecified error when parsing images may allow code execution.
26) An input validation error can be exploited to conduct cross-site scripting attacks.
27) An unspecified error in the Macintosh-based versions may allow code execution.
28) A boundary error in rt3d.dll when parsing certain files can be exploited to cause a stack-based buffer overflow.
29) An integer overflow in the U3D implementation when parsing a ILBM texture file can be exploited to cause a buffer overflow.
30) Some vulnerabilities are caused due to vulnerabilities in the bundled version of Adobe Flash Player.
For more information: SA43267
The vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1 and prior, and 10.0 and prior.
SOLUTION: Update to version 8.2.6, 9.4.2, or 10.0.1.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: 2) Bing Liu, Fortinet's FortiGuard Labs. 6) Abdullah Ada via ZDI. 8) Haifei Li, Fortinet's FortiGuard Labs. 14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. 21) Sebastian Apelt via ZDI. 23) el via ZDI. 14) Sean Larsson, iDefense Labs. 28) An anonymous person via ZDI.
The vendor also credits: 1) Mitja Kolsek, ACROS Security. 3) Matthew Pun. 4, 5, 18) Tavis Ormandy, Google Security Team. 7) James Quirk. 9) Brett Gervasoni, Sense of Security. 10) Joe Schatz. 11, 26) Billy Rios, Google Security Team. 12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. 13) CESG. 25) Will Dormann, CERT. 27) Marc Schoenefeld, Red Hat Security Response Team.
ORIGINAL ADVISORY: Adobe (APSB11-03) http://www.adobe.com/support/security/bulletins/apsb11-03.html http://www.adobe.com/support/security/bulletins/apsb11-02.html
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-065/ http://www.zerodayinitiative.com/advisories/ZDI-11-066/ http://www.zerodayinitiative.com/advisories/ZDI-11-067/ http://www.zerodayinitiative.com/advisories/ZDI-11-068/ http://www.zerodayinitiative.com/advisories/ZDI-11-069/ http://www.zerodayinitiative.com/advisories/ZDI-11-070/ http://www.zerodayinitiative.com/advisories/ZDI-11-071/ http://www.zerodayinitiative.com/advisories/ZDI-11-072/ http://www.zerodayinitiative.com/advisories/ZDI-11-073/ http://www.zerodayinitiative.com/advisories/ZDI-11-074/ http://www.zerodayinitiative.com/advisories/ZDI-11-075/ http://www.zerodayinitiative.com/advisories/ZDI-11-077/
FortiGuard Labs: http://www.fortiguard.com/advisory/FGA-2011-06.html
iDefense: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201201-19
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: January 30, 2012 Bugs: #354211, #382969, #393481 ID: 201201-19
Synopsis
Multiple vulnerabilities in Adobe Reader might allow remote attackers to execute arbitrary code or conduct various other attacks.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.4.7 >= 9.4.7=20
Description
Multiple vulnerabilities have been discovered in Adobe Reader. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open a specially crafted PDF file using Adobe Reader, possibly resulting in the remote execution of arbitrary code, a Denial of Service, or other impact.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.7"
References
[ 1 ] CVE-2010-4091 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091 [ 2 ] CVE-2011-0562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562 [ 3 ] CVE-2011-0563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563 [ 4 ] CVE-2011-0565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565 [ 5 ] CVE-2011-0566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566 [ 6 ] CVE-2011-0567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567 [ 7 ] CVE-2011-0570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570 [ 8 ] CVE-2011-0585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585 [ 9 ] CVE-2011-0586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586 [ 10 ] CVE-2011-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587 [ 11 ] CVE-2011-0588 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588 [ 12 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 13 ] CVE-2011-0590 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590 [ 14 ] CVE-2011-0591 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591 [ 15 ] CVE-2011-0592 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592 [ 16 ] CVE-2011-0593 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593 [ 17 ] CVE-2011-0594 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594 [ 18 ] CVE-2011-0595 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595 [ 19 ] CVE-2011-0596 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596 [ 20 ] CVE-2011-0598 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598 [ 21 ] CVE-2011-0599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599 [ 22 ] CVE-2011-0600 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600 [ 23 ] CVE-2011-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602 [ 24 ] CVE-2011-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603 [ 25 ] CVE-2011-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604 [ 26 ] CVE-2011-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605 [ 27 ] CVE-2011-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606 [ 28 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 29 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 30 ] CVE-2011-2135 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 31 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 32 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 33 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 34 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 35 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 36 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 37 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 38 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 39 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 40 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 41 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 42 ] CVE-2011-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431 [ 43 ] CVE-2011-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432 [ 44 ] CVE-2011-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433 [ 45 ] CVE-2011-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434 [ 46 ] CVE-2011-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435 [ 47 ] CVE-2011-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436 [ 48 ] CVE-2011-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437 [ 49 ] CVE-2011-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438 [ 50 ] CVE-2011-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439 [ 51 ] CVE-2011-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440 [ 52 ] CVE-2011-2441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441 [ 53 ] CVE-2011-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442 [ 54 ] CVE-2011-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462 [ 55 ] CVE-2011-4369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201201-19.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0038",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat professional extended",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
}
],
"sources": [
{
"db": "BID",
"id": "46187"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001190"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-157"
},
{
"db": "NVD",
"id": "CVE-2011-0563"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_server_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_workstation_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001190"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Bing Liu of Fortinet\u0027s FortiGuard Labs",
"sources": [
{
"db": "BID",
"id": "46187"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-157"
}
],
"trust": 0.9
},
"cve": "CVE-2011-0563",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2011-0563",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-48508",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-0563",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-0563",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-157",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-48508",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48508"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001190"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-157"
},
{
"db": "NVD",
"id": "CVE-2011-0563"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0589 and CVE-2011-0606. Adobe Reader and Acrobat Any code that could be executed or service disruption (DoS) There is a vulnerability that becomes a condition. \nAdobe Reader and Acrobat versions prior to 9.4.2 and 10.0.1 are affected. \n\nFor more information:\nSA43207\n\nSOLUTION:\nUpdated packages are available via Red Hat Network. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA43207\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43207/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nRELEASE DATE:\n2011-02-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43207/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43207/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader /\nAcrobat, which can be exploited by malicious, local users to gain\nescalated privileges and by malicious people to conduct cross-site\nscripting attacks and compromise a user\u0027s system. \n\n2) An unspecified error can be exploited to corrupt memory. \n\n3) An unspecified error related to file permissions in Windows-based\nversions can be exploited to gain escalated privileges. \n\n4) An unspecified error may allow code execution. \n\n5) An unspecified error when parsing images can be exploited to\ncorrupt memory. \n\n6) An error in AcroRd32.dll when parsing certain images can be\nexploited to corrupt memory. \n\n7) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n9) An unspecified error may allow code execution. \n\n10) A input validation error may allow code execution. \n\n11) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n13) An unspecified error can be exploited to corrupt memory. \n\n14) A boundary error when decoding U3D image data in an IFF file can\nbe exploited to cause a buffer overflow. \n\n15) A boundary error when decoding U3D image data in a RGBA file can\nbe exploited to cause a buffer overflow. \n\n16) A boundary error when decoding U3D image data in a BMP file can\nbe exploited to cause a buffer overflow. \n\n17) A boundary error when decoding U3D image data in a PSD file can\nbe exploited to cause a buffer overflow. \n\n18) An input validation error when parsing fonts may allow code\nexecution. \n\n19) A boundary error when decoding U3D image data in a FLI file can\nbe exploited to cause a buffer overflow. \n\n20) An error in 2d.dll when parsing height and width values of RLE_8\ncompressed BMP files can be exploited to cause a heap-based buffer\noverflow. \n\n21) An integer overflow in ACE.dll when parsing certain ICC data can\nbe exploited to cause a buffer overflow. \n\n22) A boundary error in rt3d.dll when parsing bits per pixel and\nnumber of colors if 4/8-bit RLE compressed BMP files can be exploited\nto cause a heap-based buffer overflow. \n\n23) An error in the U3D implementation when handling the Parent Node\ncount can be exploited to cause a buffer overflow. \n\n24) A boundary error when processing JPEG files embedded in a PDF\nfile can be exploited to corrupt heap memory. \n\n25) An unspecified error when parsing images may allow code\nexecution. \n\n26) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n27) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n28) A boundary error in rt3d.dll when parsing certain files can be\nexploited to cause a stack-based buffer overflow. \n\n29) An integer overflow in the U3D implementation when parsing a ILBM\ntexture file can be exploited to cause a buffer overflow. \n\n30) Some vulnerabilities are caused due to vulnerabilities in the\nbundled version of Adobe Flash Player. \n\nFor more information:\nSA43267\n\nThe vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1\nand prior, and 10.0 and prior. \n\nSOLUTION:\nUpdate to version 8.2.6, 9.4.2, or 10.0.1. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\n2) Bing Liu, Fortinet\u0027s FortiGuard Labs. \n6) Abdullah Ada via ZDI. \n8) Haifei Li, Fortinet\u0027s FortiGuard Labs. \n14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. \n21) Sebastian Apelt via ZDI. \n23) el via ZDI. \n14) Sean Larsson, iDefense Labs. \n28) An anonymous person via ZDI. \n\nThe vendor also credits:\n1) Mitja Kolsek, ACROS Security. \n3) Matthew Pun. \n4, 5, 18) Tavis Ormandy, Google Security Team. \n7) James Quirk. \n9) Brett Gervasoni, Sense of Security. \n10) Joe Schatz. \n11, 26) Billy Rios, Google Security Team. \n12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. \n13) CESG. \n25) Will Dormann, CERT. \n27) Marc Schoenefeld, Red Hat Security Response Team. \n\nORIGINAL ADVISORY:\nAdobe (APSB11-03)\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-02.html\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-065/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-066/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-067/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-068/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-069/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-070/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-071/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-072/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-073/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-074/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-075/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-077/\n\nFortiGuard Labs:\nhttp://www.fortiguard.com/advisory/FGA-2011-06.html\n\niDefense:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201201-19\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: January 30, 2012\n Bugs: #354211, #382969, #393481\n ID: 201201-19\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might allow remote attackers\nto execute arbitrary code or conduct various other attacks. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/acroread \u003c 9.4.7 \u003e= 9.4.7=20\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Adobe Reader. Please\nreview the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could entice a user to open a specially crafted PDF\nfile using Adobe Reader, possibly resulting in the remote execution of\narbitrary code, a Denial of Service, or other impact. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.4.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-4091\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091\n[ 2 ] CVE-2011-0562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562\n[ 3 ] CVE-2011-0563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563\n[ 4 ] CVE-2011-0565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565\n[ 5 ] CVE-2011-0566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566\n[ 6 ] CVE-2011-0567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567\n[ 7 ] CVE-2011-0570\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570\n[ 8 ] CVE-2011-0585\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585\n[ 9 ] CVE-2011-0586\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586\n[ 10 ] CVE-2011-0587\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587\n[ 11 ] CVE-2011-0588\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588\n[ 12 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 13 ] CVE-2011-0590\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590\n[ 14 ] CVE-2011-0591\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591\n[ 15 ] CVE-2011-0592\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592\n[ 16 ] CVE-2011-0593\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593\n[ 17 ] CVE-2011-0594\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594\n[ 18 ] CVE-2011-0595\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595\n[ 19 ] CVE-2011-0596\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596\n[ 20 ] CVE-2011-0598\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598\n[ 21 ] CVE-2011-0599\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599\n[ 22 ] CVE-2011-0600\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600\n[ 23 ] CVE-2011-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602\n[ 24 ] CVE-2011-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603\n[ 25 ] CVE-2011-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604\n[ 26 ] CVE-2011-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605\n[ 27 ] CVE-2011-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606\n[ 28 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 29 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 30 ] CVE-2011-2135\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 31 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 32 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 33 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 34 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 35 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 36 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 37 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 38 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 39 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 40 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 41 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 42 ] CVE-2011-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431\n[ 43 ] CVE-2011-2432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432\n[ 44 ] CVE-2011-2433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433\n[ 45 ] CVE-2011-2434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434\n[ 46 ] CVE-2011-2435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435\n[ 47 ] CVE-2011-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436\n[ 48 ] CVE-2011-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437\n[ 49 ] CVE-2011-2438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438\n[ 50 ] CVE-2011-2439\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439\n[ 51 ] CVE-2011-2440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440\n[ 52 ] CVE-2011-2441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441\n[ 53 ] CVE-2011-2442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442\n[ 54 ] CVE-2011-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462\n[ 55 ] CVE-2011-4369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201201-19.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0563"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001190"
},
{
"db": "BID",
"id": "46187"
},
{
"db": "VULHUB",
"id": "VHN-48508"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-0563",
"trust": 2.9
},
{
"db": "VUPEN",
"id": "ADV-2011-0337",
"trust": 1.9
},
{
"db": "SECTRACK",
"id": "1025033",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "43470",
"trust": 1.2
},
{
"db": "BID",
"id": "46187",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2011-0492",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "43207",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001190",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201102-157",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-48508",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99246",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-074",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-071",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-070",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-066",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-067",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-077",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-073",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-072",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-065",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-068",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-075",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-069",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98320",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109194",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48508"
},
{
"db": "BID",
"id": "46187"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001190"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-157"
},
{
"db": "NVD",
"id": "CVE-2011-0563"
}
]
},
"id": "VAR-201102-0038",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48508"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:10:14.935000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-03",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"title": "cpsid_89065",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/890/cpsid_89065.html"
},
{
"title": "RHSA-2011:0301",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2011-0301.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001190"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48508"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001190"
},
{
"db": "NVD",
"id": "CVE-2011-0563"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"trust": 1.9,
"url": "http://www.securitytracker.com/id?1025033"
},
{
"trust": 1.9,
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12452"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2011-0301.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/43470"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2011/0492"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0563"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2011/at110004.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0563"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/43207"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/46187"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/vim/section_179/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/#comments"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-0301.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43470"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-066/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-068/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/#comments"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-065/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-072/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-073/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-069/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-075/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-070/"
},
{
"trust": 0.1,
"url": "http://www.fortiguard.com/advisory/fga-2011-06.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-077/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-067/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-071/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-074/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48508"
},
{
"db": "BID",
"id": "46187"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001190"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-157"
},
{
"db": "NVD",
"id": "CVE-2011-0563"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-48508"
},
{
"db": "BID",
"id": "46187"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001190"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-157"
},
{
"db": "NVD",
"id": "CVE-2011-0563"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-48508"
},
{
"date": "2011-02-08T00:00:00",
"db": "BID",
"id": "46187"
},
{
"date": "2011-03-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001190"
},
{
"date": "2011-03-14T11:37:12",
"db": "PACKETSTORM",
"id": "99246"
},
{
"date": "2011-02-09T03:30:01",
"db": "PACKETSTORM",
"id": "98320"
},
{
"date": "2012-01-31T00:07:37",
"db": "PACKETSTORM",
"id": "109194"
},
{
"date": "2011-02-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-157"
},
{
"date": "2011-02-10T18:00:57.910000",
"db": "NVD",
"id": "CVE-2011-0563"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-48508"
},
{
"date": "2013-06-20T09:39:00",
"db": "BID",
"id": "46187"
},
{
"date": "2011-03-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001190"
},
{
"date": "2011-02-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-157"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2011-0563"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-157"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001190"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-157"
}
],
"trust": 0.6
}
}
var-201102-0070
Vulnerability from variot
Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-0587. Adobe Reader and Acrobat Contains a cross-site scripting vulnerability. This vulnerability CVE-2011-0587 Is a different vulnerability.By any third party Web Script or HTML May be inserted. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Remote attackers can inject arbitrary web scripts or HTML with unknown vectors.
For more information: SA43207
SOLUTION: Updated packages are available via Red Hat Network. ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA43207
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43207/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
RELEASE DATE: 2011-02-09
DISCUSS ADVISORY: http://secunia.com/advisories/43207/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43207/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader / Acrobat, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks and compromise a user's system.
1) An unspecified error related to library loading can be exploited to execute arbitrary code.
2) An unspecified error can be exploited to corrupt memory.
3) An unspecified error related to file permissions in Windows-based versions can be exploited to gain escalated privileges.
4) An unspecified error may allow code execution.
5) An unspecified error when parsing images can be exploited to corrupt memory.
6) An error in AcroRd32.dll when parsing certain images can be exploited to corrupt memory.
7) An unspecified error in the Macintosh-based versions may allow code execution.
8) An unspecified error related to library loading can be exploited to execute arbitrary code.
9) An unspecified error may allow code execution.
10) A input validation error may allow code execution.
11) An input validation error can be exploited to conduct cross-site scripting attacks.
12) An unspecified error related to library loading can be exploited to execute arbitrary code.
13) An unspecified error can be exploited to corrupt memory.
14) A boundary error when decoding U3D image data in an IFF file can be exploited to cause a buffer overflow.
15) A boundary error when decoding U3D image data in a RGBA file can be exploited to cause a buffer overflow.
16) A boundary error when decoding U3D image data in a BMP file can be exploited to cause a buffer overflow.
17) A boundary error when decoding U3D image data in a PSD file can be exploited to cause a buffer overflow.
18) An input validation error when parsing fonts may allow code execution.
19) A boundary error when decoding U3D image data in a FLI file can be exploited to cause a buffer overflow.
20) An error in 2d.dll when parsing height and width values of RLE_8 compressed BMP files can be exploited to cause a heap-based buffer overflow.
21) An integer overflow in ACE.dll when parsing certain ICC data can be exploited to cause a buffer overflow.
22) A boundary error in rt3d.dll when parsing bits per pixel and number of colors if 4/8-bit RLE compressed BMP files can be exploited to cause a heap-based buffer overflow.
23) An error in the U3D implementation when handling the Parent Node count can be exploited to cause a buffer overflow.
24) A boundary error when processing JPEG files embedded in a PDF file can be exploited to corrupt heap memory.
25) An unspecified error when parsing images may allow code execution.
26) An input validation error can be exploited to conduct cross-site scripting attacks.
27) An unspecified error in the Macintosh-based versions may allow code execution.
28) A boundary error in rt3d.dll when parsing certain files can be exploited to cause a stack-based buffer overflow.
29) An integer overflow in the U3D implementation when parsing a ILBM texture file can be exploited to cause a buffer overflow.
30) Some vulnerabilities are caused due to vulnerabilities in the bundled version of Adobe Flash Player.
For more information: SA43267
The vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1 and prior, and 10.0 and prior.
SOLUTION: Update to version 8.2.6, 9.4.2, or 10.0.1.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: 2) Bing Liu, Fortinet's FortiGuard Labs. 6) Abdullah Ada via ZDI. 8) Haifei Li, Fortinet's FortiGuard Labs. 14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. 21) Sebastian Apelt via ZDI. 23) el via ZDI. 14) Sean Larsson, iDefense Labs. 28) An anonymous person via ZDI.
The vendor also credits: 1) Mitja Kolsek, ACROS Security. 3) Matthew Pun. 4, 5, 18) Tavis Ormandy, Google Security Team. 7) James Quirk. 9) Brett Gervasoni, Sense of Security. 10) Joe Schatz. 11, 26) Billy Rios, Google Security Team. 12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. 13) CESG. 25) Will Dormann, CERT. 27) Marc Schoenefeld, Red Hat Security Response Team.
ORIGINAL ADVISORY: Adobe (APSB11-03) http://www.adobe.com/support/security/bulletins/apsb11-03.html http://www.adobe.com/support/security/bulletins/apsb11-02.html
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-065/ http://www.zerodayinitiative.com/advisories/ZDI-11-066/ http://www.zerodayinitiative.com/advisories/ZDI-11-067/ http://www.zerodayinitiative.com/advisories/ZDI-11-068/ http://www.zerodayinitiative.com/advisories/ZDI-11-069/ http://www.zerodayinitiative.com/advisories/ZDI-11-070/ http://www.zerodayinitiative.com/advisories/ZDI-11-071/ http://www.zerodayinitiative.com/advisories/ZDI-11-072/ http://www.zerodayinitiative.com/advisories/ZDI-11-073/ http://www.zerodayinitiative.com/advisories/ZDI-11-074/ http://www.zerodayinitiative.com/advisories/ZDI-11-075/ http://www.zerodayinitiative.com/advisories/ZDI-11-077/
FortiGuard Labs: http://www.fortiguard.com/advisory/FGA-2011-06.html
iDefense: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201201-19
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: January 30, 2012 Bugs: #354211, #382969, #393481 ID: 201201-19
Synopsis
Multiple vulnerabilities in Adobe Reader might allow remote attackers to execute arbitrary code or conduct various other attacks.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.4.7 >= 9.4.7=20
Description
Multiple vulnerabilities have been discovered in Adobe Reader. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open a specially crafted PDF file using Adobe Reader, possibly resulting in the remote execution of arbitrary code, a Denial of Service, or other impact.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.7"
References
[ 1 ] CVE-2010-4091 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091 [ 2 ] CVE-2011-0562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562 [ 3 ] CVE-2011-0563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563 [ 4 ] CVE-2011-0565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565 [ 5 ] CVE-2011-0566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566 [ 6 ] CVE-2011-0567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567 [ 7 ] CVE-2011-0570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570 [ 8 ] CVE-2011-0585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585 [ 9 ] CVE-2011-0586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586 [ 10 ] CVE-2011-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587 [ 11 ] CVE-2011-0588 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588 [ 12 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 13 ] CVE-2011-0590 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590 [ 14 ] CVE-2011-0591 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591 [ 15 ] CVE-2011-0592 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592 [ 16 ] CVE-2011-0593 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593 [ 17 ] CVE-2011-0594 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594 [ 18 ] CVE-2011-0595 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595 [ 19 ] CVE-2011-0596 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596 [ 20 ] CVE-2011-0598 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598 [ 21 ] CVE-2011-0599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599 [ 22 ] CVE-2011-0600 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600 [ 23 ] CVE-2011-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602 [ 24 ] CVE-2011-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603 [ 25 ] CVE-2011-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604 [ 26 ] CVE-2011-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605 [ 27 ] CVE-2011-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606 [ 28 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 29 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 30 ] CVE-2011-2135 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 31 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 32 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 33 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 34 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 35 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 36 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 37 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 38 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 39 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 40 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 41 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 42 ] CVE-2011-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431 [ 43 ] CVE-2011-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432 [ 44 ] CVE-2011-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433 [ 45 ] CVE-2011-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434 [ 46 ] CVE-2011-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435 [ 47 ] CVE-2011-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436 [ 48 ] CVE-2011-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437 [ 49 ] CVE-2011-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438 [ 50 ] CVE-2011-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439 [ 51 ] CVE-2011-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440 [ 52 ] CVE-2011-2441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441 [ 53 ] CVE-2011-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442 [ 54 ] CVE-2011-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462 [ 55 ] CVE-2011-4369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201201-19.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0070",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat professional extended",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0"
}
],
"sources": [
{
"db": "BID",
"id": "46217"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001214"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-133"
},
{
"db": "NVD",
"id": "CVE-2011-0604"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_server_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_workstation_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001214"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Billy Rios from the Google Security Team",
"sources": [
{
"db": "BID",
"id": "46217"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-133"
}
],
"trust": 0.9
},
"cve": "CVE-2011-0604",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2011-0604",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-48549",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-0604",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2011-0604",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-133",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-48549",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48549"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001214"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-133"
},
{
"db": "NVD",
"id": "CVE-2011-0604"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-0587. Adobe Reader and Acrobat Contains a cross-site scripting vulnerability. This vulnerability CVE-2011-0587 Is a different vulnerability.By any third party Web Script or HTML May be inserted. \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Remote attackers can inject arbitrary web scripts or HTML with unknown vectors. \n\nFor more information:\nSA43207\n\nSOLUTION:\nUpdated packages are available via Red Hat Network. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA43207\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43207/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nRELEASE DATE:\n2011-02-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43207/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43207/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader /\nAcrobat, which can be exploited by malicious, local users to gain\nescalated privileges and by malicious people to conduct cross-site\nscripting attacks and compromise a user\u0027s system. \n\n1) An unspecified error related to library loading can be exploited\nto execute arbitrary code. \n\n2) An unspecified error can be exploited to corrupt memory. \n\n3) An unspecified error related to file permissions in Windows-based\nversions can be exploited to gain escalated privileges. \n\n4) An unspecified error may allow code execution. \n\n5) An unspecified error when parsing images can be exploited to\ncorrupt memory. \n\n6) An error in AcroRd32.dll when parsing certain images can be\nexploited to corrupt memory. \n\n7) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n8) An unspecified error related to library loading can be exploited\nto execute arbitrary code. \n\n9) An unspecified error may allow code execution. \n\n10) A input validation error may allow code execution. \n\n11) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n12) An unspecified error related to library loading can be exploited\nto execute arbitrary code. \n\n13) An unspecified error can be exploited to corrupt memory. \n\n14) A boundary error when decoding U3D image data in an IFF file can\nbe exploited to cause a buffer overflow. \n\n15) A boundary error when decoding U3D image data in a RGBA file can\nbe exploited to cause a buffer overflow. \n\n16) A boundary error when decoding U3D image data in a BMP file can\nbe exploited to cause a buffer overflow. \n\n17) A boundary error when decoding U3D image data in a PSD file can\nbe exploited to cause a buffer overflow. \n\n18) An input validation error when parsing fonts may allow code\nexecution. \n\n19) A boundary error when decoding U3D image data in a FLI file can\nbe exploited to cause a buffer overflow. \n\n20) An error in 2d.dll when parsing height and width values of RLE_8\ncompressed BMP files can be exploited to cause a heap-based buffer\noverflow. \n\n21) An integer overflow in ACE.dll when parsing certain ICC data can\nbe exploited to cause a buffer overflow. \n\n22) A boundary error in rt3d.dll when parsing bits per pixel and\nnumber of colors if 4/8-bit RLE compressed BMP files can be exploited\nto cause a heap-based buffer overflow. \n\n23) An error in the U3D implementation when handling the Parent Node\ncount can be exploited to cause a buffer overflow. \n\n24) A boundary error when processing JPEG files embedded in a PDF\nfile can be exploited to corrupt heap memory. \n\n25) An unspecified error when parsing images may allow code\nexecution. \n\n26) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n27) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n28) A boundary error in rt3d.dll when parsing certain files can be\nexploited to cause a stack-based buffer overflow. \n\n29) An integer overflow in the U3D implementation when parsing a ILBM\ntexture file can be exploited to cause a buffer overflow. \n\n30) Some vulnerabilities are caused due to vulnerabilities in the\nbundled version of Adobe Flash Player. \n\nFor more information:\nSA43267\n\nThe vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1\nand prior, and 10.0 and prior. \n\nSOLUTION:\nUpdate to version 8.2.6, 9.4.2, or 10.0.1. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\n2) Bing Liu, Fortinet\u0027s FortiGuard Labs. \n6) Abdullah Ada via ZDI. \n8) Haifei Li, Fortinet\u0027s FortiGuard Labs. \n14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. \n21) Sebastian Apelt via ZDI. \n23) el via ZDI. \n14) Sean Larsson, iDefense Labs. \n28) An anonymous person via ZDI. \n\nThe vendor also credits:\n1) Mitja Kolsek, ACROS Security. \n3) Matthew Pun. \n4, 5, 18) Tavis Ormandy, Google Security Team. \n7) James Quirk. \n9) Brett Gervasoni, Sense of Security. \n10) Joe Schatz. \n11, 26) Billy Rios, Google Security Team. \n12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. \n13) CESG. \n25) Will Dormann, CERT. \n27) Marc Schoenefeld, Red Hat Security Response Team. \n\nORIGINAL ADVISORY:\nAdobe (APSB11-03)\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-02.html\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-065/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-066/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-067/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-068/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-069/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-070/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-071/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-072/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-073/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-074/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-075/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-077/\n\nFortiGuard Labs:\nhttp://www.fortiguard.com/advisory/FGA-2011-06.html\n\niDefense:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201201-19\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: January 30, 2012\n Bugs: #354211, #382969, #393481\n ID: 201201-19\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might allow remote attackers\nto execute arbitrary code or conduct various other attacks. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/acroread \u003c 9.4.7 \u003e= 9.4.7=20\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Adobe Reader. Please\nreview the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could entice a user to open a specially crafted PDF\nfile using Adobe Reader, possibly resulting in the remote execution of\narbitrary code, a Denial of Service, or other impact. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.4.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-4091\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091\n[ 2 ] CVE-2011-0562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562\n[ 3 ] CVE-2011-0563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563\n[ 4 ] CVE-2011-0565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565\n[ 5 ] CVE-2011-0566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566\n[ 6 ] CVE-2011-0567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567\n[ 7 ] CVE-2011-0570\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570\n[ 8 ] CVE-2011-0585\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585\n[ 9 ] CVE-2011-0586\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586\n[ 10 ] CVE-2011-0587\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587\n[ 11 ] CVE-2011-0588\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588\n[ 12 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 13 ] CVE-2011-0590\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590\n[ 14 ] CVE-2011-0591\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591\n[ 15 ] CVE-2011-0592\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592\n[ 16 ] CVE-2011-0593\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593\n[ 17 ] CVE-2011-0594\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594\n[ 18 ] CVE-2011-0595\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595\n[ 19 ] CVE-2011-0596\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596\n[ 20 ] CVE-2011-0598\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598\n[ 21 ] CVE-2011-0599\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599\n[ 22 ] CVE-2011-0600\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600\n[ 23 ] CVE-2011-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602\n[ 24 ] CVE-2011-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603\n[ 25 ] CVE-2011-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604\n[ 26 ] CVE-2011-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605\n[ 27 ] CVE-2011-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606\n[ 28 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 29 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 30 ] CVE-2011-2135\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 31 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 32 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 33 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 34 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 35 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 36 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 37 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 38 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 39 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 40 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 41 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 42 ] CVE-2011-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431\n[ 43 ] CVE-2011-2432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432\n[ 44 ] CVE-2011-2433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433\n[ 45 ] CVE-2011-2434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434\n[ 46 ] CVE-2011-2435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435\n[ 47 ] CVE-2011-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436\n[ 48 ] CVE-2011-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437\n[ 49 ] CVE-2011-2438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438\n[ 50 ] CVE-2011-2439\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439\n[ 51 ] CVE-2011-2440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440\n[ 52 ] CVE-2011-2441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441\n[ 53 ] CVE-2011-2442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442\n[ 54 ] CVE-2011-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462\n[ 55 ] CVE-2011-4369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201201-19.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0604"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001214"
},
{
"db": "BID",
"id": "46217"
},
{
"db": "VULHUB",
"id": "VHN-48549"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-0604",
"trust": 2.9
},
{
"db": "BID",
"id": "46217",
"trust": 2.2
},
{
"db": "VUPEN",
"id": "ADV-2011-0337",
"trust": 1.9
},
{
"db": "SECTRACK",
"id": "1025033",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "43470",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2011-0492",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "43207",
"trust": 1.0
},
{
"db": "XF",
"id": "65307",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001214",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201102-133",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-48549",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99246",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-074",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-071",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-070",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-066",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-067",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-077",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-073",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-072",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-065",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-068",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-075",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-069",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98320",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109194",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48549"
},
{
"db": "BID",
"id": "46217"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001214"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-133"
},
{
"db": "NVD",
"id": "CVE-2011-0604"
}
]
},
"id": "VAR-201102-0070",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48549"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:41:07.299000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-03",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"title": "cpsid_89065",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/890/cpsid_89065.html"
},
{
"title": "RHSA-2011:0301",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2011-0301.html"
},
{
"title": "Adobe Reader 10.0.1 update - Tier 1 languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38487"
},
{
"title": "Adobe Acrobat 9.4.2 Pro Extended update - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38491"
},
{
"title": "Adobe Reader MUI 10.0.1 update - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38486"
},
{
"title": "Adobe Reader MUI 9.4.2 update - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38490"
},
{
"title": "Adobe Acrobat 9.4.2 Pro update - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38494"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001214"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-133"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48549"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001214"
},
{
"db": "NVD",
"id": "CVE-2011-0604"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/46217"
},
{
"trust": 1.9,
"url": "http://www.securitytracker.com/id?1025033"
},
{
"trust": 1.9,
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12592"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2011-0301.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/43470"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2011/0492"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65307"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0604"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/65307"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2011/at110004.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0604"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/43207"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/vim/section_179/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/#comments"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-0301.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43470"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-066/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-068/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/#comments"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-065/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-072/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-073/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-069/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-075/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-070/"
},
{
"trust": 0.1,
"url": "http://www.fortiguard.com/advisory/fga-2011-06.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-077/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-067/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-071/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-074/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48549"
},
{
"db": "BID",
"id": "46217"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001214"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-133"
},
{
"db": "NVD",
"id": "CVE-2011-0604"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-48549"
},
{
"db": "BID",
"id": "46217"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001214"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-133"
},
{
"db": "NVD",
"id": "CVE-2011-0604"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-48549"
},
{
"date": "2011-02-08T00:00:00",
"db": "BID",
"id": "46217"
},
{
"date": "2011-03-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001214"
},
{
"date": "2011-03-14T11:37:12",
"db": "PACKETSTORM",
"id": "99246"
},
{
"date": "2011-02-09T03:30:01",
"db": "PACKETSTORM",
"id": "98320"
},
{
"date": "2012-01-31T00:07:37",
"db": "PACKETSTORM",
"id": "109194"
},
{
"date": "2011-02-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-133"
},
{
"date": "2011-02-10T18:00:58.973000",
"db": "NVD",
"id": "CVE-2011-0604"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-48549"
},
{
"date": "2015-03-19T09:09:00",
"db": "BID",
"id": "46217"
},
{
"date": "2011-03-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001214"
},
{
"date": "2011-02-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-133"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2011-0604"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-133"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001214"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "xss",
"sources": [
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-133"
}
],
"trust": 0.8
}
}
var-201309-0151
Vulnerability from variot
Multiple stack-based buffer overflows in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allow attackers to execute arbitrary code via unspecified vectors. Adobe Acrobat and Reader are prone to multiple stack-based buffer-overflow vulnerabilities. Attackers can exploit these issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause denial-of-service conditions. Note: These issues were previously discussed in BID 62293 (Adobe Acrobat and Reader APSB13-22 Multiple Remote Code Execution Vulnerabilities), but have been moved to their own record for better documentation. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201309-0151",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 2.2,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.04)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.8)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.04)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.8)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "x10.1.8"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "x10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "x11.0.3"
},
{
"model": "reader xi",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat xi",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
}
],
"sources": [
{
"db": "BID",
"id": "62429"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004076"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-146"
},
{
"db": "NVD",
"id": "CVE-2013-3351"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004076"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mateusz Jurczyk and Gynvael Coldwind of the Google Security Team",
"sources": [
{
"db": "BID",
"id": "62429"
}
],
"trust": 0.3
},
"cve": "CVE-2013-3351",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2013-3351",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-63353",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-3351",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2013-3351",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201309-146",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-63353",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63353"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004076"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-146"
},
{
"db": "NVD",
"id": "CVE-2013-3351"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple stack-based buffer overflows in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allow attackers to execute arbitrary code via unspecified vectors. Adobe Acrobat and Reader are prone to multiple stack-based buffer-overflow vulnerabilities. \nAttackers can exploit these issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause denial-of-service conditions. \nNote: These issues were previously discussed in BID 62293 (Adobe Acrobat and Reader APSB13-22 Multiple Remote Code Execution Vulnerabilities), but have been moved to their own record for better documentation. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3351"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004076"
},
{
"db": "BID",
"id": "62429"
},
{
"db": "VULHUB",
"id": "VHN-63353"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-3351",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004076",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201309-146",
"trust": 0.7
},
{
"db": "BID",
"id": "62429",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-63353",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63353"
},
{
"db": "BID",
"id": "62429"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004076"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-146"
},
{
"db": "NVD",
"id": "CVE-2013-3351"
}
]
},
"id": "VAR-201309-0151",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-63353"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T15:24:48.863000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB13-22",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-22.html"
},
{
"title": "APSB13-22 (cq09051858)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/acrobat/kb/cq09051858.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20130912.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004076"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63353"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004076"
},
{
"db": "NVD",
"id": "CVE-2013-3351"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-22.html"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a18447"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3351"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20130911-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2013/at130039.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3351"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=12255"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63353"
},
{
"db": "BID",
"id": "62429"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004076"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-146"
},
{
"db": "NVD",
"id": "CVE-2013-3351"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-63353"
},
{
"db": "BID",
"id": "62429"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004076"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-146"
},
{
"db": "NVD",
"id": "CVE-2013-3351"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-09-12T00:00:00",
"db": "VULHUB",
"id": "VHN-63353"
},
{
"date": "2013-09-10T00:00:00",
"db": "BID",
"id": "62429"
},
{
"date": "2013-09-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004076"
},
{
"date": "2013-09-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201309-146"
},
{
"date": "2013-09-12T13:28:21.990000",
"db": "NVD",
"id": "CVE-2013-3351"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-63353"
},
{
"date": "2013-09-10T00:00:00",
"db": "BID",
"id": "62429"
},
{
"date": "2013-09-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004076"
},
{
"date": "2013-09-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201309-146"
},
{
"date": "2017-09-19T01:36:40.327000",
"db": "NVD",
"id": "CVE-2013-3351"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201309-146"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X upper Adobe Reader and Acrobat Vulnerable to stack-based buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004076"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201309-146"
}
],
"trust": 0.6
}
}
var-201004-0127
Vulnerability from variot
Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0199, CVE-2010-0202, and CVE-2010-0203. Adobe Reader and Acrobat Contains a buffer overflow vulnerability. This vulnerability CVE-2010-0199 , CVE-2010-0202 and CVE-2010-0203 Is a different vulnerability.An attacker could execute arbitrary code. Attackers can exploit these issues to steal cookie-based authentication credentials, cause a denial-of-service, or execute arbitrary code in the context of the user running an affected application.
I. These vulnerabilities affect Reader and Acrobat 9.3.1 and earlier 9.x versions, and 8.2.1 and earlier versions.
An attacker could exploit these vulnerabilities by convincing a user to open a specially crafted PDF file. The Adobe Reader browser plug-in is available for multiple web browsers and operating systems, which can automatically open PDF documents hosted on a website.
II.
III. For a fresh installation, first install Adobe Reader 9.3.0 or 8.2.0 and then use the automatic update feature or install the appropriate update referenced in APSB10-09. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Adobe provides a framework to blacklist specific JavaScipt APIs. If JavaScript must be enabled, this feature may be useful when specific APIs are known to be vulnerable or used in attacks.
Prevent Internet Explorer from automatically opening PDF documents
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7] "EditFlags"=hex:00,00,00,00
Disable the display of PDF documents in the web browser
Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF documents from automatically being opened in a web browser, do the following:
- Open the Edit menu.
- Choose the Preferences option.
- Choose the Internet section.
- Uncheck the "Display PDF in browser" checkbox.
Do not access PDF documents from untrusted sources
Do not open unfamiliar or unexpected PDF documents, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. Please send email to cert@cert.org with "TA10-103C Feedback VU#352598" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
April 13, 2010: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBS8TuRj6pPKYJORa3AQJfzggAj8p3s/TrJT16ceFtRzLR31QBgRq6GxYr h8WnsGlj2WR71XjH219XaWx9Mj3KBWVxbAsNPmK0tEir7KA+n4DwZCewTDYRqfYs 8N7G9MOI68Z87+7zBiZAo0j5/lQuxLWyTF9PqWbX8gCWLqJWW46cEZCqg7OGRbYt w8coxdMXU6tM3WGoWAIKwLRtpQUdubcITPTrE7RATyLJ1422B9dkTSeSCuHHZs5d eXSPYzTQ1EOwHpuA5/a/or2SjeRPLQcpxb/8WKelSqwW3hpK4zviEnPt4cYyeNqW BQY06OQMTKch/nmniuEDuiwe69m0gTw7Tw2Dm6xrg6BLBy3A6GAwkQ== =CQ6i -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201009-05
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: September 07, 2010 Bugs: #297385, #306429, #313343, #322857 ID: 201009-05
Synopsis
Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code or other attacks. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.3.4"
References
[ 1 ] APSA10-01 http://www.adobe.com/support/security/advisories/apsa10-01.html [ 2 ] APSB10-02 http://www.adobe.com/support/security/bulletins/apsb10-02.html [ 3 ] APSB10-07 http://www.adobe.com/support/security/bulletins/apsb10-07.html [ 4 ] APSB10-09 http://www.adobe.com/support/security/bulletins/apsb10-09.html [ 5 ] APSB10-14 http://www.adobe.com/support/security/bulletins/apsb10-14.html [ 6 ] APSB10-16 http://www.adobe.com/support/security/bulletins/apsb10-16.html [ 7 ] CVE-2009-3953 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953 [ 8 ] CVE-2009-4324 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324 [ 9 ] CVE-2010-0186 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186 [ 10 ] CVE-2010-0188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188 [ 11 ] CVE-2010-0190 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190 [ 12 ] CVE-2010-0191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191 [ 13 ] CVE-2010-0192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192 [ 14 ] CVE-2010-0193 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193 [ 15 ] CVE-2010-0194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194 [ 16 ] CVE-2010-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195 [ 17 ] CVE-2010-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196 [ 18 ] CVE-2010-0197 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197 [ 19 ] CVE-2010-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198 [ 20 ] CVE-2010-0199 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199 [ 21 ] CVE-2010-0201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201 [ 22 ] CVE-2010-0202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202 [ 23 ] CVE-2010-0203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203 [ 24 ] CVE-2010-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204 [ 25 ] CVE-2010-1241 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241 [ 26 ] CVE-2010-1285 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285 [ 27 ] CVE-2010-1295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295 [ 28 ] CVE-2010-1297 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297 [ 29 ] CVE-2010-2168 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168 [ 30 ] CVE-2010-2201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201 [ 31 ] CVE-2010-2202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202 [ 32 ] CVE-2010-2203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203 [ 33 ] CVE-2010-2204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204 [ 34 ] CVE-2010-2205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205 [ 35 ] CVE-2010-2206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206 [ 36 ] CVE-2010-2207 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207 [ 37 ] CVE-2010-2208 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208 [ 38 ] CVE-2010-2209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209 [ 39 ] CVE-2010-2210 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210 [ 40 ] CVE-2010-2211 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211 [ 41 ] CVE-2010-2212 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201009-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. They are used to create, view, search, digitally sign, verify, print, and collaborate on Adobe PDF files."
II. Binary Analysis & Proof-of-concept
In-depth binary analysis of the vulnerability and a code execution exploit with DEP bypass have been released by VUPEN through the VUPEN Binary Analysis & Exploits Service :
http://www.vupen.com/exploits/
V.
VI. CREDIT
The vulnerability was discovered by Nicolas Joly of VUPEN Security
VII. ABOUT VUPEN Security
VUPEN is a leading IT security research company providing vulnerability management and security intelligence solutions which enable enterprises and institutions to eliminate vulnerabilities before they can be exploited, ensure security policy compliance and meaningfully measure and manage risks.
Governmental and federal agencies, and global enterprises in the financial services, insurance, manufacturing and technology industries rely on VUPEN to improve their security, prioritize resources, cut time and costs, and stay ahead of the latest threats.
- VUPEN Vulnerability Notification Service:
http://www.vupen.com/english/services/
- VUPEN Binary Analysis & Exploits Service :
http://www.vupen.com/exploits/
VIII. REFERENCES
http://www.vupen.com/english/advisories/2010/0873 http://www.adobe.com/support/security/bulletins/apsb10-09.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198
IX. DISCLOSURE TIMELINE
2010-03-16 - Vendor notified 2010-03-16 - Vendor response 2010-04-07 - Status update received 2010-04-13 - Coordinated public Disclosure
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201004-0127",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.4.z (server)"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "39505"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001354"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-251"
},
{
"db": "NVD",
"id": "CVE-2010-0198"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001354"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Billy Rios and Microsoft Vulnerability Research (MSVR), Aki Helin of Oulu University Secure Programming Group, Microsoft Vulnerability Research Program (MSVR), Bing Liu of Fortinet\u0027s FortiGuard Labs, an anonymous researcher reported through TippingPoint\u0026a",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-251"
}
],
"trust": 0.6
},
"cve": "CVE-2010-0198",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-0198",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-42803",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-0198",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2010-0198",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201004-251",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-42803",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42803"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001354"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-251"
},
{
"db": "NVD",
"id": "CVE-2010-0198"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0199, CVE-2010-0202, and CVE-2010-0203. Adobe Reader and Acrobat Contains a buffer overflow vulnerability. This vulnerability CVE-2010-0199 , CVE-2010-0202 and CVE-2010-0203 Is a different vulnerability.An attacker could execute arbitrary code. \nAttackers can exploit these issues to steal cookie-based authentication credentials, cause a denial-of-service, or execute arbitrary code in the context of the user running an affected application. \n\n\nI. These\n vulnerabilities affect Reader and Acrobat 9.3.1 and earlier 9.x\n versions, and 8.2.1 and earlier versions. \n\n An attacker could exploit these vulnerabilities by convincing a\n user to open a specially crafted PDF file. The Adobe Reader browser\n plug-in is available for multiple web browsers and operating\n systems, which can automatically open PDF documents hosted on a\n website. \n\n\nII. \n\n\nIII. For a fresh installation, first install\n Adobe Reader 9.3.0 or 8.2.0 and then use the automatic update\n feature or install the appropriate update referenced in APSB10-09. Acrobat JavaScript can be disabled using the\n Preferences menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable\n Acrobat JavaScript). \n\n Adobe provides a framework to blacklist specific JavaScipt APIs. If\n JavaScript must be enabled, this feature may be useful when\n specific APIs are known to be vulnerable or used in attacks. \n\n Prevent Internet Explorer from automatically opening PDF documents\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF documents in the web browser\n\n Preventing PDF documents from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF documents from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. \n\n Do not access PDF documents from untrusted sources\n\n Do not open unfamiliar or unexpected PDF documents, particularly\n those hosted on websites or delivered as email attachments. Please\n see Cyber Security Tip ST04-010. \n\n\nIV. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-103C Feedback VU#352598\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n April 13, 2010: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBS8TuRj6pPKYJORa3AQJfzggAj8p3s/TrJT16ceFtRzLR31QBgRq6GxYr\nh8WnsGlj2WR71XjH219XaWx9Mj3KBWVxbAsNPmK0tEir7KA+n4DwZCewTDYRqfYs\n8N7G9MOI68Z87+7zBiZAo0j5/lQuxLWyTF9PqWbX8gCWLqJWW46cEZCqg7OGRbYt\nw8coxdMXU6tM3WGoWAIKwLRtpQUdubcITPTrE7RATyLJ1422B9dkTSeSCuHHZs5d\neXSPYzTQ1EOwHpuA5/a/or2SjeRPLQcpxb/8WKelSqwW3hpK4zviEnPt4cYyeNqW\nBQY06OQMTKch/nmniuEDuiwe69m0gTw7Tw2Dm6xrg6BLBy3A6GAwkQ==\n=CQ6i\n-----END PGP SIGNATURE-----\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201009-05\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: September 07, 2010\n Bugs: #297385, #306429, #313343, #322857\n ID: 201009-05\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might result in the execution\nof arbitrary code or other attacks. For further\ninformation please consult the CVE entries and the Adobe Security\nBulletins referenced below. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.3.4\"\n\nReferences\n==========\n\n [ 1 ] APSA10-01\n http://www.adobe.com/support/security/advisories/apsa10-01.html\n [ 2 ] APSB10-02\n http://www.adobe.com/support/security/bulletins/apsb10-02.html\n [ 3 ] APSB10-07\n http://www.adobe.com/support/security/bulletins/apsb10-07.html\n [ 4 ] APSB10-09\n http://www.adobe.com/support/security/bulletins/apsb10-09.html\n [ 5 ] APSB10-14\n http://www.adobe.com/support/security/bulletins/apsb10-14.html\n [ 6 ] APSB10-16\n http://www.adobe.com/support/security/bulletins/apsb10-16.html\n [ 7 ] CVE-2009-3953\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953\n [ 8 ] CVE-2009-4324\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324\n [ 9 ] CVE-2010-0186\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186\n [ 10 ] CVE-2010-0188\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188\n [ 11 ] CVE-2010-0190\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190\n [ 12 ] CVE-2010-0191\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191\n [ 13 ] CVE-2010-0192\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192\n [ 14 ] CVE-2010-0193\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193\n [ 15 ] CVE-2010-0194\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194\n [ 16 ] CVE-2010-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195\n [ 17 ] CVE-2010-0196\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196\n [ 18 ] CVE-2010-0197\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197\n [ 19 ] CVE-2010-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198\n [ 20 ] CVE-2010-0199\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199\n [ 21 ] CVE-2010-0201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201\n [ 22 ] CVE-2010-0202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202\n [ 23 ] CVE-2010-0203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203\n [ 24 ] CVE-2010-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204\n [ 25 ] CVE-2010-1241\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241\n [ 26 ] CVE-2010-1285\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285\n [ 27 ] CVE-2010-1295\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295\n [ 28 ] CVE-2010-1297\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297\n [ 29 ] CVE-2010-2168\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168\n [ 30 ] CVE-2010-2201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201\n [ 31 ] CVE-2010-2202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202\n [ 32 ] CVE-2010-2203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203\n [ 33 ] CVE-2010-2204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204\n [ 34 ] CVE-2010-2205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205\n [ 35 ] CVE-2010-2206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206\n [ 36 ] CVE-2010-2207\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207\n [ 37 ] CVE-2010-2208\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208\n [ 38 ] CVE-2010-2209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209\n [ 39 ] CVE-2010-2210\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210\n [ 40 ] CVE-2010-2211\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211\n [ 41 ] CVE-2010-2212\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201009-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. They are used to create, view, search, digitally\nsign, verify, print, and collaborate on Adobe PDF files.\"\n\n\nII. Binary Analysis \u0026 Proof-of-concept\n---------------------------------------\n\nIn-depth binary analysis of the vulnerability and a code execution\nexploit with DEP bypass have been released by VUPEN through the\nVUPEN Binary Analysis \u0026 Exploits Service :\n\nhttp://www.vupen.com/exploits/\n\n\nV. \n\n\nVI. CREDIT\n--------------\n\nThe vulnerability was discovered by Nicolas Joly of VUPEN Security\n\n\nVII. ABOUT VUPEN Security\n---------------------------------\n\nVUPEN is a leading IT security research company providing vulnerability\nmanagement and security intelligence solutions which enable enterprises\nand institutions to eliminate vulnerabilities before they can be exploited,\nensure security policy compliance and meaningfully measure and manage risks. \n\nGovernmental and federal agencies, and global enterprises in the financial\nservices, insurance, manufacturing and technology industries rely on VUPEN\nto improve their security, prioritize resources, cut time and costs, and\nstay ahead of the latest threats. \n\n* VUPEN Vulnerability Notification Service:\n\nhttp://www.vupen.com/english/services/\n\n* VUPEN Binary Analysis \u0026 Exploits Service :\n\nhttp://www.vupen.com/exploits/\n\n\nVIII. REFERENCES\n----------------------\n\nhttp://www.vupen.com/english/advisories/2010/0873\nhttp://www.adobe.com/support/security/bulletins/apsb10-09.html\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198\n\n\nIX. DISCLOSURE TIMELINE\n----------------------------------- \n\n2010-03-16 - Vendor notified\n2010-03-16 - Vendor response\n2010-04-07 - Status update received\n2010-04-13 - Coordinated public Disclosure\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-0198"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001354"
},
{
"db": "BID",
"id": "39505"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "VULHUB",
"id": "VHN-42803"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "88448"
}
],
"trust": 2.52
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-42803",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42803"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-0198",
"trust": 3.0
},
{
"db": "VUPEN",
"id": "ADV-2010-0873",
"trust": 2.6
},
{
"db": "USCERT",
"id": "TA10-103C",
"trust": 2.6
},
{
"db": "BID",
"id": "39329",
"trust": 2.0
},
{
"db": "BID",
"id": "39505",
"trust": 1.2
},
{
"db": "USCERT",
"id": "SA10-103C",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001354",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201004-251",
"trust": 0.7
},
{
"db": "CERT/CC",
"id": "TA10-103C",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "88448",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-42803",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88345",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "93607",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42803"
},
{
"db": "BID",
"id": "39505"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001354"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "88448"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-251"
},
{
"db": "NVD",
"id": "CVE-2010-0198"
}
]
},
"id": "VAR-201004-0127",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-42803"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:03:44.517000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-09",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"title": "APSB10-09",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-09.html"
},
{
"title": "RHSA-2010:0349",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0349.html"
},
{
"title": "TA10-103C",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-103c.html"
},
{
"title": "Adobe Reader 9.3.2 update (Intel) - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=4092"
},
{
"title": "Adobe Reader 8.1.7",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=4096"
},
{
"title": "Adobe Acrobat 9.3.2 Pro update - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=4100"
},
{
"title": "Adobe Reader 9.3.2 update - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=4091"
},
{
"title": "Adobe Reader 8.1.7",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=4095"
},
{
"title": "Adobe Acrobat 3D 8.2.2 update - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=4099"
},
{
"title": "Adobe Reader MUI 9.3.2 update - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=4090"
},
{
"title": "Adobe Reader 8.1.7",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=4094"
},
{
"title": "Adobe Acrobat 9.3.2 Pro Extended update - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=4098"
},
{
"title": "Adobe Reader 9.3.2 update - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=4089"
},
{
"title": "Adobe Reader 8.1.7",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=4093"
},
{
"title": "Adobe Acrobat 9.3.2 Pro and Standard update - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=4097"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001354"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-251"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42803"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001354"
},
{
"db": "NVD",
"id": "CVE-2010-0198"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.vupen.com/english/advisories/2010/0873"
},
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-103c.html"
},
{
"trust": 2.5,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/39329"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7106"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0198"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100009.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-103c/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-13/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0198"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/39505"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-103c.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/index.html#topics"
},
{
"trust": 0.6,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "/archive/1/510740"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0198"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-103c.html\u003e"
},
{
"trust": 0.1,
"url": "http://kb2.adobe.com/cps/504/cpsid_50431.html\u003e"
},
{
"trust": 0.1,
"url": "http://blogs.adobe.com/adobereader/2010/04/upcoming_adobe_reader_and_acro.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2203"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2209"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0188"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0199"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201009-05.xml"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2205"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2211"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1285"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0199"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0190"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2210"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0188"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-07.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1297"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1241"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1295"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2208"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0190"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0193"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2207"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2168"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2201"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-16.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0186"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2212"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/research.php"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/services/"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/exploits/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42803"
},
{
"db": "BID",
"id": "39505"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001354"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "88448"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-251"
},
{
"db": "NVD",
"id": "CVE-2010-0198"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-42803"
},
{
"db": "BID",
"id": "39505"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001354"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "88448"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-251"
},
{
"db": "NVD",
"id": "CVE-2010-0198"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-14T00:00:00",
"db": "VULHUB",
"id": "VHN-42803"
},
{
"date": "2010-04-13T00:00:00",
"db": "BID",
"id": "39505"
},
{
"date": "2010-04-08T00:00:00",
"db": "BID",
"id": "39329"
},
{
"date": "2010-04-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001354"
},
{
"date": "2010-04-14T07:04:22",
"db": "PACKETSTORM",
"id": "88345"
},
{
"date": "2010-09-08T05:23:46",
"db": "PACKETSTORM",
"id": "93607"
},
{
"date": "2010-04-16T02:30:33",
"db": "PACKETSTORM",
"id": "88448"
},
{
"date": "2010-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-251"
},
{
"date": "2010-04-14T16:00:00.930000",
"db": "NVD",
"id": "CVE-2010-0198"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-42803"
},
{
"date": "2010-09-07T21:12:00",
"db": "BID",
"id": "39505"
},
{
"date": "2010-04-16T15:53:00",
"db": "BID",
"id": "39329"
},
{
"date": "2010-04-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001354"
},
{
"date": "2010-04-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-251"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2010-0198"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "39505"
},
{
"db": "BID",
"id": "39329"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001354"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-251"
}
],
"trust": 0.6
}
}
var-201601-0592
Vulnerability from variot
Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, and CVE-2016-0945. This vulnerability CVE-2016-0931 , CVE-2016-0933 , CVE-2016-0936 , CVE-2016-0938 , CVE-2016-0939 , CVE-2016-0942 , CVE-2016-0944 ,and CVE-2016-0945 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Adobe Acrobat and Reader are prone to multiple memory-corruption vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Security flaws exist in several Adobe products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201601-0592",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.14 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30119 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20056 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30119 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20056 (windows/macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.14 (windows/macintosh)"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.13"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001048"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-246"
},
{
"db": "NVD",
"id": "CVE-2016-0946"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001048"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Brian Gorenc of HPE\u0027s Zero Day Initiative, Mahinthan Chandramohan, Wei Lei and Liu Yang working with iDefense\u0027s Vulnerability Contributor Program, Jaanus Kp of Clarified Security, working with HPE\u0027s Zero Day Initiative, Chris Navarrete of Fortinet\u0027s FortiG",
"sources": [
{
"db": "BID",
"id": "80361"
}
],
"trust": 0.3
},
"cve": "CVE-2016-0946",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2016-0946",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-88456",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2016-0946",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-0946",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2016-0946",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-246",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-88456",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88456"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001048"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-246"
},
{
"db": "NVD",
"id": "CVE-2016-0946"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, and CVE-2016-0945. This vulnerability CVE-2016-0931 , CVE-2016-0933 , CVE-2016-0936 , CVE-2016-0938 , CVE-2016-0939 , CVE-2016-0942 , CVE-2016-0944 ,and CVE-2016-0945 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Adobe Acrobat and Reader are prone to multiple memory-corruption vulnerabilities. \nAttackers can exploit these issues to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Security flaws exist in several Adobe products",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0946"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001048"
},
{
"db": "BID",
"id": "80361"
},
{
"db": "VULHUB",
"id": "VHN-88456"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0946",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1034646",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001048",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201601-246",
"trust": 0.6
},
{
"db": "ZDI",
"id": "ZDI-16-014",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-015",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-009",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-013",
"trust": 0.3
},
{
"db": "BID",
"id": "80361",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-88456",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88456"
},
{
"db": "BID",
"id": "80361"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001048"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-246"
},
{
"db": "NVD",
"id": "CVE-2016-0946"
}
]
},
"id": "VAR-201601-0592",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88456"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:32:58.260000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-02",
"trust": 0.8,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
},
{
"title": "APSB16-02",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb16-02.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160114.html"
},
{
"title": "Multiple Adobe Product Buffer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59593"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001048"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-246"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88456"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001048"
},
{
"db": "NVD",
"id": "CVE-2016-0946"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1034646"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0946"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160113-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160003.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0946"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17575"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
},
{
"trust": 0.3,
"url": "https://helpx.adobe.com/security/products/reader/apsb16-02.html"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-009/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-013/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-014/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-015/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88456"
},
{
"db": "BID",
"id": "80361"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001048"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-246"
},
{
"db": "NVD",
"id": "CVE-2016-0946"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-88456"
},
{
"db": "BID",
"id": "80361"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001048"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-246"
},
{
"db": "NVD",
"id": "CVE-2016-0946"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-14T00:00:00",
"db": "VULHUB",
"id": "VHN-88456"
},
{
"date": "2016-01-12T00:00:00",
"db": "BID",
"id": "80361"
},
{
"date": "2016-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001048"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-246"
},
{
"date": "2016-01-14T05:59:14.893000",
"db": "NVD",
"id": "CVE-2016-0946"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-07T00:00:00",
"db": "VULHUB",
"id": "VHN-88456"
},
{
"date": "2016-01-14T23:58:00",
"db": "BID",
"id": "80361"
},
{
"date": "2016-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001048"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-246"
},
{
"date": "2016-12-07T23:39:55.267000",
"db": "NVD",
"id": "CVE-2016-0946"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-246"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001048"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-246"
}
],
"trust": 0.6
}
}
var-201405-0219
Vulnerability from variot
Double free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. The following products are affected: Adobe Reader 11.x versions prior to 11.0.07 Adobe Reader 10.x versions prior to 10.1.10 Adobe Acrobat 11.x versions prior to 11.0.07 Adobe Acrobat 10.x versions prior to 10.1.10. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201405-0219",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.07)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.10)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.07)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.10)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "67366"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002488"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-253"
},
{
"db": "NVD",
"id": "CVE-2014-0528"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002488"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sune Vuorela of Ange Optimization",
"sources": [
{
"db": "BID",
"id": "67366"
}
],
"trust": 0.3
},
"cve": "CVE-2014-0528",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-0528",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-68021",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-0528",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-0528",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201405-253",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-68021",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68021"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002488"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-253"
},
{
"db": "NVD",
"id": "CVE-2014-0528"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Double free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. \nThe following products are affected:\nAdobe Reader 11.x versions prior to 11.0.07\nAdobe Reader 10.x versions prior to 10.1.10\nAdobe Acrobat 11.x versions prior to 11.0.07\nAdobe Acrobat 10.x versions prior to 10.1.10. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0528"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002488"
},
{
"db": "BID",
"id": "67366"
},
{
"db": "VULHUB",
"id": "VHN-68021"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0528",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002488",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201405-253",
"trust": 0.7
},
{
"db": "BID",
"id": "67366",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-68021",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68021"
},
{
"db": "BID",
"id": "67366"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002488"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-253"
},
{
"db": "NVD",
"id": "CVE-2014-0528"
}
]
},
"id": "VAR-201405-0219",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-68021"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T15:40:02.098000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB14-15",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-15.html"
},
{
"title": "APSB14-15",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb14-15.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20140515.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002488"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68021"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002488"
},
{
"db": "NVD",
"id": "CVE-2014-0528"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-15.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0528"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20140514-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140023.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0528"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=13798"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68021"
},
{
"db": "BID",
"id": "67366"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002488"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-253"
},
{
"db": "NVD",
"id": "CVE-2014-0528"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-68021"
},
{
"db": "BID",
"id": "67366"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002488"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-253"
},
{
"db": "NVD",
"id": "CVE-2014-0528"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-05-14T00:00:00",
"db": "VULHUB",
"id": "VHN-68021"
},
{
"date": "2014-05-13T00:00:00",
"db": "BID",
"id": "67366"
},
{
"date": "2014-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002488"
},
{
"date": "2014-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-253"
},
{
"date": "2014-05-14T11:13:05.537000",
"db": "NVD",
"id": "CVE-2014-0528"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-05-14T00:00:00",
"db": "VULHUB",
"id": "VHN-68021"
},
{
"date": "2014-05-13T00:00:00",
"db": "BID",
"id": "67366"
},
{
"date": "2014-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002488"
},
{
"date": "2014-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-253"
},
{
"date": "2014-05-14T14:54:15.003000",
"db": "NVD",
"id": "CVE-2014-0528"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201405-253"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Memory double free vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002488"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201405-253"
}
],
"trust": 0.6
}
}
var-201505-0285
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3046, CVE-2015-3049, CVE-2015-3050, CVE-2015-3051, CVE-2015-3052, CVE-2015-3056, CVE-2015-3057, and CVE-2015-3070. Adobe Reader and Acrobat are prone to multiple memory-corruption vulnerabilities. Failed exploit attempts will likely result in denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201505-0285",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002654"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-189"
},
{
"db": "NVD",
"id": "CVE-2015-3076"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002654"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "instruder of Alibaba Security Research Team, Mateusz Jurczyk of Google Project Zero, Alex Inf\u00fchr of Cure53.de, Mateusz Jurczyk of Google Project Zero and Gynvael Coldwind of Google Security Team, Wei Lei, as well as Wu Hongjun of Nanyang Technological Uni",
"sources": [
{
"db": "BID",
"id": "74600"
}
],
"trust": 0.3
},
"cve": "CVE-2015-3076",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3076",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-81037",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3076",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-3076",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-189",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-81037",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81037"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002654"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-189"
},
{
"db": "NVD",
"id": "CVE-2015-3076"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3046, CVE-2015-3049, CVE-2015-3050, CVE-2015-3051, CVE-2015-3052, CVE-2015-3056, CVE-2015-3057, and CVE-2015-3070. Adobe Reader and Acrobat are prone to multiple memory-corruption vulnerabilities. Failed exploit attempts will likely result in denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3076"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002654"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "VULHUB",
"id": "VHN-81037"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3076",
"trust": 2.8
},
{
"db": "BID",
"id": "74600",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1032284",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002654",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201505-189",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-81037",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81037"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002654"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-189"
},
{
"db": "NVD",
"id": "CVE-2015-3076"
}
]
},
"id": "VAR-201505-0285",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81037"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:34:03.083000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb15-10.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150514.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002654"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81037"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002654"
},
{
"db": "NVD",
"id": "CVE-2015-3076"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/74600"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032284"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3076"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150513-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3076"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=16279"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81037"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002654"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-189"
},
{
"db": "NVD",
"id": "CVE-2015-3076"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-81037"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002654"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-189"
},
{
"db": "NVD",
"id": "CVE-2015-3076"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-81037"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74600"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002654"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-189"
},
{
"date": "2015-05-13T11:00:09.687000",
"db": "NVD",
"id": "CVE-2015-3076"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-05T00:00:00",
"db": "VULHUB",
"id": "VHN-81037"
},
{
"date": "2015-07-15T01:02:00",
"db": "BID",
"id": "74600"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002654"
},
{
"date": "2015-05-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-189"
},
{
"date": "2017-01-05T20:14:51.520000",
"db": "NVD",
"id": "CVE-2015-3076"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-189"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002654"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-189"
}
],
"trust": 0.6
}
}
var-201006-1214
Vulnerability from variot
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2210, CVE-2010-2211, and CVE-2010-2212. Adobe Reader and Acrobat Any code that could be executed or service disruption (DoS) There is a vulnerability that becomes a condition. Adobe Reader and Acrobat versions prior to and including 9.3.2 and 8.2.2 are affected. This BID is being retired. ring). - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201009-05
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: September 07, 2010 Bugs: #297385, #306429, #313343, #322857 ID: 201009-05
Synopsis
Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code or other attacks. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.3.4"
References
[ 1 ] APSA10-01 http://www.adobe.com/support/security/advisories/apsa10-01.html [ 2 ] APSB10-02 http://www.adobe.com/support/security/bulletins/apsb10-02.html [ 3 ] APSB10-07 http://www.adobe.com/support/security/bulletins/apsb10-07.html [ 4 ] APSB10-09 http://www.adobe.com/support/security/bulletins/apsb10-09.html [ 5 ] APSB10-14 http://www.adobe.com/support/security/bulletins/apsb10-14.html [ 6 ] APSB10-16 http://www.adobe.com/support/security/bulletins/apsb10-16.html [ 7 ] CVE-2009-3953 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953 [ 8 ] CVE-2009-4324 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324 [ 9 ] CVE-2010-0186 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186 [ 10 ] CVE-2010-0188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188 [ 11 ] CVE-2010-0190 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190 [ 12 ] CVE-2010-0191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191 [ 13 ] CVE-2010-0192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192 [ 14 ] CVE-2010-0193 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193 [ 15 ] CVE-2010-0194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194 [ 16 ] CVE-2010-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195 [ 17 ] CVE-2010-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196 [ 18 ] CVE-2010-0197 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197 [ 19 ] CVE-2010-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198 [ 20 ] CVE-2010-0199 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199 [ 21 ] CVE-2010-0201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201 [ 22 ] CVE-2010-0202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202 [ 23 ] CVE-2010-0203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203 [ 24 ] CVE-2010-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204 [ 25 ] CVE-2010-1241 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241 [ 26 ] CVE-2010-1285 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285 [ 27 ] CVE-2010-1295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295 [ 28 ] CVE-2010-1297 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297 [ 29 ] CVE-2010-2168 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168 [ 30 ] CVE-2010-2201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201 [ 31 ] CVE-2010-2202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202 [ 32 ] CVE-2010-2203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203 [ 33 ] CVE-2010-2204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204 [ 34 ] CVE-2010-2205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205 [ 35 ] CVE-2010-2206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206 [ 36 ] CVE-2010-2207 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207 [ 37 ] CVE-2010-2208 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208 [ 38 ] CVE-2010-2209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209 [ 39 ] CVE-2010-2210 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210 [ 40 ] CVE-2010-2211 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211 [ 41 ] CVE-2010-2212 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201009-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. ----------------------------------------------------------------------
Secunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management
Free webinars
http://secunia.com/vulnerability_scanning/corporate/webinars/
TITLE: Adobe Flash Player Unspecified Code Execution Vulnerability
SECUNIA ADVISORY ID: SA40026
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/40026/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=40026
RELEASE DATE: 2010-06-05
DISCUSS ADVISORY: http://secunia.com/advisories/40026/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/40026/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=40026
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an unspecified error. No more information is currently available.
The vulnerability is reported in version 10.0.45.2 and prior 10.0.x and 9.0.x versions for Windows, Macintosh, Linux, and Solaris.
NOTE: The vulnerability is reportedly being actively exploited.
SOLUTION: Reportedly, the latest version 10.1 Release Candidate is not affected.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day.
ORIGINAL ADVISORY: Adobe: http://www.adobe.com/support/security/advisories/apsa10-01.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA10-159A
Adobe Flash, Reader, and Acrobat Vulnerability
Original release date: June 08, 2010 Last revised: -- Source: US-CERT
Systems Affected
* Adobe Flash Player 10.0.45.2 and earlier 10.x versions
* Adobe Flash Player 9.0.262 and earlier 9.x versions
* Adobe Reader 9.3.2 and earlier 9.x versions
* Adobe Acrobat 9.3.2 and earlier 9.x versions
Other Adobe products that support Flash may also be vulnerable. This
vulnerability affects Flash Player, Reader, Acrobat, and possibly other products that support Flash.
I. It may also affect other products that independently support Flash, such as Photoshop, Photoshop Lightroom, Freehand MX, and Fireworks.
An attacker could exploit this vulnerability by convincing a user to open specially crafted Flash content. Flash content is commonly hosted on a web page, but it can also be embedded in PDF and other documents or provided as a stand-alone file.
II.
III. Solution
Update
Adobe Security Advisory APSA10-01 suggests updating to the release candidate of Flash Player 10.1.
Disable Flash in your web browser
Uninstall Flash or restrict which sites are allowed to run Flash. To the extent possible, only run trusted Flash content on trusted domains. For more information, see Securing Your Web Browser.
Disable Flash in Adobe Reader and Acrobat
Disabling Flash in Adobe Reader will mitigate attacks that rely on Flash content embedded in a PDF file. Disabling 3D & Multimedia support does not directly address the vulnerability, but it does provide additional mitigation and results in a more user-friendly error message instead of a crash. To disable Flash and 3D & Multimedia support in Adobe Reader 9, delete, rename, or remove access to these files:
Microsoft Windows
"%ProgramFiles%\Adobe\Reader 9.0\Reader\authplay.dll"
"%ProgramFiles%\Adobe\Reader 9.0\Reader\rt3d.dll"
Apple Mac OS X
"/Applications/Adobe Reader 9/Adobe
Reader.app/Contents/Frameworks/AuthPlayLib.bundle"
"/Applications/Adobe Reader 9/Adobe
Reader.app/Contents/Frameworks/Adobe3D.framework"
GNU/Linux (locations may vary among distributions)
"/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so"
"/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so"
File locations may be different for Adobe Acrobat or other Adobe products that include Flash and 3D & Multimedia support. Disabling these plugins will reduce functionality and will not protect against Flash content hosted on websites. Depending on the update schedule for products other than Flash Player, consider leaving Flash and 3D & Multimedia support disabled unless they are absolutely required.
Prevent Internet Explorer from automatically opening PDF documents
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7]
"EditFlags"=hex:00,00,00,00
Disable the display of PDF documents in the web browser
Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF documents from automatically being opened in a web browser, do the following:
1.
2. Open the Edit menu.
3. Choose the Preferences option.
4. Choose the Internet section.
5. Uncheck the "Display PDF in browser" checkbox.
Disable JavaScript in Adobe Reader and Acrobat
Disabling JavaScript provides some additional protection against attacks. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Enable DEP in Microsoft Windows
Consider enabling Data Execution Prevention (DEP) in supported versions of Windows. DEP should not be treated as a complete workaround, but it can mitigate the execution of attacker-supplied code in some cases. Microsoft has published detailed technical information about DEP in Security Research & Defense blog posts "Understanding DEP as a mitigation technology" part 1 and part 2. Use of DEP should be considered in conjunction with the application of patches or other mitigations described in this document.
Do not access PDF documents from untrusted sources
Do not open unfamiliar or unexpected PDF documents, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. References
-
Security Advisory for Flash Player, Adobe Reader and Acrobat - http://www.adobe.com/support/security/advisories/apsa10-01.html
-
Adobe Labs - Flash Player 10 pre-release - http://labs.adobe.com/technologies/flashplayer10/
-
US-CERT Vulnerability Note VU#486225 - http://www.kb.cert.org/vuls/id/486225
-
Securing Your Web Browser - http://www.us-cert.gov/reading_room/securing_browser/
-
Understanding DEP as a mitigation technology part 1 - http://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx
-
Understanding DEP as a mitigation technology part 2 - http://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA10-159A.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA10-159A Feedback VU#486225" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
June 08, 2010: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBTA65yT6pPKYJORa3AQLS9wf/fh+7IwRtBvoPgn8pYeOsVheLkbVLWC3W miWUnY1acuPTwZzG5JcAldRHksFkx1j0mMEvp4PhtiTr51JFPi4XgDfrG4cEcVaw nuAqEV+hLAWZkMex/jWxBV+85tZqKN0kiUr3bq5DPsdkhjV7c2MFfS8BSxLXLuPm OFAXPT+XFldq6MJhYUOtWT1CIz6PNPfo68KmZaUThjdqkkBW3HQu90OSRf2c6M/u V6KBQf7QuhpPqYUqAZU6ZUNEfL/7g2BwvuPjUMlgE5N+Z8EYnhyhu0qDtZeLUcXA 2gH31VEr79DUHJqpb9jk61bi5Dm4gjHeLHoTAwu0IrduZzXvWncfIg== =ZPZM -----END PGP SIGNATURE----- .
SOLUTION: Delete, rename, or remove access to authplay.dll to prevent running SWF content in PDF files
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201006-1214",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.4.z (server)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "BID",
"id": "41240"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001715"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-487"
},
{
"db": "NVD",
"id": "CVE-2010-2209"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001715"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tavis Ormandy of the Google Security Team",
"sources": [
{
"db": "BID",
"id": "41240"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-487"
}
],
"trust": 0.9
},
"cve": "CVE-2010-2209",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-2209",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CARNEGIE MELLON",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 9.0,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 7.0,
"exploitability": "PROOF-OF-CONCEPT",
"exploitabilityScore": 8.6,
"id": "VU#486225",
"impactScore": 9.5,
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "OFFICIAL FIX",
"reportConfidence": "CONFIRMED",
"severity": "HIGH",
"targetDistribution": "NOT DEFINED",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-44814",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-2209",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#486225",
"trust": 0.8,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2010-2209",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201006-487",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-44814",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2010-2209",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44814"
},
{
"db": "VULMON",
"id": "CVE-2010-2209"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001715"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-487"
},
{
"db": "NVD",
"id": "CVE-2010-2209"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2210, CVE-2010-2211, and CVE-2010-2212. Adobe Reader and Acrobat Any code that could be executed or service disruption (DoS) There is a vulnerability that becomes a condition. \nAdobe Reader and Acrobat versions prior to and including 9.3.2 and 8.2.2 are affected. \nThis BID is being retired. ring). - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201009-05\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: September 07, 2010\n Bugs: #297385, #306429, #313343, #322857\n ID: 201009-05\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might result in the execution\nof arbitrary code or other attacks. For further\ninformation please consult the CVE entries and the Adobe Security\nBulletins referenced below. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.3.4\"\n\nReferences\n==========\n\n [ 1 ] APSA10-01\n http://www.adobe.com/support/security/advisories/apsa10-01.html\n [ 2 ] APSB10-02\n http://www.adobe.com/support/security/bulletins/apsb10-02.html\n [ 3 ] APSB10-07\n http://www.adobe.com/support/security/bulletins/apsb10-07.html\n [ 4 ] APSB10-09\n http://www.adobe.com/support/security/bulletins/apsb10-09.html\n [ 5 ] APSB10-14\n http://www.adobe.com/support/security/bulletins/apsb10-14.html\n [ 6 ] APSB10-16\n http://www.adobe.com/support/security/bulletins/apsb10-16.html\n [ 7 ] CVE-2009-3953\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953\n [ 8 ] CVE-2009-4324\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324\n [ 9 ] CVE-2010-0186\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186\n [ 10 ] CVE-2010-0188\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188\n [ 11 ] CVE-2010-0190\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190\n [ 12 ] CVE-2010-0191\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191\n [ 13 ] CVE-2010-0192\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192\n [ 14 ] CVE-2010-0193\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193\n [ 15 ] CVE-2010-0194\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194\n [ 16 ] CVE-2010-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195\n [ 17 ] CVE-2010-0196\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196\n [ 18 ] CVE-2010-0197\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197\n [ 19 ] CVE-2010-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198\n [ 20 ] CVE-2010-0199\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199\n [ 21 ] CVE-2010-0201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201\n [ 22 ] CVE-2010-0202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202\n [ 23 ] CVE-2010-0203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203\n [ 24 ] CVE-2010-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204\n [ 25 ] CVE-2010-1241\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241\n [ 26 ] CVE-2010-1285\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285\n [ 27 ] CVE-2010-1295\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295\n [ 28 ] CVE-2010-1297\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297\n [ 29 ] CVE-2010-2168\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168\n [ 30 ] CVE-2010-2201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201\n [ 31 ] CVE-2010-2202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202\n [ 32 ] CVE-2010-2203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203\n [ 33 ] CVE-2010-2204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204\n [ 34 ] CVE-2010-2205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205\n [ 35 ] CVE-2010-2206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206\n [ 36 ] CVE-2010-2207\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207\n [ 37 ] CVE-2010-2208\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208\n [ 38 ] CVE-2010-2209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209\n [ 39 ] CVE-2010-2210\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210\n [ 40 ] CVE-2010-2211\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211\n [ 41 ] CVE-2010-2212\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201009-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. ----------------------------------------------------------------------\n\n\nSecunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management\n\nFree webinars\n\nhttp://secunia.com/vulnerability_scanning/corporate/webinars/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player Unspecified Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA40026\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/40026/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026\n\nRELEASE DATE:\n2010-06-05\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/40026/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/40026/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in Adobe Flash Player, which can be\nexploited by malicious people to compromise a user\u0027s system. \n\nThe vulnerability is caused due to an unspecified error. No more\ninformation is currently available. \n\nThe vulnerability is reported in version 10.0.45.2 and prior 10.0.x\nand 9.0.x versions for Windows, Macintosh, Linux, and Solaris. \n\nNOTE: The vulnerability is reportedly being actively exploited. \n\nSOLUTION:\nReportedly, the latest version 10.1 Release Candidate is not\naffected. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\nReported as a 0-day. \n\nORIGINAL ADVISORY:\nAdobe:\nhttp://www.adobe.com/support/security/advisories/apsa10-01.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n National Cyber Alert System\n\n Technical Cyber Security Alert TA10-159A\n\n\nAdobe Flash, Reader, and Acrobat Vulnerability\n\n Original release date: June 08, 2010\n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n * Adobe Flash Player 10.0.45.2 and earlier 10.x versions\n * Adobe Flash Player 9.0.262 and earlier 9.x versions\n * Adobe Reader 9.3.2 and earlier 9.x versions\n * Adobe Acrobat 9.3.2 and earlier 9.x versions\n\n Other Adobe products that support Flash may also be vulnerable. This\n vulnerability affects Flash Player, Reader, Acrobat, and possibly\n other products that support Flash. \n\n\nI. It may\n also affect other products that independently support Flash, such\n as Photoshop, Photoshop Lightroom, Freehand MX, and Fireworks. \n\n An attacker could exploit this vulnerability by convincing a user\n to open specially crafted Flash content. Flash content is commonly\n hosted on a web page, but it can also be embedded in PDF and other\n documents or provided as a stand-alone file. \n\n\nII. \n\n\nIII. Solution\n\n Update\n\n Adobe Security Advisory APSA10-01 suggests updating to the release\n candidate of Flash Player 10.1. \n\n Disable Flash in your web browser\n\n Uninstall Flash or restrict which sites are allowed to run Flash. \n To the extent possible, only run trusted Flash content on trusted\n domains. For more information, see Securing Your Web Browser. \n\n Disable Flash in Adobe Reader and Acrobat\n\n Disabling Flash in Adobe Reader will mitigate attacks that rely on\n Flash content embedded in a PDF file. Disabling 3D \u0026 Multimedia\n support does not directly address the vulnerability, but it does\n provide additional mitigation and results in a more user-friendly\n error message instead of a crash. To disable Flash and 3D \u0026\n Multimedia support in Adobe Reader 9, delete, rename, or remove\n access to these files:\n\n Microsoft Windows\n\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\authplay.dll\"\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\rt3d.dll\"\n\n Apple Mac OS X\n\n \"/Applications/Adobe Reader 9/Adobe\n Reader.app/Contents/Frameworks/AuthPlayLib.bundle\"\n \"/Applications/Adobe Reader 9/Adobe\n Reader.app/Contents/Frameworks/Adobe3D.framework\"\n\n\n GNU/Linux (locations may vary among distributions)\n\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so\"\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so\"\n\n File locations may be different for Adobe Acrobat or other Adobe\n products that include Flash and 3D \u0026 Multimedia support. Disabling\n these plugins will reduce functionality and will not protect\n against Flash content hosted on websites. Depending on the update\n schedule for products other than Flash Player, consider leaving\n Flash and 3D \u0026 Multimedia support disabled unless they are\n absolutely required. \n\n Prevent Internet Explorer from automatically opening PDF documents\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF documents in the web browser\n\n Preventing PDF documents from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF documents from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. \n\n Disable JavaScript in Adobe Reader and Acrobat\n\n Disabling JavaScript provides some additional protection against\n attacks. Acrobat JavaScript can be disabled using the Preferences\n menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable Acrobat\n JavaScript). \n\n Enable DEP in Microsoft Windows\n\n Consider enabling Data Execution Prevention (DEP) in supported\n versions of Windows. DEP should not be treated as a complete\n workaround, but it can mitigate the execution of attacker-supplied\n code in some cases. Microsoft has published detailed technical\n information about DEP in Security Research \u0026 Defense blog posts\n \"Understanding DEP as a mitigation technology\" part 1 and part 2. \n Use of DEP should be considered in conjunction with the application\n of patches or other mitigations described in this document. \n\n Do not access PDF documents from untrusted sources\n\n Do not open unfamiliar or unexpected PDF documents, particularly\n those hosted on websites or delivered as email attachments. Please\n see Cyber Security Tip ST04-010. \n\n\nIV. References\n\n * Security Advisory for Flash Player, Adobe Reader and Acrobat -\n \u003chttp://www.adobe.com/support/security/advisories/apsa10-01.html\u003e\n\n * Adobe Labs - Flash Player 10 pre-release -\n \u003chttp://labs.adobe.com/technologies/flashplayer10/\u003e\n\n * US-CERT Vulnerability Note VU#486225 -\n \u003chttp://www.kb.cert.org/vuls/id/486225\u003e\n\n * Securing Your Web Browser -\n \u003chttp://www.us-cert.gov/reading_room/securing_browser/\u003e\n\n * Understanding DEP as a mitigation technology part 1 -\n \u003chttp://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx\u003e\n\n * Understanding DEP as a mitigation technology part 2 -\n \u003chttp://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx\u003e\n\n ____________________________________________________________________\n\n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA10-159A.html\u003e\n ____________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-159A Feedback VU#486225\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n June 08, 2010: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBTA65yT6pPKYJORa3AQLS9wf/fh+7IwRtBvoPgn8pYeOsVheLkbVLWC3W\nmiWUnY1acuPTwZzG5JcAldRHksFkx1j0mMEvp4PhtiTr51JFPi4XgDfrG4cEcVaw\nnuAqEV+hLAWZkMex/jWxBV+85tZqKN0kiUr3bq5DPsdkhjV7c2MFfS8BSxLXLuPm\nOFAXPT+XFldq6MJhYUOtWT1CIz6PNPfo68KmZaUThjdqkkBW3HQu90OSRf2c6M/u\nV6KBQf7QuhpPqYUqAZU6ZUNEfL/7g2BwvuPjUMlgE5N+Z8EYnhyhu0qDtZeLUcXA\n2gH31VEr79DUHJqpb9jk61bi5Dm4gjHeLHoTAwu0IrduZzXvWncfIg==\n=ZPZM\n-----END PGP SIGNATURE-----\n. \n\nSOLUTION:\nDelete, rename, or remove access to authplay.dll to prevent running\nSWF content in PDF files",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-2209"
},
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001715"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "BID",
"id": "41240"
},
{
"db": "VULHUB",
"id": "VHN-44814"
},
{
"db": "VULMON",
"id": "CVE-2010-2209"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "90321"
}
],
"trust": 3.42
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.kb.cert.org/vuls/id/486225",
"trust": 0.8,
"type": "poc"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-2209",
"trust": 3.0
},
{
"db": "BID",
"id": "41240",
"trust": 2.3
},
{
"db": "VUPEN",
"id": "ADV-2010-1636",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1024159",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "40026",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#486225",
"trust": 0.9
},
{
"db": "USCERT",
"id": "TA10-159A",
"trust": 0.9
},
{
"db": "USCERT",
"id": "SA10-162A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "TA10-162A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA10-159A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001715",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201006-487",
"trust": 0.7
},
{
"db": "BID",
"id": "41130",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-44814",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2010-2209",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "93607",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90322",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90516",
"trust": 0.1
},
{
"db": "SECUNIA",
"id": "40034",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90321",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44814"
},
{
"db": "VULMON",
"id": "CVE-2010-2209"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "BID",
"id": "41240"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001715"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "90321"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-487"
},
{
"db": "NVD",
"id": "CVE-2010-2209"
}
]
},
"id": "VAR-201006-1214",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-44814"
}
],
"trust": 0.01
},
"last_update_date": "2024-09-09T19:45:26.158000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-15",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"
},
{
"title": "APSB10-15",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-15.html"
},
{
"title": "RHSA-2010:0503",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0503.html"
},
{
"title": "TA10-159A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-159a.html"
},
{
"title": "TA10-162A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-162a.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001715"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44814"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001715"
},
{
"db": "NVD",
"id": "CVE-2010-2209"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"
},
{
"trust": 2.1,
"url": "http://www.securityfocus.com/bid/41240"
},
{
"trust": 2.0,
"url": "http://www.vupen.com/english/advisories/2010/1636"
},
{
"trust": 1.8,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a6957"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id?1024159"
},
{
"trust": 0.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2209"
},
{
"trust": 0.8,
"url": "http://www.adobe.com/devnet/actionscript/articles/avm2overview.pdf"
},
{
"trust": 0.8,
"url": "http://labs.adobe.com/technologies/flashplayer10/"
},
{
"trust": 0.8,
"url": "http://blog.zynamics.com/2010/06/09/analyzing-the-currently-exploited-0-day-for-adobe-reader-and-adobe-flash/"
},
{
"trust": 0.8,
"url": "http://www.symantec.com/connect/blogs/analysis-zero-day-exploit-adobe-flash-and-reader"
},
{
"trust": 0.8,
"url": "http://community.websense.com/blogs/securitylabs/archive/2010/06/09/having-fun-with-adobe-0-day-exploits.aspx"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/40026"
},
{
"trust": 0.8,
"url": "http://www.f-secure.com/weblog/archives/00001962.html"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20100611-adobe.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100015.txt"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100017.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-159a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-162a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-16"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2209"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-159a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-162a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-159a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-162a.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://www.adobe.com"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/webinars/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.rapid7.com/db/vulnerabilities/apsb10-15-adobe-reader-unspecified-cve-2010-1295"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2203"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4324"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0188"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0199"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201009-05.xml"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2205"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2211"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1285"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0199"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0190"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2210"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0188"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0198"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-07.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1297"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1241"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1295"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2208"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0190"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0198"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2207"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2168"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2201"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-16.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0186"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2212"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40026/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40026/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/486225\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-159a.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx\u003e"
},
{
"trust": 0.1,
"url": "http://labs.adobe.com/technologies/flashplayer10/\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/reading_room/securing_browser/\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx\u003e"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40034/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40034"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40034/#comments"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44814"
},
{
"db": "VULMON",
"id": "CVE-2010-2209"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "BID",
"id": "41240"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001715"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "90321"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-487"
},
{
"db": "NVD",
"id": "CVE-2010-2209"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44814"
},
{
"db": "VULMON",
"id": "CVE-2010-2209"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "BID",
"id": "41240"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001715"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "90321"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-487"
},
{
"db": "NVD",
"id": "CVE-2010-2209"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-06-07T00:00:00",
"db": "CERT/CC",
"id": "VU#486225"
},
{
"date": "2010-06-30T00:00:00",
"db": "VULHUB",
"id": "VHN-44814"
},
{
"date": "2010-06-30T00:00:00",
"db": "VULMON",
"id": "CVE-2010-2209"
},
{
"date": "2010-06-24T00:00:00",
"db": "BID",
"id": "41130"
},
{
"date": "2010-06-29T00:00:00",
"db": "BID",
"id": "41240"
},
{
"date": "2010-07-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001715"
},
{
"date": "2010-09-08T05:23:46",
"db": "PACKETSTORM",
"id": "93607"
},
{
"date": "2010-06-07T11:14:28",
"db": "PACKETSTORM",
"id": "90322"
},
{
"date": "2010-06-12T04:47:27",
"db": "PACKETSTORM",
"id": "90516"
},
{
"date": "2010-06-07T11:14:25",
"db": "PACKETSTORM",
"id": "90321"
},
{
"date": "2010-06-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-487"
},
{
"date": "2010-06-30T18:30:01.737000",
"db": "NVD",
"id": "CVE-2010-2209"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-03-28T00:00:00",
"db": "CERT/CC",
"id": "VU#486225"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-44814"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2010-2209"
},
{
"date": "2010-06-29T22:08:00",
"db": "BID",
"id": "41130"
},
{
"date": "2010-09-07T21:52:00",
"db": "BID",
"id": "41240"
},
{
"date": "2010-07-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001715"
},
{
"date": "2010-07-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-487"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2010-2209"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-487"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash ActionScript AVM2 newfunction vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201006-487"
}
],
"trust": 0.6
}
}
var-201607-0124
Vulnerability from variot
Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts likely result in denial-of-service conditions. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201607-0124",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30174"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.16"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30174"
},
{
"model": "reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.16"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.016.20045"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.016.20045"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.17 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30198 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.017.20050 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30198 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.017.20050 (windows/macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.17 (windows/macintosh)"
},
{
"model": "mac os x",
"scope": null,
"trust": 0.6,
"vendor": "apple",
"version": null
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.6.30174"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.6.30097"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.6.30172"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.16.20045"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.010.20056"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.10.20059"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.17"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.6.30121"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.14"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.006.30119"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.16.20039"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.9.20077"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "15.17.20050"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.10.20060"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.6.30097"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.16"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.14"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.10.20059"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.15"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.6.30174"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.16"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "15.6.30198"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.6.30172"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.10.20060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.16.20045"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.010.20056"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.15"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.6.30121"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.9.20077"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.006.30119"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "15.17.20050"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.16.20039"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "15.6.30198"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.17"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
}
],
"sources": [
{
"db": "BID",
"id": "91711"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003612"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-266"
},
{
"db": "NVD",
"id": "CVE-2016-4209"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-003612"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ke Liu of Tencent\u0027s Xuanwu LAB.",
"sources": [
{
"db": "BID",
"id": "91711"
}
],
"trust": 0.3
},
"cve": "CVE-2016-4209",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2016-4209",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-4209",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-93028",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2016-4209",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-4209",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-4209",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2016-4209",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201607-266",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-93028",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93028"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003612"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-266"
},
{
"db": "NVD",
"id": "CVE-2016-4209"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. \nAttackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts likely result in denial-of-service conditions. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4209"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003612"
},
{
"db": "BID",
"id": "91711"
},
{
"db": "VULHUB",
"id": "VHN-93028"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-4209",
"trust": 2.8
},
{
"db": "BID",
"id": "91711",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1036281",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003612",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201607-266",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-93028",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93028"
},
{
"db": "BID",
"id": "91711"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003612"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-266"
},
{
"db": "NVD",
"id": "CVE-2016-4209"
}
]
},
"id": "VAR-201607-0124",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-93028"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:32:30.051000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-26",
"trust": 0.8,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"title": "APSB16-26",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/acrobat/apsb16-26.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160714.html"
},
{
"title": "Multiple Adobe Product-based patch-based buffer overflow vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=62849"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-003612"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-266"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93028"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003612"
},
{
"db": "NVD",
"id": "CVE-2016-4209"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/91711"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1036281"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4209"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20160713-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160030.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4209"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=18716"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93028"
},
{
"db": "BID",
"id": "91711"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003612"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-266"
},
{
"db": "NVD",
"id": "CVE-2016-4209"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-93028"
},
{
"db": "BID",
"id": "91711"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003612"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-266"
},
{
"db": "NVD",
"id": "CVE-2016-4209"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-07-13T00:00:00",
"db": "VULHUB",
"id": "VHN-93028"
},
{
"date": "2016-07-12T00:00:00",
"db": "BID",
"id": "91711"
},
{
"date": "2016-07-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003612"
},
{
"date": "2016-07-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201607-266"
},
{
"date": "2016-07-13T02:00:18.527000",
"db": "NVD",
"id": "CVE-2016-4209"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-01T00:00:00",
"db": "VULHUB",
"id": "VHN-93028"
},
{
"date": "2016-07-12T00:00:00",
"db": "BID",
"id": "91711"
},
{
"date": "2016-07-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003612"
},
{
"date": "2016-07-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201607-266"
},
{
"date": "2017-09-01T01:29:20.413000",
"db": "NVD",
"id": "CVE-2016-4209"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201607-266"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Heap-based buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-003612"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201607-266"
}
],
"trust": 0.6
}
}
var-201505-0300
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3067, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073, and CVE-2015-3074. This vulnerability CVE-2015-3060 , CVE-2015-3061 , CVE-2015-3062 , CVE-2015-3063 , CVE-2015-3064 , CVE-2015-3065 , CVE-2015-3067 , CVE-2015-3068 , CVE-2015-3069 , CVE-2015-3071 , CVE-2015-3072 , CVE-2015-3073 and CVE-2015-3074 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlBy the attacker, JavaScript API May limit the execution limit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the SharedReviewDocCenterInitiator onError event. By creating a specially crafted PDF with specific JavaScript instructions, it is possible to bypass the JavaScript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Reader and Acrobat are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201505-0300",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-200"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002644"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-179"
},
{
"db": "NVD",
"id": "CVE-2015-3066"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002644"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-200"
}
],
"trust": 0.7
},
"cve": "CVE-2015-3066",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3066",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-3066",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-81027",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3066",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-3066",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-3066",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-179",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-81027",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-200"
},
{
"db": "VULHUB",
"id": "VHN-81027"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002644"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-179"
},
{
"db": "NVD",
"id": "CVE-2015-3066"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3067, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073, and CVE-2015-3074. This vulnerability CVE-2015-3060 , CVE-2015-3061 , CVE-2015-3062 , CVE-2015-3063 , CVE-2015-3064 , CVE-2015-3065 , CVE-2015-3067 , CVE-2015-3068 , CVE-2015-3069 , CVE-2015-3071 , CVE-2015-3072 , CVE-2015-3073 and CVE-2015-3074 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlBy the attacker, JavaScript API May limit the execution limit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the SharedReviewDocCenterInitiator onError event. By creating a specially crafted PDF with specific JavaScript instructions, it is possible to bypass the JavaScript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Reader and Acrobat are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3066"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002644"
},
{
"db": "ZDI",
"id": "ZDI-15-200"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "VULHUB",
"id": "VHN-81027"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3066",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-200",
"trust": 1.8
},
{
"db": "BID",
"id": "74604",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1032284",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002644",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2690",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201505-179",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-81027",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-200"
},
{
"db": "VULHUB",
"id": "VHN-81027"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002644"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-179"
},
{
"db": "NVD",
"id": "CVE-2015-3066"
}
]
},
"id": "VAR-201505-0300",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81027"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:34:02.744000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-10",
"trust": 1.5,
"url": "http://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb15-10.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150514.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-200"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002644"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-284",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81027"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002644"
},
{
"db": "NVD",
"id": "CVE-2015-3066"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/74604"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-200"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032284"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3066"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150513-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3066"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=16279"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-200"
},
{
"db": "VULHUB",
"id": "VHN-81027"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002644"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-179"
},
{
"db": "NVD",
"id": "CVE-2015-3066"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-200"
},
{
"db": "VULHUB",
"id": "VHN-81027"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002644"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-179"
},
{
"db": "NVD",
"id": "CVE-2015-3066"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-200"
},
{
"date": "2015-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-81027"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74604"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002644"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-179"
},
{
"date": "2015-05-13T11:00:01.233000",
"db": "NVD",
"id": "CVE-2015-3066"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-200"
},
{
"date": "2017-01-05T00:00:00",
"db": "VULHUB",
"id": "VHN-81027"
},
{
"date": "2015-05-15T01:17:00",
"db": "BID",
"id": "74604"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002644"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-179"
},
{
"date": "2017-01-05T20:09:17.037000",
"db": "NVD",
"id": "CVE-2015-3066"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-179"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat In JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002644"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "74604"
}
],
"trust": 0.3
}
}
var-201412-0495
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE-2014-8459, and CVE-2014-9158. Adobe Reader and Acrobat are prone to an unspecified memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201412-0495",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.02"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.01"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.03"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.07"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.04"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.06"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.13)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.13)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.10)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.10)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
}
],
"sources": [
{
"db": "BID",
"id": "71578"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005936"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-236"
},
{
"db": "NVD",
"id": "CVE-2014-8461"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005936"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mateusz Jurczyk of Google Project Zero and Gynvael Coldwind of Google Security Team",
"sources": [
{
"db": "BID",
"id": "71578"
}
],
"trust": 0.3
},
"cve": "CVE-2014-8461",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-8461",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-76406",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-8461",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-8461",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201412-236",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-76406",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2014-8461",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76406"
},
{
"db": "VULMON",
"id": "CVE-2014-8461"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005936"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-236"
},
{
"db": "NVD",
"id": "CVE-2014-8461"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE-2014-8459, and CVE-2014-9158. Adobe Reader and Acrobat are prone to an unspecified memory-corruption vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8461"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005936"
},
{
"db": "BID",
"id": "71578"
},
{
"db": "VULHUB",
"id": "VHN-76406"
},
{
"db": "VULMON",
"id": "CVE-2014-8461"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-8461",
"trust": 2.9
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005936",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201412-236",
"trust": 0.7
},
{
"db": "BID",
"id": "71578",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-76406",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2014-8461",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76406"
},
{
"db": "VULMON",
"id": "CVE-2014-8461"
},
{
"db": "BID",
"id": "71578"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005936"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-236"
},
{
"db": "NVD",
"id": "CVE-2014-8461"
}
]
},
"id": "VAR-201412-0495",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-76406"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T15:29:39.147000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb14-28.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005936"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76406"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005936"
},
{
"db": "NVD",
"id": "CVE-2014-8461"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8461"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20141210-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140053.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8461"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=15071"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat.html"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/94.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76406"
},
{
"db": "VULMON",
"id": "CVE-2014-8461"
},
{
"db": "BID",
"id": "71578"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005936"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-236"
},
{
"db": "NVD",
"id": "CVE-2014-8461"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-76406"
},
{
"db": "VULMON",
"id": "CVE-2014-8461"
},
{
"db": "BID",
"id": "71578"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005936"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-236"
},
{
"db": "NVD",
"id": "CVE-2014-8461"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-10T00:00:00",
"db": "VULHUB",
"id": "VHN-76406"
},
{
"date": "2014-12-10T00:00:00",
"db": "VULMON",
"id": "CVE-2014-8461"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71578"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005936"
},
{
"date": "2014-12-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-236"
},
{
"date": "2014-12-10T21:59:31.680000",
"db": "NVD",
"id": "CVE-2014-8461"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-76406"
},
{
"date": "2014-12-12T00:00:00",
"db": "VULMON",
"id": "CVE-2014-8461"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71578"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005936"
},
{
"date": "2014-12-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-236"
},
{
"date": "2014-12-12T01:39:37.577000",
"db": "NVD",
"id": "CVE-2014-8461"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-236"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005936"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-236"
}
],
"trust": 0.6
}
}
var-201510-0333
Vulnerability from variot
The ANSendForFormDistribution method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the ANSendForFormDistribution method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the ANSendForFormDistribution method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0333",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-507"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005273"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-229"
},
{
"db": "NVD",
"id": "CVE-2015-6716"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005273"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Matt Molinyawe and Jasiel Spelman of HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-507"
}
],
"trust": 0.7
},
"cve": "CVE-2015-6716",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6716",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.7,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-6716",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84677",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6716",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6716",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-6716",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-229",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-84677",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-507"
},
{
"db": "VULHUB",
"id": "VHN-84677"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005273"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-229"
},
{
"db": "NVD",
"id": "CVE-2015-6716"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The ANSendForFormDistribution method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the ANSendForFormDistribution method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the ANSendForFormDistribution method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6716"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005273"
},
{
"db": "ZDI",
"id": "ZDI-15-507"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "VULHUB",
"id": "VHN-84677"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6716",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-507",
"trust": 2.4
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005273",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3091",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-229",
"trust": 0.7
},
{
"db": "BID",
"id": "77074",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84677",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-507"
},
{
"db": "VULHUB",
"id": "VHN-84677"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005273"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-229"
},
{
"db": "NVD",
"id": "CVE-2015-6716"
}
]
},
"id": "VAR-201510-0333",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84677"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:37.378000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product Privilege License and Access Control Vulnerability Fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58078"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-507"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005273"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-229"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84677"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005273"
},
{
"db": "NVD",
"id": "CVE-2015-6716"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-507"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6716"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6716"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-507"
},
{
"db": "VULHUB",
"id": "VHN-84677"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005273"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-229"
},
{
"db": "NVD",
"id": "CVE-2015-6716"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-507"
},
{
"db": "VULHUB",
"id": "VHN-84677"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005273"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-229"
},
{
"db": "NVD",
"id": "CVE-2015-6716"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-507"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84677"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005273"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-229"
},
{
"date": "2015-10-14T23:59:37.837000",
"db": "NVD",
"id": "CVE-2015-6716"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-507"
},
{
"date": "2020-05-18T00:00:00",
"db": "VULHUB",
"id": "VHN-84677"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005273"
},
{
"date": "2020-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-229"
},
{
"date": "2021-09-08T17:19:32.240000",
"db": "NVD",
"id": "CVE-2015-6716"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-229"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of ANSendForFormDistribution In the method JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005273"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-229"
}
],
"trust": 0.6
}
}
var-201510-0039
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions and execute arbitrary commands via an app.launchURL call, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, app.launchURL Via call JavaScript API Execution restrictions may be avoided and arbitrary commands may be executed. Authentication is not required to exploit this vulnerability. The specific flaw exists within handling URL's passed to app.launchURL. A specially crafted cURL passed to app.launchURL can force a command to be executed. A remote attacker could exploit this vulnerability to execute arbitrary code in the context of the process. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. Security flaws exist in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0039",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-509"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005283"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-239"
},
{
"db": "NVD",
"id": "CVE-2015-7614"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005283"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-509"
}
],
"trust": 0.7
},
"cve": "CVE-2015-7614",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-7614",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-7614",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2015-7614",
"impactScore": 9.5,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-85575",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-7614",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-7614",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-7614",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-239",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-85575",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-509"
},
{
"db": "VULHUB",
"id": "VHN-85575"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005283"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-239"
},
{
"db": "NVD",
"id": "CVE-2015-7614"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions and execute arbitrary commands via an app.launchURL call, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, app.launchURL Via call JavaScript API Execution restrictions may be avoided and arbitrary commands may be executed. Authentication is not required to exploit this vulnerability. The specific flaw exists within handling URL\u0027s passed to app.launchURL. A specially crafted cURL passed to app.launchURL can force a command to be executed. A remote attacker could exploit this vulnerability to execute arbitrary code in the context of the process. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. Security flaws exist in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7614"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005283"
},
{
"db": "ZDI",
"id": "ZDI-15-509"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "VULHUB",
"id": "VHN-85575"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-7614",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-509",
"trust": 2.4
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005283",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3103",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-239",
"trust": 0.7
},
{
"db": "BID",
"id": "77074",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-85575",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-509"
},
{
"db": "VULHUB",
"id": "VHN-85575"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005283"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-239"
},
{
"db": "NVD",
"id": "CVE-2015-7614"
}
]
},
"id": "VAR-201510-0039",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-85575"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:36.954000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product Privilege License and Access Control Vulnerability Fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58088"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-509"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005283"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-239"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85575"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005283"
},
{
"db": "NVD",
"id": "CVE-2015-7614"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-509"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7614"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7614"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-509"
},
{
"db": "VULHUB",
"id": "VHN-85575"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005283"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-239"
},
{
"db": "NVD",
"id": "CVE-2015-7614"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-509"
},
{
"db": "VULHUB",
"id": "VHN-85575"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005283"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-239"
},
{
"db": "NVD",
"id": "CVE-2015-7614"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-509"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-85575"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005283"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-239"
},
{
"date": "2015-10-14T23:59:47.963000",
"db": "NVD",
"id": "CVE-2015-7614"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-509"
},
{
"date": "2020-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-85575"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005283"
},
{
"date": "2020-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-239"
},
{
"date": "2021-09-08T17:19:32.473000",
"db": "NVD",
"id": "CVE-2015-7614"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-239"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat In JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005283"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-239"
}
],
"trust": 0.6
}
}
var-201106-0117
Vulnerability from variot
Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2095 and CVE-2011-2097. Adobe Reader and Acrobat Contains a buffer overflow vulnerability. This vulnerability CVE-2011-2095 and CVE-2011-2097 Is a different vulnerability.An attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the application explicitly trusting a string's length embedded within a particular file loaded by the 3difr.x3d component. The application will duplicate an arbitrarily sized string into a statically sized buffer located on the stack. This can lead to code execution under the context of the application. More details can be found at:
http://www.adobe.com/support/security/bulletins/apsb11-16.html
-- Disclosure Timeline: 2010-11-29 - Vulnerability reported to vendor 2011-06-14 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by: * Anonymous
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
Follow the ZDI on Twitter:
http://twitter.com/thezdi
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ .
Adobe has released Security Bulletin APSB11-17, which describes multiple vulnerabilities affecting Adobe Shockwave Player.
Adobe has released Security Bulletin APSB11-18, which describes multiple vulnerabilities affecting Adobe Flash Player.
I.
An attacker could exploit these vulnerabilities by convincing a user to open a specially crafted PDF file. The Adobe Reader browser plug-in, which can automatically open PDF documents hosted on a website, is available for multiple web browsers and operating systems.
Adobe Security Bulletin APSB11-17 describes a number of vulnerabilities affecting Adobe Shockwave Player. These vulnerabilities affect Shockwave Player 11.5.9.620 and earlier versions.
An attacker could exploit this vulnerability by convincing a user to open specially crafted Shockwave content. Shockwave content is commonly hosted on a web page, but it can also be embedded in PDF and other documents or provided as a stand-alone file.
Adobe Security Bulletin APSB11-18 describes a number of vulnerabilities affecting Adobe Flash Player. These vulnerabilities affect Flash Player 10.3.181.23 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems. These vulnerabilities also affect Flash Player 10.3.185.23 and earlier versions for Android.
An attacker could exploit this vulnerability by convincing a user to open specially crafted Flash content. Flash content is commonly hosted on a web page, but it can also be embedded in PDF and other documents or provided as a stand-alone file.
II. Impact
These vulnerabilities could allow a remote attacker to execute arbitrary code, write arbitrary files or folders to the file system, escalate local privileges, or cause a denial of service on an affected system as the result of a user opening a malicious PDF file.
III. Solution
Update Reader
Adobe has released updates to address this issue.
Update Adobe Shockwave Player
Adobe has released updates to address this issue. Users are encouraged to read Adobe Security Bulletin APSB11-17 and update vulnerable versions of Adobe Shockwave Player.
Update Adobe Flash Player
Adobe has released updates to address this issue. Users are encouraged to read Adobe Security Bulletin APSB11-18 and update vulnerable versions of Adobe Adobe Flash Player.
Disable Flash in your web browser
Uninstall Flash or restrict which sites are allowed to run Flash. To the extent possible, only run trusted Flash content on trusted domains. For more information, see Securing Your Web Browser.
Disable Flash in Adobe Reader and Acrobat
Disabling Flash in Adobe Reader will mitigate attacks that rely on Flash content embedded in a PDF file. Disabling 3D & Multimedia support does not directly address the vulnerability, but it does provide additional mitigation and results in a more user-friendly error message instead of a crash. To disable Flash and 3D & Multimedia support in Adobe Reader 9, delete, rename, or remove access to these files:
Microsoft Windows "%ProgramFiles%\Adobe\Reader 9.0\Reader\authplay.dll" "%ProgramFiles%\Adobe\Reader 9.0\Reader\rt3d.dll"
Apple Mac OS X "/Applications/Adobe Reader 9/Adobe Reader.app/Contents/Frameworks/AuthPlayLib.bundle" "/Applications/Adobe Reader 9/Adobe Reader.app/Contents/Frameworks/Adobe3D.framework"
GNU/Linux (locations may vary among distributions) "/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so" "/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so"
File locations may be different for Adobe Acrobat or other Adobe products that include Flash and 3D & Multimedia support. Disabling these plugins will reduce functionality and will not protect against Flash content hosted on websites. Depending on the update schedule for products other than Flash Player, consider leaving Flash and 3D & Multimedia support disabled unless they are absolutely required. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Adobe provides a framework to blacklist specific JavaScipt APIs. If JavaScript must be enabled, this feature may be useful when specific APIs are known to be vulnerable or used in attacks.
Prevent Internet Explorer from automatically opening PDF files
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7] "EditFlags"=hex:00,00,00,00
Disable the display of PDF files in the web browser
Preventing PDF files from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF files from automatically being opened in a web browser, do the following:
- Open the Edit menu.
- Choose the Preferences option.
- Choose the Internet section.
- Uncheck the "Display PDF in browser" checkbox.
Do not access PDF files from untrusted sources
Do not open unfamiliar or unexpected PDF files, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. References
-
Security update available for Adobe Reader and Acrobat - http://www.adobe.com/support/security/bulletins/apsb11-16.html
-
Adobe Reader and Acrobat JavaScript Blacklist Framework - http://kb2.adobe.com/cps/504/cpsid_50431.html
-
Security update available for Adobe Flash Player - http://www.adobe.com/support/security/bulletins/apsb11-18.html
-
Security update available for Adobe Shockwave Player - http://www.adobe.com/support/security/bulletins/apsb11-17.html
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA11-166A.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA11-166A Feedback" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2011 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
June 15, 2011: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBTfjkdz6pPKYJORa3AQL96Af/bfXjpbygssCruFOpIPCRkp2YprLJLjjc D+ydEKvBTLYUqm5QgUD99bKwcUjQvwbZRuQDM2hhb49+TeTQPWR3gKvSqasviAC9 wu73HEw6I5ystOW/v0m+IglgbQH6qBr1VdycxOQf3z63sWbt4XafBpbY3t4klcfj Wc9ysRAY0RbInH5oyxJrOZz68OFUJj+ZsJw7wvnC3kgd3r6Q92nEM0cAiuNxmk0l 4g+HR0LuQRrgurAiX/zdAylByhOVmzBAqHhPk9pEdlf6XgEAhu/nSHrPa9jD+YKh DtDSf9ETAnsqjY7zjP1RdgjcUU1HbzU1Egs3LOy33zfHEzKZZJe2QA== =p3nZ -----END PGP SIGNATURE----- . ----------------------------------------------------------------------
Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA43269
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43269/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43269
RELEASE DATE: 2011-06-16
DISCUSS ADVISORY: http://secunia.com/advisories/43269/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43269/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43269
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader / Acrobat, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, bypass certain security restrictions, and compromise a user's system.
1) An error in 3difr.x3d due to the component trusting the provided string length when processing certain files can be exploited to cause a stack-based buffer overflow.
2) An error in tesselate.x3d due to the component trusting the provided string length when processing certain files can be exploited to cause a stack-based buffer overflow.
3) An unspecified error can be exploited to cause a heap-based buffer overflow.
4) An integer overflow error in ACE.dll when parsing the "desc" ICC chunk can be exploited to corrupt memory via a specially crafted PDF file.
5) An unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to corrupt memory.
7) An error due to the application loading certain unspecified libraries in an insecure manner can be exploited to load arbitrary libraries by tricking a user into e.g. opening a file located on a remote WebDAV or SMB share.
9) An unspecified error can be exploited to bypass certain security restrictions.
10) An unspecified error can be exploited to corrupt memory.
11) An unspecified error can be exploited to corrupt memory.
12) An unspecified error can be exploited to corrupt memory.
13) An unspecified error can be exploited to corrupt memory.
SOLUTION: Apply updates (please see the vendor's advisory for details).
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1, 2) An anonymous person via ZDI. 4) Secunia Research.
The vendor also credits: 3, 6) Tarjei Mandt, Norman. 5) Rodrigo Rubira Branco. 7) Mila Parkour. 8) Billy Rios, Google Security Team. 9) Christian Navarrete, CubilFelino Security Research Lab. 10) Tavis Ormandy, Google Security Team. 11) Brett Gervasoni, Sense of Security. 12) Will Dormann, CERT/CC. 13) James Quirk, Los Alamos, New Mexico.
ORIGINAL ADVISORY: Adobe (APSB11-16): http://www.adobe.com/support/security/bulletins/apsb11-16.html
Secunia Research: http://secunia.com/secunia_research/2011-41/
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-218/ http://www.zerodayinitiative.com/advisories/ZDI-11-219/
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201106-0117",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.2.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2.6 for windows and macintosh"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.4 for windows and macintosh"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0.3) for windows and macintosh"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2.6 for windows and macintosh"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.4 for windows and macintosh"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0.1) for windows"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0.3) for macintosh"
},
{
"model": "turbolinux client",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2008"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.6"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat professional extended",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.6"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-219"
},
{
"db": "BID",
"id": "48240"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001779"
},
{
"db": "CNNVD",
"id": "CNNVD-201106-132"
},
{
"db": "NVD",
"id": "CVE-2011-2094"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001779"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anonymous",
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-219"
}
],
"trust": 0.7
},
"cve": "CVE-2011-2094",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2011-2094",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2011-2094",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-50039",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-2094",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-2094",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2011-2094",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201106-132",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-50039",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-219"
},
{
"db": "VULHUB",
"id": "VHN-50039"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001779"
},
{
"db": "CNNVD",
"id": "CNNVD-201106-132"
},
{
"db": "NVD",
"id": "CVE-2011-2094"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2095 and CVE-2011-2097. Adobe Reader and Acrobat Contains a buffer overflow vulnerability. This vulnerability CVE-2011-2095 and CVE-2011-2097 Is a different vulnerability.An attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the application explicitly trusting a string\u0027s length embedded within a particular file loaded by the 3difr.x3d component. The application will duplicate an arbitrarily sized string into a statically sized buffer located on the stack. This can lead to code execution under the context of the application. More\ndetails can be found at:\n\nhttp://www.adobe.com/support/security/bulletins/apsb11-16.html\n\n-- Disclosure Timeline:\n2010-11-29 - Vulnerability reported to vendor\n2011-06-14 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n * Anonymous\n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nFollow the ZDI on Twitter:\n\n http://twitter.com/thezdi\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. \n\n Adobe has released Security Bulletin APSB11-17, which describes\n multiple vulnerabilities affecting Adobe Shockwave Player. \n\n Adobe has released Security Bulletin APSB11-18, which describes\n multiple vulnerabilities affecting Adobe Flash Player. \n\n\nI. \n\n An attacker could exploit these vulnerabilities by convincing a\n user to open a specially crafted PDF file. The Adobe Reader browser\n plug-in, which can automatically open PDF documents hosted on a\n website, is available for multiple web browsers and operating\n systems. \n\n Adobe Security Bulletin APSB11-17 describes a number of\n vulnerabilities affecting Adobe Shockwave Player. These\n vulnerabilities affect Shockwave Player 11.5.9.620 and earlier\n versions. \n\n An attacker could exploit this vulnerability by convincing a user\n to open specially crafted Shockwave content. Shockwave content is\n commonly hosted on a web page, but it can also be embedded in PDF\n and other documents or provided as a stand-alone file. \n\n Adobe Security Bulletin APSB11-18 describes a number of\n vulnerabilities affecting Adobe Flash Player. These vulnerabilities\n affect Flash Player 10.3.181.23 and earlier versions for Windows,\n Macintosh, Linux and Solaris operating systems. These\n vulnerabilities also affect Flash Player 10.3.185.23 and earlier\n versions for Android. \n\n An attacker could exploit this vulnerability by convincing a user\n to open specially crafted Flash content. Flash content is commonly\n hosted on a web page, but it can also be embedded in PDF and other\n documents or provided as a stand-alone file. \n\n\nII. Impact\n\n These vulnerabilities could allow a remote attacker to execute\n arbitrary code, write arbitrary files or folders to the file\n system, escalate local privileges, or cause a denial of service on\n an affected system as the result of a user opening a malicious PDF\n file. \n\n\nIII. Solution\n\n Update Reader\n\n Adobe has released updates to address this issue. \n\n Update Adobe Shockwave Player\n\n Adobe has released updates to address this issue. Users are\n encouraged to read Adobe Security Bulletin APSB11-17 and update\n vulnerable versions of Adobe Shockwave Player. \n\n Update Adobe Flash Player\n\n Adobe has released updates to address this issue. Users are\n encouraged to read Adobe Security Bulletin APSB11-18 and update\n vulnerable versions of Adobe Adobe Flash Player. \n\n Disable Flash in your web browser\n\n Uninstall Flash or restrict which sites are allowed to run Flash. \n To the extent possible, only run trusted Flash content on trusted\n domains. For more information, see Securing Your Web Browser. \n\n Disable Flash in Adobe Reader and Acrobat\n\n Disabling Flash in Adobe Reader will mitigate attacks that rely on\n Flash content embedded in a PDF file. Disabling 3D \u0026 Multimedia\n support does not directly address the vulnerability, but it does\n provide additional mitigation and results in a more user-friendly\n error message instead of a crash. To disable Flash and 3D \u0026\n Multimedia support in Adobe Reader 9, delete, rename, or remove\n access to these files:\n\n Microsoft Windows\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\authplay.dll\"\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\rt3d.dll\"\n\n Apple Mac OS X\n \"/Applications/Adobe Reader 9/Adobe Reader.app/Contents/Frameworks/AuthPlayLib.bundle\"\n \"/Applications/Adobe Reader 9/Adobe Reader.app/Contents/Frameworks/Adobe3D.framework\"\n\n GNU/Linux (locations may vary among distributions)\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so\"\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so\"\n\n File locations may be different for Adobe Acrobat or other Adobe\n products that include Flash and 3D \u0026 Multimedia support. Disabling\n these plugins will reduce functionality and will not protect\n against Flash content hosted on websites. Depending on the update\n schedule for products other than Flash Player, consider leaving\n Flash and 3D \u0026 Multimedia support disabled unless they are\n absolutely required. Acrobat JavaScript can be disabled using the\n Preferences menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable\n Acrobat JavaScript). \n\n Adobe provides a framework to blacklist specific JavaScipt APIs. If\n JavaScript must be enabled, this feature may be useful when\n specific APIs are known to be vulnerable or used in attacks. \n\n Prevent Internet Explorer from automatically opening PDF files\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF files in the web browser\n\n Preventing PDF files from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF files from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. \n\n Do not access PDF files from untrusted sources\n\n Do not open unfamiliar or unexpected PDF files, particularly those\n hosted on websites or delivered as email attachments. Please see\n Cyber Security Tip ST04-010. \n\n\nIV. References\n\n * Security update available for Adobe Reader and Acrobat -\n \u003chttp://www.adobe.com/support/security/bulletins/apsb11-16.html\u003e\n\n * Adobe Reader and Acrobat JavaScript Blacklist Framework -\n \u003chttp://kb2.adobe.com/cps/504/cpsid_50431.html\u003e\n\n * Security update available for Adobe Flash Player -\n \u003chttp://www.adobe.com/support/security/bulletins/apsb11-18.html\u003e\n\n * Security update available for Adobe Shockwave Player -\n \u003chttp://www.adobe.com/support/security/bulletins/apsb11-17.html\u003e\n\n ____________________________________________________________________\n\n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA11-166A.html\u003e\n ____________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA11-166A Feedback\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2011 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n June 15, 2011: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBTfjkdz6pPKYJORa3AQL96Af/bfXjpbygssCruFOpIPCRkp2YprLJLjjc\nD+ydEKvBTLYUqm5QgUD99bKwcUjQvwbZRuQDM2hhb49+TeTQPWR3gKvSqasviAC9\nwu73HEw6I5ystOW/v0m+IglgbQH6qBr1VdycxOQf3z63sWbt4XafBpbY3t4klcfj\nWc9ysRAY0RbInH5oyxJrOZz68OFUJj+ZsJw7wvnC3kgd3r6Q92nEM0cAiuNxmk0l\n4g+HR0LuQRrgurAiX/zdAylByhOVmzBAqHhPk9pEdlf6XgEAhu/nSHrPa9jD+YKh\nDtDSf9ETAnsqjY7zjP1RdgjcUU1HbzU1Egs3LOy33zfHEzKZZJe2QA==\n=p3nZ\n-----END PGP SIGNATURE-----\n. ----------------------------------------------------------------------\n\n\nJoin Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria\nSee to the presentation \"The Dynamics and Threats of End-Point Software Portfolios\" by Secunia\u0027s Research Analyst Director, Stefan Frei. \nRead more:\nhttp://conference.first.org/ \n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA43269\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43269/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43269\n\nRELEASE DATE:\n2011-06-16\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43269/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43269/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43269\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader /\nAcrobat, which can be exploited by malicious people to conduct\ncross-site scripting attacks, disclose potentially sensitive\ninformation, bypass certain security restrictions, and compromise a\nuser\u0027s system. \n\n1) An error in 3difr.x3d due to the component trusting the provided\nstring length when processing certain files can be exploited to cause\na stack-based buffer overflow. \n\n2) An error in tesselate.x3d due to the component trusting the\nprovided string length when processing certain files can be exploited\nto cause a stack-based buffer overflow. \n\n3) An unspecified error can be exploited to cause a heap-based buffer\noverflow. \n\n4) An integer overflow error in ACE.dll when parsing the \"desc\" ICC\nchunk can be exploited to corrupt memory via a specially crafted PDF\nfile. \n\n5) An unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to corrupt memory. \n\n7) An error due to the application loading certain unspecified\nlibraries in an insecure manner can be exploited to load arbitrary\nlibraries by tricking a user into e.g. opening a file located on a\nremote WebDAV or SMB share. \n\n9) An unspecified error can be exploited to bypass certain security\nrestrictions. \n\n10) An unspecified error can be exploited to corrupt memory. \n\n11) An unspecified error can be exploited to corrupt memory. \n\n12) An unspecified error can be exploited to corrupt memory. \n\n13) An unspecified error can be exploited to corrupt memory. \n\nSOLUTION:\nApply updates (please see the vendor\u0027s advisory for details). \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1, 2) An anonymous person via ZDI. \n4) Secunia Research. \n\nThe vendor also credits:\n3, 6) Tarjei Mandt, Norman. \n5) Rodrigo Rubira Branco. \n7) Mila Parkour. \n8) Billy Rios, Google Security Team. \n9) Christian Navarrete, CubilFelino Security Research Lab. \n10) Tavis Ormandy, Google Security Team. \n11) Brett Gervasoni, Sense of Security. \n12) Will Dormann, CERT/CC. \n13) James Quirk, Los Alamos, New Mexico. \n\nORIGINAL ADVISORY:\nAdobe (APSB11-16):\nhttp://www.adobe.com/support/security/bulletins/apsb11-16.html\n\nSecunia Research:\nhttp://secunia.com/secunia_research/2011-41/\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-218/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-219/\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2094"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001779"
},
{
"db": "ZDI",
"id": "ZDI-11-219"
},
{
"db": "BID",
"id": "48240"
},
{
"db": "VULHUB",
"id": "VHN-50039"
},
{
"db": "PACKETSTORM",
"id": "102279"
},
{
"db": "PACKETSTORM",
"id": "102327"
},
{
"db": "PACKETSTORM",
"id": "102309"
}
],
"trust": 2.88
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-50039",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50039"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-2094",
"trust": 3.6
},
{
"db": "USCERT",
"id": "TA11-166A",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1025658",
"trust": 1.9
},
{
"db": "BID",
"id": "48240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "43269",
"trust": 1.6
},
{
"db": "ZDI",
"id": "ZDI-11-219",
"trust": 1.2
},
{
"db": "USCERT",
"id": "SA11-166A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001779",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-998",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201106-132",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "17001",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "102279",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-50039",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "102327",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-218",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "102309",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-219"
},
{
"db": "VULHUB",
"id": "VHN-50039"
},
{
"db": "BID",
"id": "48240"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001779"
},
{
"db": "PACKETSTORM",
"id": "102279"
},
{
"db": "PACKETSTORM",
"id": "102327"
},
{
"db": "PACKETSTORM",
"id": "102309"
},
{
"db": "CNNVD",
"id": "CNNVD-201106-132"
},
{
"db": "NVD",
"id": "CVE-2011-2094"
}
]
},
"id": "VAR-201106-0117",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-50039"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:15:15.350000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-16",
"trust": 1.5,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-16.html"
},
{
"title": "APSB11-16",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb11-16.html"
},
{
"title": "APSB11-16 (cpsid_90735)",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/907/cpsid_90735.html"
},
{
"title": "TLSA-2011-20",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-20j.txt"
},
{
"title": "TA11-166A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta11-166a.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-219"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001779"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50039"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001779"
},
{
"db": "NVD",
"id": "CVE-2011-2094"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-16.html"
},
{
"trust": 1.9,
"url": "http://www.us-cert.gov/cas/techalerts/ta11-166a.html"
},
{
"trust": 1.4,
"url": "http://secunia.com/advisories/43269"
},
{
"trust": 1.4,
"url": "http://www.securityfocus.com/bid/48240"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a13747"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1025658"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2094"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2011/at110017.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta11-166a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2094"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id/1025658"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa11-166a.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/17001"
},
{
"trust": 0.4,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-219/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-219"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://twitter.com/thezdi"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2094"
},
{
"trust": 0.1,
"url": "http://www.tippingpoint.com"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-17.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta11-166a.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-18.html\u003e"
},
{
"trust": 0.1,
"url": "http://kb2.adobe.com/cps/504/cpsid_50431.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-16.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43269/"
},
{
"trust": 0.1,
"url": "http://conference.first.org/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43269/#comments"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-218/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_research/2011-41/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43269"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-219"
},
{
"db": "VULHUB",
"id": "VHN-50039"
},
{
"db": "BID",
"id": "48240"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001779"
},
{
"db": "PACKETSTORM",
"id": "102279"
},
{
"db": "PACKETSTORM",
"id": "102327"
},
{
"db": "PACKETSTORM",
"id": "102309"
},
{
"db": "CNNVD",
"id": "CNNVD-201106-132"
},
{
"db": "NVD",
"id": "CVE-2011-2094"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-11-219"
},
{
"db": "VULHUB",
"id": "VHN-50039"
},
{
"db": "BID",
"id": "48240"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001779"
},
{
"db": "PACKETSTORM",
"id": "102279"
},
{
"db": "PACKETSTORM",
"id": "102327"
},
{
"db": "PACKETSTORM",
"id": "102309"
},
{
"db": "CNNVD",
"id": "CNNVD-201106-132"
},
{
"db": "NVD",
"id": "CVE-2011-2094"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-06-14T00:00:00",
"db": "ZDI",
"id": "ZDI-11-219"
},
{
"date": "2011-06-16T00:00:00",
"db": "VULHUB",
"id": "VHN-50039"
},
{
"date": "2011-06-14T00:00:00",
"db": "BID",
"id": "48240"
},
{
"date": "2011-06-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001779"
},
{
"date": "2011-06-14T23:10:27",
"db": "PACKETSTORM",
"id": "102279"
},
{
"date": "2011-06-16T10:27:51",
"db": "PACKETSTORM",
"id": "102327"
},
{
"date": "2011-06-16T02:14:44",
"db": "PACKETSTORM",
"id": "102309"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201106-132"
},
{
"date": "2011-06-16T23:55:01.587000",
"db": "NVD",
"id": "CVE-2011-2094"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-06-14T00:00:00",
"db": "ZDI",
"id": "ZDI-11-219"
},
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-50039"
},
{
"date": "2013-06-20T09:40:00",
"db": "BID",
"id": "48240"
},
{
"date": "2011-06-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001779"
},
{
"date": "2011-06-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201106-132"
},
{
"date": "2017-09-19T01:32:53.130000",
"db": "NVD",
"id": "CVE-2011-2094"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "102279"
},
{
"db": "CNNVD",
"id": "CNNVD-201106-132"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001779"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201106-132"
}
],
"trust": 0.6
}
}
var-201412-0503
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8458, CVE-2014-8459, CVE-2014-8461, and CVE-2014-9158. Adobe Reader and Acrobat are prone to an unspecified memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201412-0503",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.02"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.01"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.03"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.07"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.04"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.06"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.13)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.13)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.10)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.10)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "71572"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005931"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-231"
},
{
"db": "NVD",
"id": "CVE-2014-8456"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005931"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mateusz Jurczyk of Google Project Zero and Gynvael Coldwind of Google Security Team",
"sources": [
{
"db": "BID",
"id": "71572"
}
],
"trust": 0.3
},
"cve": "CVE-2014-8456",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-8456",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-76401",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-8456",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-8456",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201412-231",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-76401",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76401"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005931"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-231"
},
{
"db": "NVD",
"id": "CVE-2014-8456"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8458, CVE-2014-8459, CVE-2014-8461, and CVE-2014-9158. Adobe Reader and Acrobat are prone to an unspecified memory-corruption vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8456"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005931"
},
{
"db": "BID",
"id": "71572"
},
{
"db": "VULHUB",
"id": "VHN-76401"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-8456",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005931",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201412-231",
"trust": 0.7
},
{
"db": "BID",
"id": "71572",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-76401",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76401"
},
{
"db": "BID",
"id": "71572"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005931"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-231"
},
{
"db": "NVD",
"id": "CVE-2014-8456"
}
]
},
"id": "VAR-201412-0503",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-76401"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T15:03:25.900000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb14-28.html"
},
{
"title": "AcrobatUpd11010",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52693"
},
{
"title": "AcrobatUpd10113",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52692"
},
{
"title": "AdbeRdrUpd11010",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52691"
},
{
"title": "AdbeRdrUpd10113",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52690"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005931"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-231"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76401"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005931"
},
{
"db": "NVD",
"id": "CVE-2014-8456"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8456"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20141210-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140053.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8456"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=15071"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat.html"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76401"
},
{
"db": "BID",
"id": "71572"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005931"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-231"
},
{
"db": "NVD",
"id": "CVE-2014-8456"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-76401"
},
{
"db": "BID",
"id": "71572"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005931"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-231"
},
{
"db": "NVD",
"id": "CVE-2014-8456"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-10T00:00:00",
"db": "VULHUB",
"id": "VHN-76401"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71572"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005931"
},
{
"date": "2014-12-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-231"
},
{
"date": "2014-12-10T21:59:27.307000",
"db": "NVD",
"id": "CVE-2014-8456"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-76401"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71572"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005931"
},
{
"date": "2014-12-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-231"
},
{
"date": "2014-12-12T01:33:50.617000",
"db": "NVD",
"id": "CVE-2014-8456"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-231"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005931"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-231"
}
],
"trust": 0.6
}
}
var-201004-0131
Vulnerability from variot
Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified vectors, related to a "prefix protocol handler vulnerability.". Adobe released an advisory addressing multiple issues in Reader and Acrobat. Attackers can exploit these issues to steal cookie-based authentication credentials, cause a denial-of-service, or execute arbitrary code in the context of the user running an affected application. This vulnerability is related to \"Prefix Protocol Processing Vulnerability\".
I. These vulnerabilities affect Reader and Acrobat 9.3.1 and earlier 9.x versions, and 8.2.1 and earlier versions.
An attacker could exploit these vulnerabilities by convincing a user to open a specially crafted PDF file. The Adobe Reader browser plug-in is available for multiple web browsers and operating systems, which can automatically open PDF documents hosted on a website.
II.
III. For a fresh installation, first install Adobe Reader 9.3.0 or 8.2.0 and then use the automatic update feature or install the appropriate update referenced in APSB10-09. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Adobe provides a framework to blacklist specific JavaScipt APIs. If JavaScript must be enabled, this feature may be useful when specific APIs are known to be vulnerable or used in attacks.
Prevent Internet Explorer from automatically opening PDF documents
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7] "EditFlags"=hex:00,00,00,00
Disable the display of PDF documents in the web browser
Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF documents from automatically being opened in a web browser, do the following:
- Open the Edit menu.
- Choose the Preferences option.
- Choose the Internet section.
- Uncheck the "Display PDF in browser" checkbox.
Do not access PDF documents from untrusted sources
Do not open unfamiliar or unexpected PDF documents, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. Please send email to cert@cert.org with "TA10-103C Feedback VU#352598" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
April 13, 2010: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBS8TuRj6pPKYJORa3AQJfzggAj8p3s/TrJT16ceFtRzLR31QBgRq6GxYr h8WnsGlj2WR71XjH219XaWx9Mj3KBWVxbAsNPmK0tEir7KA+n4DwZCewTDYRqfYs 8N7G9MOI68Z87+7zBiZAo0j5/lQuxLWyTF9PqWbX8gCWLqJWW46cEZCqg7OGRbYt w8coxdMXU6tM3WGoWAIKwLRtpQUdubcITPTrE7RATyLJ1422B9dkTSeSCuHHZs5d eXSPYzTQ1EOwHpuA5/a/or2SjeRPLQcpxb/8WKelSqwW3hpK4zviEnPt4cYyeNqW BQY06OQMTKch/nmniuEDuiwe69m0gTw7Tw2Dm6xrg6BLBy3A6GAwkQ== =CQ6i -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201009-05
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: September 07, 2010 Bugs: #297385, #306429, #313343, #322857 ID: 201009-05
Synopsis
Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code or other attacks. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.3.4"
References
[ 1 ] APSA10-01 http://www.adobe.com/support/security/advisories/apsa10-01.html [ 2 ] APSB10-02 http://www.adobe.com/support/security/bulletins/apsb10-02.html [ 3 ] APSB10-07 http://www.adobe.com/support/security/bulletins/apsb10-07.html [ 4 ] APSB10-09 http://www.adobe.com/support/security/bulletins/apsb10-09.html [ 5 ] APSB10-14 http://www.adobe.com/support/security/bulletins/apsb10-14.html [ 6 ] APSB10-16 http://www.adobe.com/support/security/bulletins/apsb10-16.html [ 7 ] CVE-2009-3953 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953 [ 8 ] CVE-2009-4324 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324 [ 9 ] CVE-2010-0186 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186 [ 10 ] CVE-2010-0188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188 [ 11 ] CVE-2010-0190 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190 [ 12 ] CVE-2010-0191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191 [ 13 ] CVE-2010-0192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192 [ 14 ] CVE-2010-0193 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193 [ 15 ] CVE-2010-0194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194 [ 16 ] CVE-2010-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195 [ 17 ] CVE-2010-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196 [ 18 ] CVE-2010-0197 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197 [ 19 ] CVE-2010-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198 [ 20 ] CVE-2010-0199 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199 [ 21 ] CVE-2010-0201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201 [ 22 ] CVE-2010-0202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202 [ 23 ] CVE-2010-0203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203 [ 24 ] CVE-2010-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204 [ 25 ] CVE-2010-1241 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241 [ 26 ] CVE-2010-1285 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285 [ 27 ] CVE-2010-1295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295 [ 28 ] CVE-2010-1297 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297 [ 29 ] CVE-2010-2168 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168 [ 30 ] CVE-2010-2201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201 [ 31 ] CVE-2010-2202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202 [ 32 ] CVE-2010-2203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203 [ 33 ] CVE-2010-2204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204 [ 34 ] CVE-2010-2205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205 [ 35 ] CVE-2010-2206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206 [ 36 ] CVE-2010-2207 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207 [ 37 ] CVE-2010-2208 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208 [ 38 ] CVE-2010-2209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209 [ 39 ] CVE-2010-2210 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210 [ 40 ] CVE-2010-2211 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211 [ 41 ] CVE-2010-2212 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201009-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201004-0131",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.4.z (server)"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "39517"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001347"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-244"
},
{
"db": "NVD",
"id": "CVE-2010-0191"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001347"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Billy Rios and Microsoft Vulnerability Research (MSVR), Aki Helin of Oulu University Secure Programming Group, Microsoft Vulnerability Research Program (MSVR), Bing Liu of Fortinet\u0027s FortiGuard Labs, an anonymous researcher reported through TippingPoint\u0026a",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-244"
}
],
"trust": 0.6
},
"cve": "CVE-2010-0191",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-0191",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-42796",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-0191",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2010-0191",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201004-244",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-42796",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42796"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001347"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-244"
},
{
"db": "NVD",
"id": "CVE-2010-0191"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified vectors, related to a \"prefix protocol handler vulnerability.\". Adobe released an advisory addressing multiple issues in Reader and Acrobat. \nAttackers can exploit these issues to steal cookie-based authentication credentials, cause a denial-of-service, or execute arbitrary code in the context of the user running an affected application. This vulnerability is related to \\\"Prefix Protocol Processing Vulnerability\\\". \n\n\nI. These\n vulnerabilities affect Reader and Acrobat 9.3.1 and earlier 9.x\n versions, and 8.2.1 and earlier versions. \n\n An attacker could exploit these vulnerabilities by convincing a\n user to open a specially crafted PDF file. The Adobe Reader browser\n plug-in is available for multiple web browsers and operating\n systems, which can automatically open PDF documents hosted on a\n website. \n\n\nII. \n\n\nIII. For a fresh installation, first install\n Adobe Reader 9.3.0 or 8.2.0 and then use the automatic update\n feature or install the appropriate update referenced in APSB10-09. Acrobat JavaScript can be disabled using the\n Preferences menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable\n Acrobat JavaScript). \n\n Adobe provides a framework to blacklist specific JavaScipt APIs. If\n JavaScript must be enabled, this feature may be useful when\n specific APIs are known to be vulnerable or used in attacks. \n\n Prevent Internet Explorer from automatically opening PDF documents\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF documents in the web browser\n\n Preventing PDF documents from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF documents from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. \n\n Do not access PDF documents from untrusted sources\n\n Do not open unfamiliar or unexpected PDF documents, particularly\n those hosted on websites or delivered as email attachments. Please\n see Cyber Security Tip ST04-010. \n\n\nIV. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-103C Feedback VU#352598\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n April 13, 2010: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBS8TuRj6pPKYJORa3AQJfzggAj8p3s/TrJT16ceFtRzLR31QBgRq6GxYr\nh8WnsGlj2WR71XjH219XaWx9Mj3KBWVxbAsNPmK0tEir7KA+n4DwZCewTDYRqfYs\n8N7G9MOI68Z87+7zBiZAo0j5/lQuxLWyTF9PqWbX8gCWLqJWW46cEZCqg7OGRbYt\nw8coxdMXU6tM3WGoWAIKwLRtpQUdubcITPTrE7RATyLJ1422B9dkTSeSCuHHZs5d\neXSPYzTQ1EOwHpuA5/a/or2SjeRPLQcpxb/8WKelSqwW3hpK4zviEnPt4cYyeNqW\nBQY06OQMTKch/nmniuEDuiwe69m0gTw7Tw2Dm6xrg6BLBy3A6GAwkQ==\n=CQ6i\n-----END PGP SIGNATURE-----\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201009-05\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: September 07, 2010\n Bugs: #297385, #306429, #313343, #322857\n ID: 201009-05\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might result in the execution\nof arbitrary code or other attacks. For further\ninformation please consult the CVE entries and the Adobe Security\nBulletins referenced below. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.3.4\"\n\nReferences\n==========\n\n [ 1 ] APSA10-01\n http://www.adobe.com/support/security/advisories/apsa10-01.html\n [ 2 ] APSB10-02\n http://www.adobe.com/support/security/bulletins/apsb10-02.html\n [ 3 ] APSB10-07\n http://www.adobe.com/support/security/bulletins/apsb10-07.html\n [ 4 ] APSB10-09\n http://www.adobe.com/support/security/bulletins/apsb10-09.html\n [ 5 ] APSB10-14\n http://www.adobe.com/support/security/bulletins/apsb10-14.html\n [ 6 ] APSB10-16\n http://www.adobe.com/support/security/bulletins/apsb10-16.html\n [ 7 ] CVE-2009-3953\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953\n [ 8 ] CVE-2009-4324\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324\n [ 9 ] CVE-2010-0186\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186\n [ 10 ] CVE-2010-0188\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188\n [ 11 ] CVE-2010-0190\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190\n [ 12 ] CVE-2010-0191\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191\n [ 13 ] CVE-2010-0192\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192\n [ 14 ] CVE-2010-0193\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193\n [ 15 ] CVE-2010-0194\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194\n [ 16 ] CVE-2010-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195\n [ 17 ] CVE-2010-0196\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196\n [ 18 ] CVE-2010-0197\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197\n [ 19 ] CVE-2010-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198\n [ 20 ] CVE-2010-0199\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199\n [ 21 ] CVE-2010-0201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201\n [ 22 ] CVE-2010-0202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202\n [ 23 ] CVE-2010-0203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203\n [ 24 ] CVE-2010-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204\n [ 25 ] CVE-2010-1241\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241\n [ 26 ] CVE-2010-1285\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285\n [ 27 ] CVE-2010-1295\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295\n [ 28 ] CVE-2010-1297\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297\n [ 29 ] CVE-2010-2168\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168\n [ 30 ] CVE-2010-2201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201\n [ 31 ] CVE-2010-2202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202\n [ 32 ] CVE-2010-2203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203\n [ 33 ] CVE-2010-2204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204\n [ 34 ] CVE-2010-2205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205\n [ 35 ] CVE-2010-2206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206\n [ 36 ] CVE-2010-2207\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207\n [ 37 ] CVE-2010-2208\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208\n [ 38 ] CVE-2010-2209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209\n [ 39 ] CVE-2010-2210\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210\n [ 40 ] CVE-2010-2211\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211\n [ 41 ] CVE-2010-2212\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201009-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-0191"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001347"
},
{
"db": "BID",
"id": "39517"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "VULHUB",
"id": "VHN-42796"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-0191",
"trust": 2.9
},
{
"db": "USCERT",
"id": "TA10-103C",
"trust": 2.6
},
{
"db": "VUPEN",
"id": "ADV-2010-0873",
"trust": 2.5
},
{
"db": "BID",
"id": "39329",
"trust": 2.0
},
{
"db": "BID",
"id": "39517",
"trust": 1.2
},
{
"db": "USCERT",
"id": "SA10-103C",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001347",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201004-244",
"trust": 0.7
},
{
"db": "CERT/CC",
"id": "TA10-103C",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-42796",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88345",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "93607",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42796"
},
{
"db": "BID",
"id": "39517"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001347"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-244"
},
{
"db": "NVD",
"id": "CVE-2010-0191"
}
]
},
"id": "VAR-201004-0131",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-42796"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:46:32.718000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-09",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"title": "APSB10-09",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-09.html"
},
{
"title": "RHSA-2010:0349",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0349.html"
},
{
"title": "TA10-103C",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-103c.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001347"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42796"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001347"
},
{
"db": "NVD",
"id": "CVE-2010-0191"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-103c.html"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2010/0873"
},
{
"trust": 2.4,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/39329"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a6729"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0191"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100009.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-103c/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-13/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0191"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/39517"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-103c.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/index.html#topics"
},
{
"trust": 0.6,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-103c.html\u003e"
},
{
"trust": 0.1,
"url": "http://kb2.adobe.com/cps/504/cpsid_50431.html\u003e"
},
{
"trust": 0.1,
"url": "http://blogs.adobe.com/adobereader/2010/04/upcoming_adobe_reader_and_acro.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2203"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2209"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0188"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0199"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201009-05.xml"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2205"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2211"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1285"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0199"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0190"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2210"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0188"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0198"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-07.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1297"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1241"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1295"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2208"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0190"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0198"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2207"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2168"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2201"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-16.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0186"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2212"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42796"
},
{
"db": "BID",
"id": "39517"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001347"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-244"
},
{
"db": "NVD",
"id": "CVE-2010-0191"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-42796"
},
{
"db": "BID",
"id": "39517"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001347"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-244"
},
{
"db": "NVD",
"id": "CVE-2010-0191"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-14T00:00:00",
"db": "VULHUB",
"id": "VHN-42796"
},
{
"date": "2010-04-13T00:00:00",
"db": "BID",
"id": "39517"
},
{
"date": "2010-04-08T00:00:00",
"db": "BID",
"id": "39329"
},
{
"date": "2010-04-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001347"
},
{
"date": "2010-04-14T07:04:22",
"db": "PACKETSTORM",
"id": "88345"
},
{
"date": "2010-09-08T05:23:46",
"db": "PACKETSTORM",
"id": "93607"
},
{
"date": "2010-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-244"
},
{
"date": "2010-04-14T16:00:00.697000",
"db": "NVD",
"id": "CVE-2010-0191"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-42796"
},
{
"date": "2010-09-07T21:12:00",
"db": "BID",
"id": "39517"
},
{
"date": "2010-04-16T15:53:00",
"db": "BID",
"id": "39329"
},
{
"date": "2010-04-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001347"
},
{
"date": "2010-04-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-244"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2010-0191"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "39517"
},
{
"db": "BID",
"id": "39329"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerabilities in arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001347"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "39517"
},
{
"db": "BID",
"id": "39329"
}
],
"trust": 0.6
}
}
var-201102-0074
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0563 and CVE-2011-0606. Adobe Reader and Acrobat Any code that could be executed or service disruption (DoS) There is a vulnerability that becomes a condition. Adobe Reader and Acrobat versions prior to 9.4.2 and 10.0.1 are affected. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUSE Security Announcement
Package: flash-player
Announcement ID: SUSE-SA:2011:025
Date: Tue, 17 May 2011 12:00:00 +0000
Affected Products: openSUSE 11.3
openSUSE 11.4
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Desktop 10 SP4
Vulnerability Type: remote code execution
CVSS v2 Base Score: 6.8
SUSE Default Package: yes
Cross-References: CVE-2011-0589, CVE-2011-0618, CVE-2011-0619
CVE-2011-0620, CVE-2011-0621, CVE-2011-0622
CVE-2011-0623, CVE-2011-0624, CVE-2011-0625
CVE-2011-0626, CVE-2011-0627
Content of This Advisory:
1) Problem Description
flash-player security update to 10.3
2) Solution or Work-Around
3) Special Instructions and Notes
4) Package Location and Checksums
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
6) Authenticity Verification and Additional Information
1) Problem Description and Brief Discussion
Flash Player has been updated to version 10.3, fixing bugs and security issues. - CVE-2011-0589: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-0618: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P): Numeric Errors (CWE-189) - CVE-2011-0619: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-0620: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-0621: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-0622: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119) - CVE-2011-0623: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P): Input Validation (CWE-20) - CVE-2011-0624: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P): Input Validation (CWE-20) - CVE-2011-0625: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P): Input Validation (CWE-20) - CVE-2011-0626: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P): Input Validation (CWE-20) - CVE-2011-0627: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P): Input Validation (CWE-20)
More information can be found on: http://www.adobe.com/support/security/bulletins/apsb11-12.html
2) Solution or Work-Around
If supported by the browser, you can disable the flash plugin.
3) Special Instructions and Notes
After the flash player update has been installed, all programs utilizing the flash plugin should be restarted. In particular web browser sessions should be restarted.a
4) Package Location and Checksums
The preferred method for installing security updates is to use the YaST "Online Update" module or the "zypper" commandline tool. The package and patch management stack will detect which updates are required and automatically perform the necessary steps to verify and install them.
Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command
rpm -Fhv <file.rpm>
to apply the update, replacing
x86 Platform:
openSUSE 11.4: http://download.opensuse.org/update/11.4/rpm/i586/flash-player-10.3.181.14-0.2.1.i586.rpm
openSUSE 11.3: http://download.opensuse.org/update/11.3/rpm/i586/flash-player-10.3.181.14-0.2.1.i586.rpm
Sources:
openSUSE 11.4: http://download.opensuse.org/update/11.4/rpm/src/flash-player-10.3.181.14-0.2.1.nosrc.rpm
openSUSE 11.3: http://download.opensuse.org/update/11.3/rpm/src/flash-player-10.3.181.14-0.2.1.nosrc.rpm
Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web:
SUSE Linux Enterprise Desktop 10 SP4 http://download.novell.com/patch/finder/?keywords=9c4e6f8f60161b73ef86d4ce0079ed69
SUSE Linux Enterprise Desktop 11 SP1 http://download.novell.com/patch/finder/?keywords=25f459f5151ec35f0bbe1202ce1245ad
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
See SUSE Security Summary Report.
6) Authenticity Verification and Additional Information
-
Announcement authenticity verification:
SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature.
To verify the signature of the announcement, save it as text into a file and run the command
gpg --verify
replacing
with the name of the file where you saved the announcement. The output for a valid signature looks like: gpg: Signature made
using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team security@suse.de" where
is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command
gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc
-
Package authenticity verification:
SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with.
The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command
rpm -v --checksig
to verify the signature of the package, replacing
with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build@suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement.
-
SUSE runs two security mailing lists to which any interested party may subscribe:
opensuse-security@opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to opensuse-security+subscribe@opensuse.org.
opensuse-security-announce@opensuse.org - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to opensuse-security-announce+subscribe@opensuse.org. The security@suse.de public key is listed below. =====================================================================
The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text.
SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory.
Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team security@suse.de pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key build@suse.de
- -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.2 (GNU/Linux)
mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+ cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7 tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63 Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+ x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0 Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2 saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+ 3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP +Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR 8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U 8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF 5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3 D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd 9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13 CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp 271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO =ypVs - -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux)
iQEVAwUBTdOSuney5gA9JdPZAQITxQf/Y5fPRPXZbk6J7KRCjiGoJ+zIfmIijKeh fF4WiLL02eRbTKbn/gVtb/bmxoRGRO6Np5q1XDjj253EWUc0Zn/oDWiXQzRvmir6 3os2rjBfUGirpfVzAv0qSAiD7XbMUo/ohvcUwhAxb2PaWipRnynMzUANcARSJ924 6YMitvr1IF+i8xDF8yThCFkkyjkDuBPzgomB6zs1/Fd+ku04mMFHLVYpf22DQcGh wYvHo46lMWURt+aLEu0TJ07OEocaARYfzwqUYuY/4FZ4ias+I1GjCjL1WldQxeA9 rQ3AGEZ9YVARnkg4CwRHWcYlyYwobanDykmODfu20DWM0FOofrH6xw== =mivB -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ .
For more information: SA43207
SOLUTION: Updated packages are available via Red Hat Network. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201110-11
http://security.gentoo.org/
Severity: Normal Title: Adobe Flash Player: Multiple vulnerabilities Date: October 13, 2011 Bugs: #354207, #359019, #363179, #367031, #370215, #372899, #378637, #384017 ID: 201110-11
Synopsis
Multiple vulnerabilities in Adobe Flash Player might allow remote attackers to execute arbitrary code or cause a Denial of Service.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers and Adobe Security Advisories and Bulletins referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-10.3.183.10"
References
[ 1 ] APSA11-01 http://www.adobe.com/support/security/advisories/apsa11-01.html [ 2 ] APSA11-02 http://www.adobe.com/support/security/advisories/apsa11-02.html [ 3 ] APSB11-02 http://www.adobe.com/support/security/bulletins/apsb11-02.html [ 4 ] APSB11-12 http://www.adobe.com/support/security/bulletins/apsb11-12.html [ 5 ] APSB11-13 http://www.adobe.com/support/security/bulletins/apsb11-13.html [ 6 ] APSB11-21 https://www.adobe.com/support/security/bulletins/apsb11-21.html [ 7 ] APSB11-26 https://www.adobe.com/support/security/bulletins/apsb11-26.html [ 8 ] CVE-2011-0558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0558 [ 9 ] CVE-2011-0559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0559 [ 10 ] CVE-2011-0560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0560 [ 11 ] CVE-2011-0561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0561 [ 12 ] CVE-2011-0571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0571 [ 13 ] CVE-2011-0572 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0572 [ 14 ] CVE-2011-0573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0573 [ 15 ] CVE-2011-0574 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0574 [ 16 ] CVE-2011-0575 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0575 [ 17 ] CVE-2011-0577 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0577 [ 18 ] CVE-2011-0578 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0578 [ 19 ] CVE-2011-0579 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0579 [ 20 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 21 ] CVE-2011-0607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0607 [ 22 ] CVE-2011-0608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0608 [ 23 ] CVE-2011-0609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0609 [ 24 ] CVE-2011-0611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0611 [ 25 ] CVE-2011-0618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0618 [ 26 ] CVE-2011-0619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0619 [ 27 ] CVE-2011-0620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0620 [ 28 ] CVE-2011-0621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0621 [ 29 ] CVE-2011-0622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0622 [ 30 ] CVE-2011-0623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0623 [ 31 ] CVE-2011-0624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0624 [ 32 ] CVE-2011-0625 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0625 [ 33 ] CVE-2011-0626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0626 [ 34 ] CVE-2011-0627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0627 [ 35 ] CVE-2011-0628 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0628 [ 36 ] CVE-2011-2107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2107 [ 37 ] CVE-2011-2110 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2110 [ 38 ] CVE-2011-2125 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 39 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 40 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 41 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 42 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 43 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 44 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 45 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 46 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 47 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 48 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 49 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 50 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 51 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 52 ] CVE-2011-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2426 [ 53 ] CVE-2011-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2427 [ 54 ] CVE-2011-2428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2428 [ 55 ] CVE-2011-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2429 [ 56 ] CVE-2011-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2430 [ 57 ] CVE-2011-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2444
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201110-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA43207
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43207/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
RELEASE DATE: 2011-02-09
DISCUSS ADVISORY: http://secunia.com/advisories/43207/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43207/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader / Acrobat, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks and compromise a user's system.
2) An unspecified error can be exploited to corrupt memory.
3) An unspecified error related to file permissions in Windows-based versions can be exploited to gain escalated privileges.
4) An unspecified error may allow code execution.
5) An unspecified error when parsing images can be exploited to corrupt memory.
6) An error in AcroRd32.dll when parsing certain images can be exploited to corrupt memory.
7) An unspecified error in the Macintosh-based versions may allow code execution.
9) An unspecified error may allow code execution.
10) A input validation error may allow code execution.
11) An input validation error can be exploited to conduct cross-site scripting attacks.
13) An unspecified error can be exploited to corrupt memory.
14) A boundary error when decoding U3D image data in an IFF file can be exploited to cause a buffer overflow.
15) A boundary error when decoding U3D image data in a RGBA file can be exploited to cause a buffer overflow.
16) A boundary error when decoding U3D image data in a BMP file can be exploited to cause a buffer overflow.
17) A boundary error when decoding U3D image data in a PSD file can be exploited to cause a buffer overflow.
18) An input validation error when parsing fonts may allow code execution.
19) A boundary error when decoding U3D image data in a FLI file can be exploited to cause a buffer overflow.
20) An error in 2d.dll when parsing height and width values of RLE_8 compressed BMP files can be exploited to cause a heap-based buffer overflow.
21) An integer overflow in ACE.dll when parsing certain ICC data can be exploited to cause a buffer overflow.
22) A boundary error in rt3d.dll when parsing bits per pixel and number of colors if 4/8-bit RLE compressed BMP files can be exploited to cause a heap-based buffer overflow.
23) An error in the U3D implementation when handling the Parent Node count can be exploited to cause a buffer overflow.
24) A boundary error when processing JPEG files embedded in a PDF file can be exploited to corrupt heap memory.
25) An unspecified error when parsing images may allow code execution.
26) An input validation error can be exploited to conduct cross-site scripting attacks.
27) An unspecified error in the Macintosh-based versions may allow code execution.
28) A boundary error in rt3d.dll when parsing certain files can be exploited to cause a stack-based buffer overflow.
29) An integer overflow in the U3D implementation when parsing a ILBM texture file can be exploited to cause a buffer overflow.
30) Some vulnerabilities are caused due to vulnerabilities in the bundled version of Adobe Flash Player.
For more information: SA43267
The vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1 and prior, and 10.0 and prior.
SOLUTION: Update to version 8.2.6, 9.4.2, or 10.0.1.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: 2) Bing Liu, Fortinet's FortiGuard Labs. 6) Abdullah Ada via ZDI. 8) Haifei Li, Fortinet's FortiGuard Labs. 14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. 21) Sebastian Apelt via ZDI. 23) el via ZDI. 14) Sean Larsson, iDefense Labs. 28) An anonymous person via ZDI.
The vendor also credits: 1) Mitja Kolsek, ACROS Security. 3) Matthew Pun. 4, 5, 18) Tavis Ormandy, Google Security Team. 7) James Quirk. 9) Brett Gervasoni, Sense of Security. 10) Joe Schatz. 11, 26) Billy Rios, Google Security Team. 12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. 13) CESG. 25) Will Dormann, CERT. 27) Marc Schoenefeld, Red Hat Security Response Team.
ORIGINAL ADVISORY: Adobe (APSB11-03) http://www.adobe.com/support/security/bulletins/apsb11-03.html http://www.adobe.com/support/security/bulletins/apsb11-02.html
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-065/ http://www.zerodayinitiative.com/advisories/ZDI-11-066/ http://www.zerodayinitiative.com/advisories/ZDI-11-067/ http://www.zerodayinitiative.com/advisories/ZDI-11-068/ http://www.zerodayinitiative.com/advisories/ZDI-11-069/ http://www.zerodayinitiative.com/advisories/ZDI-11-070/ http://www.zerodayinitiative.com/advisories/ZDI-11-071/ http://www.zerodayinitiative.com/advisories/ZDI-11-072/ http://www.zerodayinitiative.com/advisories/ZDI-11-073/ http://www.zerodayinitiative.com/advisories/ZDI-11-074/ http://www.zerodayinitiative.com/advisories/ZDI-11-075/ http://www.zerodayinitiative.com/advisories/ZDI-11-077/
FortiGuard Labs: http://www.fortiguard.com/advisory/FGA-2011-06.html
iDefense: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0074",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat professional extended",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
}
],
"sources": [
{
"db": "BID",
"id": "46202"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001201"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-146"
},
{
"db": "NVD",
"id": "CVE-2011-0589"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_server_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_workstation_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001201"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CESG",
"sources": [
{
"db": "BID",
"id": "46202"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-146"
}
],
"trust": 0.9
},
"cve": "CVE-2011-0589",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2011-0589",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-48534",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-0589",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-0589",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-146",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-48534",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48534"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001201"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-146"
},
{
"db": "NVD",
"id": "CVE-2011-0589"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0563 and CVE-2011-0606. Adobe Reader and Acrobat Any code that could be executed or service disruption (DoS) There is a vulnerability that becomes a condition. \nAdobe Reader and Acrobat versions prior to 9.4.2 and 10.0.1 are affected. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n______________________________________________________________________________\n\n SUSE Security Announcement\n\n Package: flash-player\n Announcement ID: SUSE-SA:2011:025\n Date: Tue, 17 May 2011 12:00:00 +0000\n Affected Products: openSUSE 11.3\n openSUSE 11.4\n SUSE Linux Enterprise Desktop 11 SP1\n SUSE Linux Enterprise Desktop 10 SP4\n Vulnerability Type: remote code execution\n CVSS v2 Base Score: 6.8\n SUSE Default Package: yes\n Cross-References: CVE-2011-0589, CVE-2011-0618, CVE-2011-0619\n CVE-2011-0620, CVE-2011-0621, CVE-2011-0622\n CVE-2011-0623, CVE-2011-0624, CVE-2011-0625\n CVE-2011-0626, CVE-2011-0627\n\n Content of This Advisory:\n 1) Problem Description\n flash-player security update to 10.3\n 2) Solution or Work-Around\n 3) Special Instructions and Notes\n 4) Package Location and Checksums\n 5) Pending Vulnerabilities, Solutions, and Work-Arounds:\n 6) Authenticity Verification and Additional Information\n\n______________________________________________________________________________\n\n1) Problem Description and Brief Discussion\n\n Flash Player has been updated to version 10.3, fixing bugs\n and security issues. \n - CVE-2011-0589: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P):\n Buffer Errors (CWE-119)\n - CVE-2011-0618: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P):\n Numeric Errors (CWE-189)\n - CVE-2011-0619: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P):\n Buffer Errors (CWE-119)\n - CVE-2011-0620: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P):\n Buffer Errors (CWE-119)\n - CVE-2011-0621: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P):\n Buffer Errors (CWE-119)\n - CVE-2011-0622: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P):\n Buffer Errors (CWE-119)\n - CVE-2011-0623: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P):\n Input Validation (CWE-20)\n - CVE-2011-0624: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P):\n Input Validation (CWE-20)\n - CVE-2011-0625: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P):\n Input Validation (CWE-20)\n - CVE-2011-0626: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P):\n Input Validation (CWE-20)\n - CVE-2011-0627: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P):\n Input Validation (CWE-20)\n \n More information can be found on:\n http://www.adobe.com/support/security/bulletins/apsb11-12.html\n\n2) Solution or Work-Around\n\n If supported by the browser, you can disable the flash plugin. \n\n3) Special Instructions and Notes\n\n After the flash player update has been installed, all programs utilizing\n the flash plugin should be restarted. In particular web browser sessions\n should be restarted.a\n\n4) Package Location and Checksums\n\n The preferred method for installing security updates is to use the YaST\n \"Online Update\" module or the \"zypper\" commandline tool. The package and\n patch management stack will detect which updates are required and\n automatically perform the necessary steps to verify and install them. \n\n Alternatively, download the update packages for your distribution manually\n and verify their integrity by the methods listed in Section 6 of this\n announcement. Then install the packages using the command\n\n rpm -Fhv \u003cfile.rpm\u003e\n\n to apply the update, replacing \u003cfile.rpm\u003e with the filename of the\n downloaded RPM package. \n\n \n x86 Platform:\n \n openSUSE 11.4:\n http://download.opensuse.org/update/11.4/rpm/i586/flash-player-10.3.181.14-0.2.1.i586.rpm\n \n openSUSE 11.3:\n http://download.opensuse.org/update/11.3/rpm/i586/flash-player-10.3.181.14-0.2.1.i586.rpm\n \n Sources:\n \n openSUSE 11.4:\n http://download.opensuse.org/update/11.4/rpm/src/flash-player-10.3.181.14-0.2.1.nosrc.rpm\n \n openSUSE 11.3:\n http://download.opensuse.org/update/11.3/rpm/src/flash-player-10.3.181.14-0.2.1.nosrc.rpm\n \n Our maintenance customers are notified individually. The packages are\n offered for installation from the maintenance web:\n \n SUSE Linux Enterprise Desktop 10 SP4\n http://download.novell.com/patch/finder/?keywords=9c4e6f8f60161b73ef86d4ce0079ed69\n \n SUSE Linux Enterprise Desktop 11 SP1\n http://download.novell.com/patch/finder/?keywords=25f459f5151ec35f0bbe1202ce1245ad\n\n______________________________________________________________________________\n\n5) Pending Vulnerabilities, Solutions, and Work-Arounds:\n\n See SUSE Security Summary Report. \n\n______________________________________________________________________________\n\n6) Authenticity Verification and Additional Information\n\n - Announcement authenticity verification:\n\n SUSE security announcements are published via mailing lists and on Web\n sites. The authenticity and integrity of a SUSE security announcement is\n guaranteed by a cryptographic signature in each announcement. All SUSE\n security announcements are published with a valid signature. \n\n To verify the signature of the announcement, save it as text into a file\n and run the command\n\n gpg --verify \u003cfile\u003e\n\n replacing \u003cfile\u003e with the name of the file where you saved the\n announcement. The output for a valid signature looks like:\n\n gpg: Signature made \u003cDATE\u003e using RSA key ID 3D25D3D9\n gpg: Good signature from \"SuSE Security Team \u003csecurity@suse.de\u003e\"\n\n where \u003cDATE\u003e is replaced by the date the document was signed. \n\n If the security team\u0027s key is not contained in your key ring, you can\n import it from the first installation CD. To import the key, use the\n command\n\n gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc\n\n - Package authenticity verification:\n\n SUSE update packages are available on many mirror FTP servers all over the\n world. While this service is considered valuable and important to the free\n and open source software community, the authenticity and the integrity of\n a package needs to be verified to ensure that it has not been tampered\n with. \n\n The internal rpm package signatures provide an easy way to verify the\n authenticity of an RPM package. Use the command\n\n rpm -v --checksig \u003cfile.rpm\u003e\n\n to verify the signature of the package, replacing \u003cfile.rpm\u003e with the\n filename of the RPM package downloaded. The package is unmodified if it\n contains a valid signature from build@suse.de with the key ID 9C800ACA. \n\n This key is automatically imported into the RPM database (on\n RPMv4-based distributions) and the gpg key ring of \u0027root\u0027 during\n installation. You can also find it on the first installation CD and at\n the end of this announcement. \n\n - SUSE runs two security mailing lists to which any interested party may\n subscribe:\n\n opensuse-security@opensuse.org\n - General Linux and SUSE security discussion. \n All SUSE security announcements are sent to this list. \n To subscribe, send an e-mail to\n \u003copensuse-security+subscribe@opensuse.org\u003e. \n\n opensuse-security-announce@opensuse.org\n - SUSE\u0027s announce-only mailing list. \n Only SUSE\u0027s security announcements are sent to this list. \n To subscribe, send an e-mail to\n \u003copensuse-security-announce+subscribe@opensuse.org\u003e. \n The \u003csecurity@suse.de\u003e public key is listed below. \n =====================================================================\n______________________________________________________________________________\n\n The information in this advisory may be distributed or reproduced,\n provided that the advisory is not modified in any way. In particular, the\n clear text signature should show proof of the authenticity of the text. \n\n SUSE Linux Products GmbH provides no warranties of any kind whatsoever\n with respect to the information contained in this security advisory. \n\nType Bits/KeyID Date User ID\npub 2048R/3D25D3D9 1999-03-06 SuSE Security Team \u003csecurity@suse.de\u003e\npub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key \u003cbuild@suse.de\u003e\n\n- -----BEGIN PGP PUBLIC KEY BLOCK-----\nVersion: GnuPG v1.4.2 (GNU/Linux)\n\nmQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA\nBqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz\nJR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh\n1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U\nP7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+\ncZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg\nVGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b\nyHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7\ntQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ\nxG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63\nOm8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo\nchoXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI\nBkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u\nv/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+\nx9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0\nIx30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq\nMkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2\nsaqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o\nL0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU\nF7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS\nFQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW\ntp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It\nKlj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF\nAjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+\n3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk\nYS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP\n+Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR\n8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U\n8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S\ncZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh\nELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB\nUVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo\nAqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n\nKFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi\nBBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro\nnIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg\nKL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx\nyoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn\nB/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV\nwM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh\nUzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF\n5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3\nD3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu\nzgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd\n9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi\na5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13\nCNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp\n271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE\nt5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG\nB/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw\nrbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt\nIJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL\nrWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H\nRKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa\ng8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA\nCspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO\n=ypVs\n- -----END PGP PUBLIC KEY BLOCK-----\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v2.0.9 (GNU/Linux)\n\niQEVAwUBTdOSuney5gA9JdPZAQITxQf/Y5fPRPXZbk6J7KRCjiGoJ+zIfmIijKeh\nfF4WiLL02eRbTKbn/gVtb/bmxoRGRO6Np5q1XDjj253EWUc0Zn/oDWiXQzRvmir6\n3os2rjBfUGirpfVzAv0qSAiD7XbMUo/ohvcUwhAxb2PaWipRnynMzUANcARSJ924\n6YMitvr1IF+i8xDF8yThCFkkyjkDuBPzgomB6zs1/Fd+ku04mMFHLVYpf22DQcGh\nwYvHo46lMWURt+aLEu0TJ07OEocaARYfzwqUYuY/4FZ4ias+I1GjCjL1WldQxeA9\nrQ3AGEZ9YVARnkg4CwRHWcYlyYwobanDykmODfu20DWM0FOofrH6xw==\n=mivB\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. \n\nFor more information:\nSA43207\n\nSOLUTION:\nUpdated packages are available via Red Hat Network. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201110-11\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Flash Player: Multiple vulnerabilities\n Date: October 13, 2011\n Bugs: #354207, #359019, #363179, #367031, #370215, #372899,\n #378637, #384017\n ID: 201110-11\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Flash Player might allow remote\nattackers to execute arbitrary code or cause a Denial of Service. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers and Adobe Security Advisories and\nBulletins referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-10.3.183.10\"\n\nReferences\n==========\n\n[ 1 ] APSA11-01\n http://www.adobe.com/support/security/advisories/apsa11-01.html\n[ 2 ] APSA11-02\n http://www.adobe.com/support/security/advisories/apsa11-02.html\n[ 3 ] APSB11-02\n http://www.adobe.com/support/security/bulletins/apsb11-02.html\n[ 4 ] APSB11-12\n http://www.adobe.com/support/security/bulletins/apsb11-12.html\n[ 5 ] APSB11-13\n http://www.adobe.com/support/security/bulletins/apsb11-13.html\n[ 6 ] APSB11-21\n https://www.adobe.com/support/security/bulletins/apsb11-21.html\n[ 7 ] APSB11-26\n https://www.adobe.com/support/security/bulletins/apsb11-26.html\n[ 8 ] CVE-2011-0558\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0558\n[ 9 ] CVE-2011-0559\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0559\n[ 10 ] CVE-2011-0560\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0560\n[ 11 ] CVE-2011-0561\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0561\n[ 12 ] CVE-2011-0571\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0571\n[ 13 ] CVE-2011-0572\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0572\n[ 14 ] CVE-2011-0573\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0573\n[ 15 ] CVE-2011-0574\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0574\n[ 16 ] CVE-2011-0575\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0575\n[ 17 ] CVE-2011-0577\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0577\n[ 18 ] CVE-2011-0578\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0578\n[ 19 ] CVE-2011-0579\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0579\n[ 20 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 21 ] CVE-2011-0607\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0607\n[ 22 ] CVE-2011-0608\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0608\n[ 23 ] CVE-2011-0609\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0609\n[ 24 ] CVE-2011-0611\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0611\n[ 25 ] CVE-2011-0618\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0618\n[ 26 ] CVE-2011-0619\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0619\n[ 27 ] CVE-2011-0620\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0620\n[ 28 ] CVE-2011-0621\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0621\n[ 29 ] CVE-2011-0622\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0622\n[ 30 ] CVE-2011-0623\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0623\n[ 31 ] CVE-2011-0624\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0624\n[ 32 ] CVE-2011-0625\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0625\n[ 33 ] CVE-2011-0626\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0626\n[ 34 ] CVE-2011-0627\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0627\n[ 35 ] CVE-2011-0628\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0628\n[ 36 ] CVE-2011-2107\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2107\n[ 37 ] CVE-2011-2110\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2110\n[ 38 ] CVE-2011-2125\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 39 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 40 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 41 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 42 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 43 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 44 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 45 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 46 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 47 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 48 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 49 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 50 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 51 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 52 ] CVE-2011-2426\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2426\n[ 53 ] CVE-2011-2427\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2427\n[ 54 ] CVE-2011-2428\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2428\n[ 55 ] CVE-2011-2429\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2429\n[ 56 ] CVE-2011-2430\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2430\n[ 57 ] CVE-2011-2444\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2444\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201110-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2011 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA43207\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43207/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nRELEASE DATE:\n2011-02-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43207/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43207/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader /\nAcrobat, which can be exploited by malicious, local users to gain\nescalated privileges and by malicious people to conduct cross-site\nscripting attacks and compromise a user\u0027s system. \n\n2) An unspecified error can be exploited to corrupt memory. \n\n3) An unspecified error related to file permissions in Windows-based\nversions can be exploited to gain escalated privileges. \n\n4) An unspecified error may allow code execution. \n\n5) An unspecified error when parsing images can be exploited to\ncorrupt memory. \n\n6) An error in AcroRd32.dll when parsing certain images can be\nexploited to corrupt memory. \n\n7) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n9) An unspecified error may allow code execution. \n\n10) A input validation error may allow code execution. \n\n11) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n13) An unspecified error can be exploited to corrupt memory. \n\n14) A boundary error when decoding U3D image data in an IFF file can\nbe exploited to cause a buffer overflow. \n\n15) A boundary error when decoding U3D image data in a RGBA file can\nbe exploited to cause a buffer overflow. \n\n16) A boundary error when decoding U3D image data in a BMP file can\nbe exploited to cause a buffer overflow. \n\n17) A boundary error when decoding U3D image data in a PSD file can\nbe exploited to cause a buffer overflow. \n\n18) An input validation error when parsing fonts may allow code\nexecution. \n\n19) A boundary error when decoding U3D image data in a FLI file can\nbe exploited to cause a buffer overflow. \n\n20) An error in 2d.dll when parsing height and width values of RLE_8\ncompressed BMP files can be exploited to cause a heap-based buffer\noverflow. \n\n21) An integer overflow in ACE.dll when parsing certain ICC data can\nbe exploited to cause a buffer overflow. \n\n22) A boundary error in rt3d.dll when parsing bits per pixel and\nnumber of colors if 4/8-bit RLE compressed BMP files can be exploited\nto cause a heap-based buffer overflow. \n\n23) An error in the U3D implementation when handling the Parent Node\ncount can be exploited to cause a buffer overflow. \n\n24) A boundary error when processing JPEG files embedded in a PDF\nfile can be exploited to corrupt heap memory. \n\n25) An unspecified error when parsing images may allow code\nexecution. \n\n26) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n27) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n28) A boundary error in rt3d.dll when parsing certain files can be\nexploited to cause a stack-based buffer overflow. \n\n29) An integer overflow in the U3D implementation when parsing a ILBM\ntexture file can be exploited to cause a buffer overflow. \n\n30) Some vulnerabilities are caused due to vulnerabilities in the\nbundled version of Adobe Flash Player. \n\nFor more information:\nSA43267\n\nThe vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1\nand prior, and 10.0 and prior. \n\nSOLUTION:\nUpdate to version 8.2.6, 9.4.2, or 10.0.1. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\n2) Bing Liu, Fortinet\u0027s FortiGuard Labs. \n6) Abdullah Ada via ZDI. \n8) Haifei Li, Fortinet\u0027s FortiGuard Labs. \n14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. \n21) Sebastian Apelt via ZDI. \n23) el via ZDI. \n14) Sean Larsson, iDefense Labs. \n28) An anonymous person via ZDI. \n\nThe vendor also credits:\n1) Mitja Kolsek, ACROS Security. \n3) Matthew Pun. \n4, 5, 18) Tavis Ormandy, Google Security Team. \n7) James Quirk. \n9) Brett Gervasoni, Sense of Security. \n10) Joe Schatz. \n11, 26) Billy Rios, Google Security Team. \n12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. \n13) CESG. \n25) Will Dormann, CERT. \n27) Marc Schoenefeld, Red Hat Security Response Team. \n\nORIGINAL ADVISORY:\nAdobe (APSB11-03)\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-02.html\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-065/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-066/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-067/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-068/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-069/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-070/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-071/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-072/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-073/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-074/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-075/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-077/\n\nFortiGuard Labs:\nhttp://www.fortiguard.com/advisory/FGA-2011-06.html\n\niDefense:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0589"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001201"
},
{
"db": "BID",
"id": "46202"
},
{
"db": "VULHUB",
"id": "VHN-48534"
},
{
"db": "PACKETSTORM",
"id": "101520"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-0589",
"trust": 3.1
},
{
"db": "BID",
"id": "46202",
"trust": 2.2
},
{
"db": "SECTRACK",
"id": "1025033",
"trust": 1.9
},
{
"db": "VUPEN",
"id": "ADV-2011-0337",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "43470",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2011-0492",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "43207",
"trust": 1.0
},
{
"db": "XF",
"id": "65294",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001201",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201102-146",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "101520",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-48534",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99246",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "105802",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-074",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-071",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-070",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-066",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-067",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-077",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-073",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-072",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-065",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-068",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-075",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-069",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98320",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109194",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48534"
},
{
"db": "BID",
"id": "46202"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001201"
},
{
"db": "PACKETSTORM",
"id": "101520"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-146"
},
{
"db": "NVD",
"id": "CVE-2011-0589"
}
]
},
"id": "VAR-201102-0074",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48534"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:49:06.277000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-03",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"title": "cpsid_89065",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/890/cpsid_89065.html"
},
{
"title": "RHSA-2011:0301",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2011-0301.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001201"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48534"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001201"
},
{
"db": "NVD",
"id": "CVE-2011-0589"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/46202"
},
{
"trust": 1.9,
"url": "http://www.securitytracker.com/id?1025033"
},
{
"trust": 1.9,
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12497"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2011-0301.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/43470"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00006.html"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2011/0492"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65294"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0589"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/65294"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2011/at110004.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0589"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/43207"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0624"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0627"
},
{
"trust": 0.2,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-12.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0619"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0626"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0622"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0618"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0625"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0621"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0623"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0620"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/vim/section_179/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.2,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.2,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.2,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.2,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.3/rpm/src/flash-player-10.3.181.14-0.2.1.nosrc.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.4/rpm/src/flash-player-10.3.181.14-0.2.1.nosrc.rpm"
},
{
"trust": 0.1,
"url": "http://download.novell.com/patch/finder/?keywords=9c4e6f8f60161b73ef86d4ce0079ed69"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.3/rpm/i586/flash-player-10.3.181.14-0.2.1.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/update/11.4/rpm/i586/flash-player-10.3.181.14-0.2.1.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.novell.com/patch/finder/?keywords=25f459f5151ec35f0bbe1202ce1245ad"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/#comments"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-0301.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43470"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0579"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0574"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0575"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0558"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0572"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2444"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0607"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0560"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0621"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0560"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0624"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2107"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2429"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2110"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0628"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0574"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0573"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0575"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0571"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0559"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb11-21.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2426"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0620"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0579"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-13.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0578"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0611"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0573"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0561"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0572"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0619"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0561"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0558"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0578"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0623"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0577"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0627"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2428"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa11-02.html"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb11-26.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0628"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0607"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2430"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2427"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201110-11.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0559"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0625"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa11-01.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0571"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0611"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0577"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-066/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-068/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/#comments"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-065/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-072/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-073/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-069/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-075/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-070/"
},
{
"trust": 0.1,
"url": "http://www.fortiguard.com/advisory/fga-2011-06.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-077/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-067/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-071/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-074/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48534"
},
{
"db": "BID",
"id": "46202"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001201"
},
{
"db": "PACKETSTORM",
"id": "101520"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-146"
},
{
"db": "NVD",
"id": "CVE-2011-0589"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-48534"
},
{
"db": "BID",
"id": "46202"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001201"
},
{
"db": "PACKETSTORM",
"id": "101520"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-146"
},
{
"db": "NVD",
"id": "CVE-2011-0589"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-48534"
},
{
"date": "2011-02-08T00:00:00",
"db": "BID",
"id": "46202"
},
{
"date": "2011-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001201"
},
{
"date": "2011-05-18T14:23:49",
"db": "PACKETSTORM",
"id": "101520"
},
{
"date": "2011-03-14T11:37:12",
"db": "PACKETSTORM",
"id": "99246"
},
{
"date": "2011-10-14T06:16:06",
"db": "PACKETSTORM",
"id": "105802"
},
{
"date": "2011-02-09T03:30:01",
"db": "PACKETSTORM",
"id": "98320"
},
{
"date": "2012-01-31T00:07:37",
"db": "PACKETSTORM",
"id": "109194"
},
{
"date": "2011-02-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-146"
},
{
"date": "2011-02-10T18:00:58.363000",
"db": "NVD",
"id": "CVE-2011-0589"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-48534"
},
{
"date": "2015-03-19T09:26:00",
"db": "BID",
"id": "46202"
},
{
"date": "2011-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001201"
},
{
"date": "2011-02-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-146"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2011-0589"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-146"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001201"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-146"
}
],
"trust": 0.6
}
}
var-201510-0358
Vulnerability from variot
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5586, CVE-2015-6683, CVE-2015-6684, CVE-2015-6688, CVE-2015-6689, CVE-2015-6690, CVE-2015-6691, CVE-2015-7615, CVE-2015-7617, and CVE-2015-7621. This vulnerability CVE-2015-5586 , CVE-2015-6683 , CVE-2015-6684 , CVE-2015-6688 , CVE-2015-6689 , CVE-2015-6690 , CVE-2015-6691 , CVE-2015-7615 , CVE-2015-7617 ,and CVE-2015-7621 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. Adobe Acrobat and Reader are prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A use-after-free vulnerability exists in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0358",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005244"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-200"
},
{
"db": "NVD",
"id": "CVE-2015-6687"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005244"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri of HP Zero Day Initiative, Bill Finlayson of Vectra Networks, bilou working with VeriSign iDefense Labs, James Loureiro of MWR Labs, kdot working with HP\u0027s\u0027s Zero Day Initiative, Wei Lei and Wu Hongjun of Nanyang Technological University w",
"sources": [
{
"db": "BID",
"id": "77064"
}
],
"trust": 0.3
},
"cve": "CVE-2015-6687",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-6687",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-84648",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6687",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-6687",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-200",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-84648",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84648"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005244"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-200"
},
{
"db": "NVD",
"id": "CVE-2015-6687"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5586, CVE-2015-6683, CVE-2015-6684, CVE-2015-6688, CVE-2015-6689, CVE-2015-6690, CVE-2015-6691, CVE-2015-7615, CVE-2015-7617, and CVE-2015-7621. This vulnerability CVE-2015-5586 , CVE-2015-6683 , CVE-2015-6684 , CVE-2015-6688 , CVE-2015-6689 , CVE-2015-6690 , CVE-2015-6691 , CVE-2015-7615 , CVE-2015-7617 ,and CVE-2015-7621 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. Adobe Acrobat and Reader are prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A use-after-free vulnerability exists in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6687"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005244"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "VULHUB",
"id": "VHN-84648"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6687",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005244",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201510-200",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-15-508",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-470",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-493",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-469",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-474",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-492",
"trust": 0.3
},
{
"db": "BID",
"id": "77064",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84648",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84648"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005244"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-200"
},
{
"db": "NVD",
"id": "CVE-2015-6687"
}
]
},
"id": "VAR-201510-0358",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84648"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:32.803000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Remediation measures for reusing vulnerabilities after product release",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58049"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005244"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-200"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84648"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005244"
},
{
"db": "NVD",
"id": "CVE-2015-6687"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6687"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6687"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-469/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-470/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-474/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-492/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-493/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-508/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84648"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005244"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-200"
},
{
"db": "NVD",
"id": "CVE-2015-6687"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-84648"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005244"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-200"
},
{
"db": "NVD",
"id": "CVE-2015-6687"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84648"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77064"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005244"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-200"
},
{
"date": "2015-10-14T23:59:08.937000",
"db": "NVD",
"id": "CVE-2015-6687"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-18T00:00:00",
"db": "VULHUB",
"id": "VHN-84648"
},
{
"date": "2015-10-26T17:00:00",
"db": "BID",
"id": "77064"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005244"
},
{
"date": "2020-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-200"
},
{
"date": "2021-09-08T17:19:31.553000",
"db": "NVD",
"id": "CVE-2015-6687"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-200"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005244"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-200"
}
],
"trust": 0.6
}
}
var-201505-0413
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3049, CVE-2015-3050, CVE-2015-3051, CVE-2015-3052, CVE-2015-3056, CVE-2015-3057, CVE-2015-3070, and CVE-2015-3076. Adobe Reader and Acrobat are prone to multiple memory-corruption vulnerabilities. Failed exploit attempts will likely result in denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201505-0413",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002624"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-159"
},
{
"db": "NVD",
"id": "CVE-2015-3046"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002624"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "instruder of Alibaba Security Research Team, Mateusz Jurczyk of Google Project Zero, Alex Inf\u00fchr of Cure53.de, Mateusz Jurczyk of Google Project Zero and Gynvael Coldwind of Google Security Team, Wei Lei, as well as Wu Hongjun of Nanyang Technological Uni",
"sources": [
{
"db": "BID",
"id": "74600"
}
],
"trust": 0.3
},
"cve": "CVE-2015-3046",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3046",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-81007",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3046",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-3046",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-159",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-81007",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81007"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002624"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-159"
},
{
"db": "NVD",
"id": "CVE-2015-3046"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3049, CVE-2015-3050, CVE-2015-3051, CVE-2015-3052, CVE-2015-3056, CVE-2015-3057, CVE-2015-3070, and CVE-2015-3076. Adobe Reader and Acrobat are prone to multiple memory-corruption vulnerabilities. Failed exploit attempts will likely result in denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3046"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002624"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "VULHUB",
"id": "VHN-81007"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3046",
"trust": 2.8
},
{
"db": "BID",
"id": "74600",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1032284",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002624",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201505-159",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-81007",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81007"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002624"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-159"
},
{
"db": "NVD",
"id": "CVE-2015-3046"
}
]
},
"id": "VAR-201505-0413",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81007"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:34:03.048000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb15-10.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150514.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002624"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81007"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002624"
},
{
"db": "NVD",
"id": "CVE-2015-3046"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/74600"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032284"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3046"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150513-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3046"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=16279"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81007"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002624"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-159"
},
{
"db": "NVD",
"id": "CVE-2015-3046"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-81007"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002624"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-159"
},
{
"db": "NVD",
"id": "CVE-2015-3046"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-81007"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74600"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002624"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-159"
},
{
"date": "2015-05-13T10:59:43.213000",
"db": "NVD",
"id": "CVE-2015-3046"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-05T00:00:00",
"db": "VULHUB",
"id": "VHN-81007"
},
{
"date": "2015-07-15T01:02:00",
"db": "BID",
"id": "74600"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002624"
},
{
"date": "2015-05-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-159"
},
{
"date": "2017-01-05T20:09:52.370000",
"db": "NVD",
"id": "CVE-2015-3046"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-159"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002624"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-159"
}
],
"trust": 0.6
}
}
var-201001-0022
Vulnerability from variot
Multiple stack-based buffer overflows in the NOS Microsystems getPlus Helper ActiveX control before 1.6.2.49 in gp.ocx in the Download Manager in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow remote attackers to execute arbitrary code via unspecified initialization parameters. The Doc.media.newPlayer method in Adobe Acrobat and Reader contains a use-after-free vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Failed attempts will likely result in denial-of-service conditions. NOTE: This issue was previously covered in BID 37667 (Adobe Acrobat and Reader January 2010 Multiple Remote Vulnerabilities), but has been given its own record to better document it. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability intelligence source on the market.
Implement it through Secunia.
For more information visit: http://secunia.com/advisories/business_solutions/
Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com
TITLE: Adobe Reader/Acrobat Code Execution Vulnerability
SECUNIA ADVISORY ID: SA37690
VERIFY ADVISORY: http://secunia.com/advisories/37690/
DESCRIPTION: A vulnerability has been reported in Adobe Reader and Acrobat, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an unspecified error and can be exploited to execute arbitrary code.
The vulnerability is reported in versions 9.2 and prior.
SOLUTION: Do not open untrusted PDF files.
Do not visit untrusted websites or follow untrusted links.
PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day.
ORIGINAL ADVISORY: http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA10-013A
Adobe Reader and Acrobat Vulnerabilities
Original release date: Last revised: -- Source: US-CERT
Systems Affected
* Adobe Reader and Acrobat 9.2 and earlier 9.x versions
* Adobe Reader and Acrobat 8.1.7 and earlier 8.x versions
Overview
Adobe has released Security bulletin APSB10-02, which describes multiple vulnerabilities affecting Adobe Reader and Acrobat.
I. Description
Adobe Security Advisory APSB10-02 describes a number of vulnerabilities affecting Adobe Reader and Acrobat. These vulnerabilities affect Reader 9.2 and earlier 9.x versions and 8.1.7 and earlier 8.x versions. Further details are available in the US-CERT Vulnerability Notes Database.
An attacker could exploit these vulnerabilities by convincing a user to open a specially crafted PDF file. The Adobe Reader browser plug-in is available for multiple web browsers and operating systems, which can automatically open PDF documents hosted on a website.
Some of these vulnerabilities are being actively exploited.
II.
III. Solution
Update
Adobe has released updates to address this issue. Users are encouraged to read Adobe Security Bulletin APSB10-02 and update vulnerable versions of Adobe Reader and Acrobat. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; un-check Enable Acrobat JavaScript).
Prevent Internet Explorer from automatically opening PDF documents
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7] "EditFlags"=hex:00,00,00,00
Disable the display of PDF documents in the web browser
Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied it may also mitigate future vulnerabilities.
To prevent PDF documents from automatically being opened in a web browser, do the following:
- Open Adobe Acrobat Reader.
- Open the Edit menu.
- Choose the preferences option.
- Choose the Internet section.
- Un-check the "Display PDF in browser" check box.
Do not access PDF documents from untrusted sources
Do not open unfamiliar or unexpected PDF documents, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. References
-
Adobe Security Bulletin APSB10-02 - http://www.adobe.com/support/security/bulletins/apsb10-02.html
-
Vulnerability Note VU#508357 - https://www.kb.cert.org/vuls/id/508357
-
Vulnerability Note VU#773545 - https://www.kb.cert.org/vuls/id/773545
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA10-013A.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA10-013A Feedback VU#508357" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
January 13, 2010: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBS0402NucaIvSvh1ZAQJ3NQf+IbEop63x4l0P2ns/qPIVL3XaBd6xx11n +8eqQk0+ZtpmrPb03UjWaeh1tkNu98R4sMWZQENOWVbbeYLzAKLHPNf48ewqvzbl UvmW/kLxdu88Ux1BPNpJahX3zZgGqIswYSlGyIhlkpiLhUVrzfssykwyYbGZvGVn so9Euz4/1ZThOgAFoGY8xsqXVZ45lcS6YY2ACkl84r6BBcayzVtIsvfxKDfNMvfP bxjrXNqoLB/9n6x150uo2iF1dtB6uj/V+GVRFZa/X6lySTp/R+InBK8mpsxWMPB4 /la9+twnIB5cPHpNq1WVPhxbElsM3JCAndKEiLLTencMYPLc4i1cLQ== =KC5F -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201001-0022",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "4.0.5c"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "4.0.5a"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "5.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "4.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "3.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "5.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "3.02"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "4.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "4.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "3.01"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "3.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5a"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5c"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "microsystems getplus helper activex control",
"scope": "eq",
"trust": 0.3,
"vendor": "nos",
"version": "0"
},
{
"model": "networks self-service speech server",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "networks self-service peri application",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "networks self-service mps",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "5000"
},
{
"model": "networks self-service mps",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "10000"
},
{
"model": "networks self-service media processing server",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "networks callpilot 703t",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "networks callpilot 600r",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "networks callpilot 201i",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "networks callpilot 200i",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "networks callpilot 1005r",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "networks callpilot 1002rp",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "microsystems getplus helper activex control",
"scope": "ne",
"trust": 0.3,
"vendor": "nos",
"version": "1.6.2.49"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#773545"
},
{
"db": "CERT/CC",
"id": "VU#508357"
},
{
"db": "BID",
"id": "37759"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001019"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-104"
},
{
"db": "NVD",
"id": "CVE-2009-3958"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001019"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Will Dormann",
"sources": [
{
"db": "BID",
"id": "37759"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-104"
}
],
"trust": 0.9
},
"cve": "CVE-2009-3958",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2009-3958",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-41404",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2009-3958",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#773545",
"trust": 0.8,
"value": "3.65"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#508357",
"trust": 0.8,
"value": "65.84"
},
{
"author": "NVD",
"id": "CVE-2009-3958",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201001-104",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-41404",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#773545"
},
{
"db": "CERT/CC",
"id": "VU#508357"
},
{
"db": "VULHUB",
"id": "VHN-41404"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001019"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-104"
},
{
"db": "NVD",
"id": "CVE-2009-3958"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple stack-based buffer overflows in the NOS Microsystems getPlus Helper ActiveX control before 1.6.2.49 in gp.ocx in the Download Manager in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow remote attackers to execute arbitrary code via unspecified initialization parameters. The Doc.media.newPlayer method in Adobe Acrobat and Reader contains a use-after-free vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Failed attempts will likely result in denial-of-service conditions. \nNOTE: This issue was previously covered in BID 37667 (Adobe Acrobat and Reader January 2010 Multiple Remote Vulnerabilities), but has been given its own record to better document it. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management) \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nFor more information visit:\nhttp://secunia.com/advisories/business_solutions/\n\nAlternatively request a call from a Secunia representative today to\ndiscuss how we can help you with our capabilities contact us at:\nsales@secunia.com\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader/Acrobat Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA37690\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/37690/\n\nDESCRIPTION:\nA vulnerability has been reported in Adobe Reader and Acrobat, which\ncan be exploited by malicious people to compromise a user\u0027s system. \n\nThe vulnerability is caused due to an unspecified error and can be\nexploited to execute arbitrary code. \n\nThe vulnerability is reported in versions 9.2 and prior. \n\nSOLUTION:\nDo not open untrusted PDF files. \n\nDo not visit untrusted websites or follow untrusted links. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported as a 0-day. \n\nORIGINAL ADVISORY:\nhttp://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n National Cyber Alert System\n\n Technical Cyber Security Alert TA10-013A\n\n\nAdobe Reader and Acrobat Vulnerabilities\n\n Original release date: \n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n * Adobe Reader and Acrobat 9.2 and earlier 9.x versions\n * Adobe Reader and Acrobat 8.1.7 and earlier 8.x versions\n\n\nOverview\n\n Adobe has released Security bulletin APSB10-02, which describes\n multiple vulnerabilities affecting Adobe Reader and Acrobat. \n\n\nI. Description\n\n Adobe Security Advisory APSB10-02 describes a number of\n vulnerabilities affecting Adobe Reader and Acrobat. These\n vulnerabilities affect Reader 9.2 and earlier 9.x versions and\n 8.1.7 and earlier 8.x versions. Further details are available in\n the US-CERT Vulnerability Notes Database. \n \n An attacker could exploit these vulnerabilities by convincing a\n user to open a specially crafted PDF file. The Adobe Reader browser\n plug-in is available for multiple web browsers and operating\n systems, which can automatically open PDF documents hosted on a\n website. \n \n Some of these vulnerabilities are being actively exploited. \n\n\nII. \n\n\nIII. Solution\n\n Update\n \n Adobe has released updates to address this issue. Users are\n encouraged to read Adobe Security Bulletin APSB10-02 and update\n vulnerable versions of Adobe Reader and Acrobat. Acrobat JavaScript can be disabled using the\n Preferences menu (Edit -\u003e Preferences -\u003e JavaScript; un-check\n Enable Acrobat JavaScript). \n \n Prevent Internet Explorer from automatically opening PDF documents\n \n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n \n Windows Registry Editor Version 5.00\n \n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n \n Disable the display of PDF documents in the web browser\n \n Preventing PDF documents from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied it may also mitigate future vulnerabilities. \n \n To prevent PDF documents from automatically being opened in a web\n browser, do the following:\n \n 1. Open Adobe Acrobat Reader. \n 2. Open the Edit menu. \n 3. Choose the preferences option. \n 4. Choose the Internet section. \n 5. Un-check the \"Display PDF in browser\" check box. \n \n Do not access PDF documents from untrusted sources\n \n Do not open unfamiliar or unexpected PDF documents, particularly\n those hosted on websites or delivered as email attachments. Please\n see Cyber Security Tip ST04-010. \n\n\nIV. References\n\n * Adobe Security Bulletin APSB10-02 -\n \u003chttp://www.adobe.com/support/security/bulletins/apsb10-02.html\u003e\n\n * Vulnerability Note VU#508357 -\n \u003chttps://www.kb.cert.org/vuls/id/508357\u003e\n\n * Vulnerability Note VU#773545 -\n \u003chttps://www.kb.cert.org/vuls/id/773545\u003e\n\n ____________________________________________________________________\n\n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA10-013A.html\u003e\n ____________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-013A Feedback VU#508357\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n \n January 13, 2010: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBS0402NucaIvSvh1ZAQJ3NQf+IbEop63x4l0P2ns/qPIVL3XaBd6xx11n\n+8eqQk0+ZtpmrPb03UjWaeh1tkNu98R4sMWZQENOWVbbeYLzAKLHPNf48ewqvzbl\nUvmW/kLxdu88Ux1BPNpJahX3zZgGqIswYSlGyIhlkpiLhUVrzfssykwyYbGZvGVn\nso9Euz4/1ZThOgAFoGY8xsqXVZ45lcS6YY2ACkl84r6BBcayzVtIsvfxKDfNMvfP\nbxjrXNqoLB/9n6x150uo2iF1dtB6uj/V+GVRFZa/X6lySTp/R+InBK8mpsxWMPB4\n/la9+twnIB5cPHpNq1WVPhxbElsM3JCAndKEiLLTencMYPLc4i1cLQ==\n=KC5F\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-3958"
},
{
"db": "CERT/CC",
"id": "VU#773545"
},
{
"db": "CERT/CC",
"id": "VU#508357"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001019"
},
{
"db": "BID",
"id": "37759"
},
{
"db": "VULHUB",
"id": "VHN-41404"
},
{
"db": "PACKETSTORM",
"id": "83870"
},
{
"db": "PACKETSTORM",
"id": "85057"
},
{
"db": "PACKETSTORM",
"id": "85087"
}
],
"trust": 3.69
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-41404",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41404"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#773545",
"trust": 3.2
},
{
"db": "NVD",
"id": "CVE-2009-3958",
"trust": 2.8
},
{
"db": "USCERT",
"id": "TA10-013A",
"trust": 2.6
},
{
"db": "VUPEN",
"id": "ADV-2010-0103",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1023446",
"trust": 2.5
},
{
"db": "BID",
"id": "37759",
"trust": 2.2
},
{
"db": "SECUNIA",
"id": "37690",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#508357",
"trust": 0.9
},
{
"db": "OSVDB",
"id": "60980",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA10-013A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001019",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201001-104",
"trust": 0.7
},
{
"db": "CERT/CC",
"id": "TA10-013A",
"trust": 0.6
},
{
"db": "SUSE",
"id": "SUSE-SA:2010:008",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "14345",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "38131",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-67516",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "11172",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-41404",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83870",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "85057",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "85087",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#773545"
},
{
"db": "CERT/CC",
"id": "VU#508357"
},
{
"db": "VULHUB",
"id": "VHN-41404"
},
{
"db": "BID",
"id": "37759"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001019"
},
{
"db": "PACKETSTORM",
"id": "83870"
},
{
"db": "PACKETSTORM",
"id": "85057"
},
{
"db": "PACKETSTORM",
"id": "85087"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-104"
},
{
"db": "NVD",
"id": "CVE-2009-3958"
}
]
},
"id": "VAR-201001-0022",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-41404"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:48:35.007000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-02",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"title": "APSB10-02",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-02.html"
},
{
"title": "TA10-013A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-013a.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001019"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41404"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001019"
},
{
"db": "NVD",
"id": "CVE-2009-3958"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-013a.html"
},
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id?1023446"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2010/0103"
},
{
"trust": 2.3,
"url": "http://www.kb.cert.org/vuls/id/773545"
},
{
"trust": 2.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/37759"
},
{
"trust": 1.7,
"url": "http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a8455"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55556"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/37690/"
},
{
"trust": 0.8,
"url": "about vulnerability notes"
},
{
"trust": 0.8,
"url": "contact us about this vulnerability"
},
{
"trust": 0.8,
"url": "provide a vendor statement"
},
{
"trust": 0.8,
"url": "http://www.adobe.com/support/security/advisories/apsa09-07.html"
},
{
"trust": 0.8,
"url": "http://kb2.adobe.com/cps/532/cpsid_53237.html"
},
{
"trust": 0.8,
"url": "http://osvdb.org/show/osvdb/60980"
},
{
"trust": 0.8,
"url": "http://www.symantec.com/connect/blogs/zero-day-xmas-present"
},
{
"trust": 0.8,
"url": "http://voices.washingtonpost.com/securityfix/2009/12/hackers_target_unpatched_adobe.html"
},
{
"trust": 0.8,
"url": "http://vrt-sourcefire.blogspot.com/2009/12/this-is-what-happens-when-you-try-to-do.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3958"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20100113-adobe.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2010/at100003.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-013a/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-03/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-3958"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-013a.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/index.html#topics"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/14345"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026id=991610"
},
{
"trust": 0.3,
"url": "http://www.nosltd.com/get.html"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/38131/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html\u003e"
},
{
"trust": 0.1,
"url": "https://www.kb.cert.org/vuls/id/773545\u003e"
},
{
"trust": 0.1,
"url": "https://www.kb.cert.org/vuls/id/508357\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-013a.html\u003e"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#773545"
},
{
"db": "CERT/CC",
"id": "VU#508357"
},
{
"db": "VULHUB",
"id": "VHN-41404"
},
{
"db": "BID",
"id": "37759"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001019"
},
{
"db": "PACKETSTORM",
"id": "83870"
},
{
"db": "PACKETSTORM",
"id": "85057"
},
{
"db": "PACKETSTORM",
"id": "85087"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-104"
},
{
"db": "NVD",
"id": "CVE-2009-3958"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#773545"
},
{
"db": "CERT/CC",
"id": "VU#508357"
},
{
"db": "VULHUB",
"id": "VHN-41404"
},
{
"db": "BID",
"id": "37759"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001019"
},
{
"db": "PACKETSTORM",
"id": "83870"
},
{
"db": "PACKETSTORM",
"id": "85057"
},
{
"db": "PACKETSTORM",
"id": "85087"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-104"
},
{
"db": "NVD",
"id": "CVE-2009-3958"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-01-13T00:00:00",
"db": "CERT/CC",
"id": "VU#773545"
},
{
"date": "2009-12-15T00:00:00",
"db": "CERT/CC",
"id": "VU#508357"
},
{
"date": "2010-01-13T00:00:00",
"db": "VULHUB",
"id": "VHN-41404"
},
{
"date": "2010-01-12T00:00:00",
"db": "BID",
"id": "37759"
},
{
"date": "2010-02-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001019"
},
{
"date": "2009-12-15T13:39:57",
"db": "PACKETSTORM",
"id": "83870"
},
{
"date": "2010-01-13T17:35:06",
"db": "PACKETSTORM",
"id": "85057"
},
{
"date": "2010-01-14T02:46:00",
"db": "PACKETSTORM",
"id": "85087"
},
{
"date": "2010-01-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201001-104"
},
{
"date": "2010-01-13T19:30:00.560000",
"db": "NVD",
"id": "CVE-2009-3958"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-01-13T00:00:00",
"db": "CERT/CC",
"id": "VU#773545"
},
{
"date": "2010-06-18T00:00:00",
"db": "CERT/CC",
"id": "VU#508357"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-41404"
},
{
"date": "2015-03-19T08:27:00",
"db": "BID",
"id": "37759"
},
{
"date": "2010-02-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001019"
},
{
"date": "2011-07-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201001-104"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2009-3958"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201001-104"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NOS Microsystems Adobe getPlus Helper ActiveX control stack buffer overflows",
"sources": [
{
"db": "CERT/CC",
"id": "VU#773545"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201001-104"
}
],
"trust": 0.6
}
}
var-200912-0765
Vulnerability from variot
The 3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow attackers to execute arbitrary code via unspecified vectors, related to a "DLL-loading vulnerability.". An attacker can exploit this issue to execute arbitrary code. Failed exploit attempts will likely cause denial-of-service conditions. This issue affects Reader and Acrobat 9.2 and prior versions. NOTE: This issue was previously covered in BID 37667 (Adobe Acrobat and Reader January 2010 Multiple Remote Vulnerabilities), but has been given its own record to better document it. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability intelligence source on the market.
Implement it through Secunia.
For more information visit: http://secunia.com/advisories/business_solutions/
Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com
TITLE: Adobe Reader/Acrobat Code Execution Vulnerability
SECUNIA ADVISORY ID: SA37690
VERIFY ADVISORY: http://secunia.com/advisories/37690/
DESCRIPTION: A vulnerability has been reported in Adobe Reader and Acrobat, which can be exploited by malicious people to compromise a user's system.
SOLUTION: Do not open untrusted PDF files.
Do not visit untrusted websites or follow untrusted links.
PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day.
ORIGINAL ADVISORY: http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
.
For more information: SA37690
SOLUTION: Adobe Reader 7.x and Acrobat 7.x: Upgrade to version 8.2 or 9.3. Please see the vendor's advisory for more information.
NOTE: Support has ended for Adobe Reader 7.x and Acrobat 7.x on Windows, Macintosh, and UNIX.
CHANGELOG: 2010-01-13: Updated CVE references. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA10-013A
Adobe Reader and Acrobat Vulnerabilities
Original release date: Last revised: -- Source: US-CERT
Systems Affected
* Adobe Reader and Acrobat 9.2 and earlier 9.x versions
* Adobe Reader and Acrobat 8.1.7 and earlier 8.x versions
Overview
Adobe has released Security bulletin APSB10-02, which describes multiple vulnerabilities affecting Adobe Reader and Acrobat.
I. Further details are available in the US-CERT Vulnerability Notes Database.
An attacker could exploit these vulnerabilities by convincing a user to open a specially crafted PDF file. The Adobe Reader browser plug-in is available for multiple web browsers and operating systems, which can automatically open PDF documents hosted on a website.
Some of these vulnerabilities are being actively exploited.
II.
III. Solution
Update
Adobe has released updates to address this issue. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; un-check Enable Acrobat JavaScript).
Prevent Internet Explorer from automatically opening PDF documents
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7] "EditFlags"=hex:00,00,00,00
Disable the display of PDF documents in the web browser
Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied it may also mitigate future vulnerabilities.
To prevent PDF documents from automatically being opened in a web browser, do the following:
- Open the Edit menu.
- Choose the preferences option.
- Choose the Internet section.
- Un-check the "Display PDF in browser" check box.
Do not access PDF documents from untrusted sources
Do not open unfamiliar or unexpected PDF documents, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. References
-
Adobe Security Bulletin APSB10-02 - http://www.adobe.com/support/security/bulletins/apsb10-02.html
-
Vulnerability Note VU#508357 - https://www.kb.cert.org/vuls/id/508357
-
Vulnerability Note VU#773545 - https://www.kb.cert.org/vuls/id/773545
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA10-013A.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA10-013A Feedback VU#508357" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
January 13, 2010: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBS0402NucaIvSvh1ZAQJ3NQf+IbEop63x4l0P2ns/qPIVL3XaBd6xx11n +8eqQk0+ZtpmrPb03UjWaeh1tkNu98R4sMWZQENOWVbbeYLzAKLHPNf48ewqvzbl UvmW/kLxdu88Ux1BPNpJahX3zZgGqIswYSlGyIhlkpiLhUVrzfssykwyYbGZvGVn so9Euz4/1ZThOgAFoGY8xsqXVZ45lcS6YY2ACkl84r6BBcayzVtIsvfxKDfNMvfP bxjrXNqoLB/9n6x150uo2iF1dtB6uj/V+GVRFZa/X6lySTp/R+InBK8mpsxWMPB4 /la9+twnIB5cPHpNq1WVPhxbElsM3JCAndKEiLLTencMYPLc4i1cLQ== =KC5F -----END PGP SIGNATURE----- . ----------------------------------------------------------------------
Secunia integrated with Microsoft WSUS http://secunia.com/blog/71/
TITLE: Red Hat update for acroread
SECUNIA ADVISORY ID: SA38215
VERIFY ADVISORY: http://secunia.com/advisories/38215/
DESCRIPTION: Red Hat has issued an update for acroread. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks or compromise a user's system.
For more information: SA37690
SOLUTION: Updated packages are available via Red Hat Network
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200912-0765",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "3.02"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "3.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "3.01"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "3.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5a"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5c"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5a"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5c"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.4.z (server)"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "linux enterprise sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "networks callpilot 1002rp",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "networks callpilot 1005r",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "networks self-service peri application",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "networks callpilot 600r",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "linux enterprise sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "networks self-service speech server",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "networks callpilot 200i",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "networks self-service mps",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "5000"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "networks callpilot 703t",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "networks callpilot 201i",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "networks self-service mps",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "10000"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "networks self-service media processing server",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#773545"
},
{
"db": "CERT/CC",
"id": "VU#508357"
},
{
"db": "BID",
"id": "37761"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001015"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-088"
},
{
"db": "NVD",
"id": "CVE-2009-3954"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001015"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Greg MacManus",
"sources": [
{
"db": "BID",
"id": "37761"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-088"
}
],
"trust": 0.9
},
"cve": "CVE-2009-3954",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2009-3954",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-41400",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2009-3954",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#773545",
"trust": 0.8,
"value": "3.65"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#508357",
"trust": 0.8,
"value": "65.84"
},
{
"author": "NVD",
"id": "CVE-2009-3954",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201001-088",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-41400",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#773545"
},
{
"db": "CERT/CC",
"id": "VU#508357"
},
{
"db": "VULHUB",
"id": "VHN-41400"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001015"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-088"
},
{
"db": "NVD",
"id": "CVE-2009-3954"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The 3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow attackers to execute arbitrary code via unspecified vectors, related to a \"DLL-loading vulnerability.\". \nAn attacker can exploit this issue to execute arbitrary code. Failed exploit attempts will likely cause denial-of-service conditions. \nThis issue affects Reader and Acrobat 9.2 and prior versions. \nNOTE: This issue was previously covered in BID 37667 (Adobe Acrobat and Reader January 2010 Multiple Remote Vulnerabilities), but has been given its own record to better document it. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management) \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nFor more information visit:\nhttp://secunia.com/advisories/business_solutions/\n\nAlternatively request a call from a Secunia representative today to\ndiscuss how we can help you with our capabilities contact us at:\nsales@secunia.com\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader/Acrobat Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA37690\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/37690/\n\nDESCRIPTION:\nA vulnerability has been reported in Adobe Reader and Acrobat, which\ncan be exploited by malicious people to compromise a user\u0027s system. \n\nSOLUTION:\nDo not open untrusted PDF files. \n\nDo not visit untrusted websites or follow untrusted links. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported as a 0-day. \n\nORIGINAL ADVISORY:\nhttp://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\nFor more information:\nSA37690\n\nSOLUTION:\nAdobe Reader 7.x and Acrobat 7.x:\nUpgrade to version 8.2 or 9.3. Please see the vendor\u0027s advisory for\nmore information. \n\nNOTE: Support has ended for Adobe Reader 7.x and Acrobat 7.x on\nWindows, Macintosh, and UNIX. \n\nCHANGELOG:\n2010-01-13: Updated CVE references. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n National Cyber Alert System\n\n Technical Cyber Security Alert TA10-013A\n\n\nAdobe Reader and Acrobat Vulnerabilities\n\n Original release date: \n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n * Adobe Reader and Acrobat 9.2 and earlier 9.x versions\n * Adobe Reader and Acrobat 8.1.7 and earlier 8.x versions\n\n\nOverview\n\n Adobe has released Security bulletin APSB10-02, which describes\n multiple vulnerabilities affecting Adobe Reader and Acrobat. \n\n\nI. Further details are available in\n the US-CERT Vulnerability Notes Database. \n \n An attacker could exploit these vulnerabilities by convincing a\n user to open a specially crafted PDF file. The Adobe Reader browser\n plug-in is available for multiple web browsers and operating\n systems, which can automatically open PDF documents hosted on a\n website. \n \n Some of these vulnerabilities are being actively exploited. \n\n\nII. \n\n\nIII. Solution\n\n Update\n \n Adobe has released updates to address this issue. Acrobat JavaScript can be disabled using the\n Preferences menu (Edit -\u003e Preferences -\u003e JavaScript; un-check\n Enable Acrobat JavaScript). \n \n Prevent Internet Explorer from automatically opening PDF documents\n \n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n \n Windows Registry Editor Version 5.00\n \n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n \n Disable the display of PDF documents in the web browser\n \n Preventing PDF documents from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied it may also mitigate future vulnerabilities. \n \n To prevent PDF documents from automatically being opened in a web\n browser, do the following:\n \n 1. \n 2. Open the Edit menu. \n 3. Choose the preferences option. \n 4. Choose the Internet section. \n 5. Un-check the \"Display PDF in browser\" check box. \n \n Do not access PDF documents from untrusted sources\n \n Do not open unfamiliar or unexpected PDF documents, particularly\n those hosted on websites or delivered as email attachments. Please\n see Cyber Security Tip ST04-010. \n\n\nIV. References\n\n * Adobe Security Bulletin APSB10-02 -\n \u003chttp://www.adobe.com/support/security/bulletins/apsb10-02.html\u003e\n\n * Vulnerability Note VU#508357 -\n \u003chttps://www.kb.cert.org/vuls/id/508357\u003e\n\n * Vulnerability Note VU#773545 -\n \u003chttps://www.kb.cert.org/vuls/id/773545\u003e\n\n ____________________________________________________________________\n\n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA10-013A.html\u003e\n ____________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-013A Feedback VU#508357\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n \n January 13, 2010: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBS0402NucaIvSvh1ZAQJ3NQf+IbEop63x4l0P2ns/qPIVL3XaBd6xx11n\n+8eqQk0+ZtpmrPb03UjWaeh1tkNu98R4sMWZQENOWVbbeYLzAKLHPNf48ewqvzbl\nUvmW/kLxdu88Ux1BPNpJahX3zZgGqIswYSlGyIhlkpiLhUVrzfssykwyYbGZvGVn\nso9Euz4/1ZThOgAFoGY8xsqXVZ45lcS6YY2ACkl84r6BBcayzVtIsvfxKDfNMvfP\nbxjrXNqoLB/9n6x150uo2iF1dtB6uj/V+GVRFZa/X6lySTp/R+InBK8mpsxWMPB4\n/la9+twnIB5cPHpNq1WVPhxbElsM3JCAndKEiLLTencMYPLc4i1cLQ==\n=KC5F\n-----END PGP SIGNATURE-----\n. ----------------------------------------------------------------------\n\n\n\nSecunia integrated with Microsoft WSUS \nhttp://secunia.com/blog/71/\n\n\n\n----------------------------------------------------------------------\n\nTITLE:\nRed Hat update for acroread\n\nSECUNIA ADVISORY ID:\nSA38215\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/38215/\n\nDESCRIPTION:\nRed Hat has issued an update for acroread. This fixes multiple\nvulnerabilities, which can be exploited by malicious people to\nconduct cross-site scripting attacks or compromise a user\u0027s system. \n\nFor more information:\nSA37690\n\nSOLUTION:\nUpdated packages are available via Red Hat Network",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-3954"
},
{
"db": "CERT/CC",
"id": "VU#773545"
},
{
"db": "CERT/CC",
"id": "VU#508357"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001015"
},
{
"db": "BID",
"id": "37761"
},
{
"db": "VULHUB",
"id": "VHN-41400"
},
{
"db": "PACKETSTORM",
"id": "83870"
},
{
"db": "PACKETSTORM",
"id": "85063"
},
{
"db": "PACKETSTORM",
"id": "85057"
},
{
"db": "PACKETSTORM",
"id": "85087"
},
{
"db": "PACKETSTORM",
"id": "85488"
}
],
"trust": 3.87
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-3954",
"trust": 2.8
},
{
"db": "USCERT",
"id": "TA10-013A",
"trust": 2.6
},
{
"db": "VUPEN",
"id": "ADV-2010-0103",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1023446",
"trust": 2.5
},
{
"db": "BID",
"id": "37761",
"trust": 2.2
},
{
"db": "SECUNIA",
"id": "38215",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "38138",
"trust": 1.2
},
{
"db": "CERT/CC",
"id": "VU#773545",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "37690",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#508357",
"trust": 0.9
},
{
"db": "OSVDB",
"id": "60980",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA10-013A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001015",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201001-088",
"trust": 0.7
},
{
"db": "CERT/CC",
"id": "TA10-013A",
"trust": 0.6
},
{
"db": "SUSE",
"id": "SUSE-SA:2010:008",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "14343",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "38131",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-41400",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83870",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "85063",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "85057",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "85087",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "85488",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#773545"
},
{
"db": "CERT/CC",
"id": "VU#508357"
},
{
"db": "VULHUB",
"id": "VHN-41400"
},
{
"db": "BID",
"id": "37761"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001015"
},
{
"db": "PACKETSTORM",
"id": "83870"
},
{
"db": "PACKETSTORM",
"id": "85063"
},
{
"db": "PACKETSTORM",
"id": "85057"
},
{
"db": "PACKETSTORM",
"id": "85087"
},
{
"db": "PACKETSTORM",
"id": "85488"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-088"
},
{
"db": "NVD",
"id": "CVE-2009-3954"
}
]
},
"id": "VAR-200912-0765",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-41400"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:33:35.691000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-02",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"title": "APSB10-02",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-02.html"
},
{
"title": "RHSA-2010:0037",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0037.html"
},
{
"title": "RHSA-2010:0038",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0038.html"
},
{
"title": "RHSA-2010:0060",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0060.html"
},
{
"title": "TA10-013A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-013a.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001015"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41400"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001015"
},
{
"db": "NVD",
"id": "CVE-2009-3954"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-013a.html"
},
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id?1023446"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2010/0103"
},
{
"trust": 2.2,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/37761"
},
{
"trust": 1.7,
"url": "http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/37690/"
},
{
"trust": 1.1,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=554293"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a8528"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2010-0060.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/38138"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/38215"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55552"
},
{
"trust": 0.8,
"url": "about vulnerability notes"
},
{
"trust": 0.8,
"url": "contact us about this vulnerability"
},
{
"trust": 0.8,
"url": "provide a vendor statement"
},
{
"trust": 0.8,
"url": "http://www.adobe.com/support/security/advisories/apsa09-07.html"
},
{
"trust": 0.8,
"url": "http://kb2.adobe.com/cps/532/cpsid_53237.html"
},
{
"trust": 0.8,
"url": "http://osvdb.org/show/osvdb/60980"
},
{
"trust": 0.8,
"url": "http://www.symantec.com/connect/blogs/zero-day-xmas-present"
},
{
"trust": 0.8,
"url": "http://voices.washingtonpost.com/securityfix/2009/12/hackers_target_unpatched_adobe.html"
},
{
"trust": 0.8,
"url": "http://vrt-sourcefire.blogspot.com/2009/12/this-is-what-happens-when-you-try-to-do.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3954"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20100113-adobe.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2010/at100003.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-013a/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-03/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-3954"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-013a.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/index.html#topics"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/14343"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.4,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026id=991610"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/38138/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/773545"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/38131/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html\u003e"
},
{
"trust": 0.1,
"url": "https://www.kb.cert.org/vuls/id/773545\u003e"
},
{
"trust": 0.1,
"url": "https://www.kb.cert.org/vuls/id/508357\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-013a.html\u003e"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2010-0060.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/71/"
},
{
"trust": 0.1,
"url": "http://rhn.redhat.com"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/38215/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#773545"
},
{
"db": "CERT/CC",
"id": "VU#508357"
},
{
"db": "VULHUB",
"id": "VHN-41400"
},
{
"db": "BID",
"id": "37761"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001015"
},
{
"db": "PACKETSTORM",
"id": "83870"
},
{
"db": "PACKETSTORM",
"id": "85063"
},
{
"db": "PACKETSTORM",
"id": "85057"
},
{
"db": "PACKETSTORM",
"id": "85087"
},
{
"db": "PACKETSTORM",
"id": "85488"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-088"
},
{
"db": "NVD",
"id": "CVE-2009-3954"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#773545"
},
{
"db": "CERT/CC",
"id": "VU#508357"
},
{
"db": "VULHUB",
"id": "VHN-41400"
},
{
"db": "BID",
"id": "37761"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001015"
},
{
"db": "PACKETSTORM",
"id": "83870"
},
{
"db": "PACKETSTORM",
"id": "85063"
},
{
"db": "PACKETSTORM",
"id": "85057"
},
{
"db": "PACKETSTORM",
"id": "85087"
},
{
"db": "PACKETSTORM",
"id": "85488"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-088"
},
{
"db": "NVD",
"id": "CVE-2009-3954"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-01-13T00:00:00",
"db": "CERT/CC",
"id": "VU#773545"
},
{
"date": "2009-12-15T00:00:00",
"db": "CERT/CC",
"id": "VU#508357"
},
{
"date": "2010-01-13T00:00:00",
"db": "VULHUB",
"id": "VHN-41400"
},
{
"date": "2010-01-12T00:00:00",
"db": "BID",
"id": "37761"
},
{
"date": "2010-02-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001015"
},
{
"date": "2009-12-15T13:39:57",
"db": "PACKETSTORM",
"id": "83870"
},
{
"date": "2010-01-13T17:35:22",
"db": "PACKETSTORM",
"id": "85063"
},
{
"date": "2010-01-13T17:35:06",
"db": "PACKETSTORM",
"id": "85057"
},
{
"date": "2010-01-14T02:46:00",
"db": "PACKETSTORM",
"id": "85087"
},
{
"date": "2010-01-21T10:22:42",
"db": "PACKETSTORM",
"id": "85488"
},
{
"date": "2010-01-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201001-088"
},
{
"date": "2010-01-13T19:30:00.407000",
"db": "NVD",
"id": "CVE-2009-3954"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-01-13T00:00:00",
"db": "CERT/CC",
"id": "VU#773545"
},
{
"date": "2010-06-18T00:00:00",
"db": "CERT/CC",
"id": "VU#508357"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-41400"
},
{
"date": "2010-02-01T21:21:00",
"db": "BID",
"id": "37761"
},
{
"date": "2010-02-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001015"
},
{
"date": "2010-01-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201001-088"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2009-3954"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201001-088"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NOS Microsystems Adobe getPlus Helper ActiveX control stack buffer overflows",
"sources": [
{
"db": "CERT/CC",
"id": "VU#773545"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201001-088"
}
],
"trust": 0.6
}
}
var-201309-0157
Vulnerability from variot
Buffer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-3353. This vulnerability CVE-2013-3353 Is a different vulnerability.An attacker could execute arbitrary code. Adobe Acrobat and Reader are prone to an unspecified buffer-overflow vulnerability. Limited information is currently available regarding this issue. We will update this BID as more information emerges. Failed attacks may cause a denial-of-service condition. Note: This issue was previously discussed in BID 62293 (Adobe Acrobat and Reader APSB13-22 Multiple Remote Code Execution Vulnerabilities), but has been moved to its own record for better documentation. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201309-0157",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.04)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.8)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.04)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.8)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "x10.1.8"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "x10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "x11.0.3"
},
{
"model": "reader xi",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat xi",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
}
],
"sources": [
{
"db": "BID",
"id": "62436"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004081"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-151"
},
{
"db": "NVD",
"id": "CVE-2013-3356"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004081"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mateusz Jurczyk and Gynvael Coldwind of the Google Security Team",
"sources": [
{
"db": "BID",
"id": "62436"
}
],
"trust": 0.3
},
"cve": "CVE-2013-3356",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2013-3356",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-63358",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-3356",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2013-3356",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201309-151",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-63358",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63358"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004081"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-151"
},
{
"db": "NVD",
"id": "CVE-2013-3356"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-3353. This vulnerability CVE-2013-3353 Is a different vulnerability.An attacker could execute arbitrary code. Adobe Acrobat and Reader are prone to an unspecified buffer-overflow vulnerability. \nLimited information is currently available regarding this issue. We will update this BID as more information emerges. Failed attacks may cause a denial-of-service condition. \nNote: This issue was previously discussed in BID 62293 (Adobe Acrobat and Reader APSB13-22 Multiple Remote Code Execution Vulnerabilities), but has been moved to its own record for better documentation. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3356"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004081"
},
{
"db": "BID",
"id": "62436"
},
{
"db": "VULHUB",
"id": "VHN-63358"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-3356",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004081",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201309-151",
"trust": 0.7
},
{
"db": "BID",
"id": "62436",
"trust": 0.4
},
{
"db": "SEEBUG",
"id": "SSVID-61040",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-63358",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63358"
},
{
"db": "BID",
"id": "62436"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004081"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-151"
},
{
"db": "NVD",
"id": "CVE-2013-3356"
}
]
},
"id": "VAR-201309-0157",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-63358"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T15:14:02.782000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB13-22",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-22.html"
},
{
"title": "APSB13-22 (cq09051858)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/acrobat/kb/cq09051858.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004081"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.1
},
{
"problemtype": "CWE-94",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63358"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004081"
},
{
"db": "NVD",
"id": "CVE-2013-3356"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-22.html"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a18932"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3356"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20130911-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2013/at130039.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3356"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=12255"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63358"
},
{
"db": "BID",
"id": "62436"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004081"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-151"
},
{
"db": "NVD",
"id": "CVE-2013-3356"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-63358"
},
{
"db": "BID",
"id": "62436"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004081"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-151"
},
{
"db": "NVD",
"id": "CVE-2013-3356"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-09-12T00:00:00",
"db": "VULHUB",
"id": "VHN-63358"
},
{
"date": "2013-09-10T00:00:00",
"db": "BID",
"id": "62436"
},
{
"date": "2013-09-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004081"
},
{
"date": "2013-09-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201309-151"
},
{
"date": "2013-09-12T13:28:24.523000",
"db": "NVD",
"id": "CVE-2013-3356"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-63358"
},
{
"date": "2013-09-10T00:00:00",
"db": "BID",
"id": "62436"
},
{
"date": "2013-09-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004081"
},
{
"date": "2013-09-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201309-151"
},
{
"date": "2017-09-19T01:36:40.717000",
"db": "NVD",
"id": "CVE-2013-3356"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201309-151"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004081"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201309-151"
}
],
"trust": 0.6
}
}
var-201505-0306
Vulnerability from variot
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3053, CVE-2015-3055, CVE-2015-3059, and CVE-2015-3075. This vulnerability CVE-2015-3053 , CVE-2015-3055 , CVE-2015-3059 ,and CVE-2015-3075 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the WillSave document action. A specially crafted WillSave document action can force a dangling pointer to be reused after it has been freed. Adobe Reader and Acrobat are prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will likely result in denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201505-0306",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat pro",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-214"
},
{
"db": "BID",
"id": "74602"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002632"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-167"
},
{
"db": "NVD",
"id": "CVE-2015-3054"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002632"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Brian Gorenc - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-214"
}
],
"trust": 0.7
},
"cve": "CVE-2015-3054",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3054",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-3054",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-81015",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3054",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-3054",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-3054",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-167",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-81015",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-214"
},
{
"db": "VULHUB",
"id": "VHN-81015"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002632"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-167"
},
{
"db": "NVD",
"id": "CVE-2015-3054"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3053, CVE-2015-3055, CVE-2015-3059, and CVE-2015-3075. This vulnerability CVE-2015-3053 , CVE-2015-3055 , CVE-2015-3059 ,and CVE-2015-3075 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the WillSave document action. A specially crafted WillSave document action can force a dangling pointer to be reused after it has been freed. Adobe Reader and Acrobat are prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will likely result in denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3054"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002632"
},
{
"db": "ZDI",
"id": "ZDI-15-214"
},
{
"db": "BID",
"id": "74602"
},
{
"db": "VULHUB",
"id": "VHN-81015"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3054",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-214",
"trust": 1.8
},
{
"db": "BID",
"id": "74602",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1032284",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002632",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2725",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201505-167",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-81015",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-214"
},
{
"db": "VULHUB",
"id": "VHN-81015"
},
{
"db": "BID",
"id": "74602"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002632"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-167"
},
{
"db": "NVD",
"id": "CVE-2015-3054"
}
]
},
"id": "VAR-201505-0306",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81015"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:34:02.940000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-10",
"trust": 1.5,
"url": "http://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb15-10.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150514.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-214"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002632"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002632"
},
{
"db": "NVD",
"id": "CVE-2015-3054"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/74602"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-214"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032284"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3054"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150513-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3054"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=16279"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-214"
},
{
"db": "VULHUB",
"id": "VHN-81015"
},
{
"db": "BID",
"id": "74602"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002632"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-167"
},
{
"db": "NVD",
"id": "CVE-2015-3054"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-214"
},
{
"db": "VULHUB",
"id": "VHN-81015"
},
{
"db": "BID",
"id": "74602"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002632"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-167"
},
{
"db": "NVD",
"id": "CVE-2015-3054"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-214"
},
{
"date": "2015-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-81015"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74602"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002632"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-167"
},
{
"date": "2015-05-13T10:59:50.247000",
"db": "NVD",
"id": "CVE-2015-3054"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-214"
},
{
"date": "2017-01-05T00:00:00",
"db": "VULHUB",
"id": "VHN-81015"
},
{
"date": "2015-05-15T00:10:00",
"db": "BID",
"id": "74602"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002632"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-167"
},
{
"date": "2017-01-05T19:53:21.097000",
"db": "NVD",
"id": "CVE-2015-3054"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-167"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002632"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "74602"
}
],
"trust": 0.3
}
}
var-201505-0305
Vulnerability from variot
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3054, CVE-2015-3055, CVE-2015-3059, and CVE-2015-3075. This vulnerability CVE-2015-3054 , CVE-2015-3055 , CVE-2015-3059 ,and CVE-2015-3075 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the Close page action. A specially crafted Close page action can force a dangling pointer to be reused after it has been freed. Adobe Reader and Acrobat are prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will likely result in denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201505-0305",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat pro",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-215"
},
{
"db": "BID",
"id": "74602"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002631"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-166"
},
{
"db": "NVD",
"id": "CVE-2015-3053"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002631"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-215"
}
],
"trust": 0.7
},
"cve": "CVE-2015-3053",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3053",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-3053",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-81014",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3053",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-3053",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-3053",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-166",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-81014",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-215"
},
{
"db": "VULHUB",
"id": "VHN-81014"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002631"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-166"
},
{
"db": "NVD",
"id": "CVE-2015-3053"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3054, CVE-2015-3055, CVE-2015-3059, and CVE-2015-3075. This vulnerability CVE-2015-3054 , CVE-2015-3055 , CVE-2015-3059 ,and CVE-2015-3075 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the Close page action. A specially crafted Close page action can force a dangling pointer to be reused after it has been freed. Adobe Reader and Acrobat are prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will likely result in denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3053"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002631"
},
{
"db": "ZDI",
"id": "ZDI-15-215"
},
{
"db": "BID",
"id": "74602"
},
{
"db": "VULHUB",
"id": "VHN-81014"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3053",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-215",
"trust": 1.8
},
{
"db": "BID",
"id": "74602",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1032284",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002631",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2724",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201505-166",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-81014",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-215"
},
{
"db": "VULHUB",
"id": "VHN-81014"
},
{
"db": "BID",
"id": "74602"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002631"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-166"
},
{
"db": "NVD",
"id": "CVE-2015-3053"
}
]
},
"id": "VAR-201505-0305",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81014"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:34:02.819000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb15-10.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150514.html"
},
{
"title": "AdbeRdrUpd10114",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55534"
},
{
"title": "AcrobatUpd10114",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55538"
},
{
"title": "AdbeRdrUpd11011",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55533"
},
{
"title": "AcrobatUpd11011",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55537"
},
{
"title": "AdbeRdrUpd10114",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55532"
},
{
"title": "AcrobatUpd10114",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55536"
},
{
"title": "AdbeRdrUpd11011",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55535"
},
{
"title": "AcrobatUpd11011",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55539"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002631"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-166"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81014"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002631"
},
{
"db": "NVD",
"id": "CVE-2015-3053"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/74602"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-215"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032284"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3053"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150513-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3053"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=16279"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81014"
},
{
"db": "BID",
"id": "74602"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002631"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-166"
},
{
"db": "NVD",
"id": "CVE-2015-3053"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-215"
},
{
"db": "VULHUB",
"id": "VHN-81014"
},
{
"db": "BID",
"id": "74602"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002631"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-166"
},
{
"db": "NVD",
"id": "CVE-2015-3053"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-215"
},
{
"date": "2015-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-81014"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74602"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002631"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-166"
},
{
"date": "2015-05-13T10:59:49.387000",
"db": "NVD",
"id": "CVE-2015-3053"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-215"
},
{
"date": "2017-01-05T00:00:00",
"db": "VULHUB",
"id": "VHN-81014"
},
{
"date": "2015-05-15T00:10:00",
"db": "BID",
"id": "74602"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002631"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-166"
},
{
"date": "2017-01-05T20:03:33.977000",
"db": "NVD",
"id": "CVE-2015-3053"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-166"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002631"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "74602"
}
],
"trust": 0.3
}
}
var-201412-0497
Vulnerability from variot
An unspecified JavaScript API in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2014-8448. This vulnerability CVE-2014-8448 Is a different vulnerability.An attacker could obtain important information. Adobe Reader and Acrobat are prone to an information-disclosure vulnerability. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201412-0497",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.06"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.07"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.01"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.03"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.04"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.02"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.13)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.13)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.10)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.10)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "71565"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005926"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-226"
},
{
"db": "NVD",
"id": "CVE-2014-8451"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005926"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alex Inf\u00fchr of Cure53.de.",
"sources": [
{
"db": "BID",
"id": "71565"
}
],
"trust": 0.3
},
"cve": "CVE-2014-8451",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2014-8451",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-76396",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-8451",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-8451",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201412-226",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-76396",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76396"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005926"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-226"
},
{
"db": "NVD",
"id": "CVE-2014-8451"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An unspecified JavaScript API in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2014-8448. This vulnerability CVE-2014-8448 Is a different vulnerability.An attacker could obtain important information. Adobe Reader and Acrobat are prone to an information-disclosure vulnerability. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8451"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005926"
},
{
"db": "BID",
"id": "71565"
},
{
"db": "VULHUB",
"id": "VHN-76396"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-8451",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005926",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201412-226",
"trust": 0.7
},
{
"db": "BID",
"id": "71565",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-76396",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76396"
},
{
"db": "BID",
"id": "71565"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005926"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-226"
},
{
"db": "NVD",
"id": "CVE-2014-8451"
}
]
},
"id": "VAR-201412-0497",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-76396"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T14:27:43.483000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb14-28.html"
},
{
"title": "AdbeRdrUpd10113",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52690"
},
{
"title": "AcrobatUpd11010",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52693"
},
{
"title": "AcrobatUpd10113",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52692"
},
{
"title": "AdbeRdrUpd11010",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52691"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005926"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-226"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76396"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005926"
},
{
"db": "NVD",
"id": "CVE-2014-8451"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8451"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20141210-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140053.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8451"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=15071"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/reader/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76396"
},
{
"db": "BID",
"id": "71565"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005926"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-226"
},
{
"db": "NVD",
"id": "CVE-2014-8451"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-76396"
},
{
"db": "BID",
"id": "71565"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005926"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-226"
},
{
"db": "NVD",
"id": "CVE-2014-8451"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-10T00:00:00",
"db": "VULHUB",
"id": "VHN-76396"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71565"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005926"
},
{
"date": "2014-12-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-226"
},
{
"date": "2014-12-10T21:59:22.540000",
"db": "NVD",
"id": "CVE-2014-8451"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-76396"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71565"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005926"
},
{
"date": "2014-12-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-226"
},
{
"date": "2014-12-12T01:21:37.190000",
"db": "NVD",
"id": "CVE-2014-8451"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-226"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Unspecified JavaScript API Vulnerability in which important information is obtained",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005926"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-226"
}
],
"trust": 0.6
}
}
var-201412-0432
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE-2014-8459, and CVE-2014-8461. Adobe Reader and Acrobat are prone to an unspecified memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201412-0432",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.02"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.06"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.01"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.03"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.07"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.04"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.13)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.13)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.10)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.10)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
}
],
"sources": [
{
"db": "BID",
"id": "71577"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005937"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-237"
},
{
"db": "NVD",
"id": "CVE-2014-9158"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005937"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mateusz Jurczyk of Google Project Zero and Gynvael Coldwind of Google Security Team",
"sources": [
{
"db": "BID",
"id": "71577"
}
],
"trust": 0.3
},
"cve": "CVE-2014-9158",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-9158",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-77103",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-9158",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-9158",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201412-237",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-77103",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2014-9158",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-77103"
},
{
"db": "VULMON",
"id": "CVE-2014-9158"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005937"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-237"
},
{
"db": "NVD",
"id": "CVE-2014-9158"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE-2014-8459, and CVE-2014-8461. Adobe Reader and Acrobat are prone to an unspecified memory-corruption vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-9158"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005937"
},
{
"db": "BID",
"id": "71577"
},
{
"db": "VULHUB",
"id": "VHN-77103"
},
{
"db": "VULMON",
"id": "CVE-2014-9158"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-9158",
"trust": 2.9
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005937",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201412-237",
"trust": 0.7
},
{
"db": "BID",
"id": "71577",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-77103",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2014-9158",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-77103"
},
{
"db": "VULMON",
"id": "CVE-2014-9158"
},
{
"db": "BID",
"id": "71577"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005937"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-237"
},
{
"db": "NVD",
"id": "CVE-2014-9158"
}
]
},
"id": "VAR-201412-0432",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-77103"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T15:29:39.182000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb14-28.html"
},
{
"title": "AdbeRdrUpd10113",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52690"
},
{
"title": "AcrobatUpd11010",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52693"
},
{
"title": "AcrobatUpd10113",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52692"
},
{
"title": "AdbeRdrUpd11010",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52691"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005937"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-237"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-77103"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005937"
},
{
"db": "NVD",
"id": "CVE-2014-9158"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9158"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20141210-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140053.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-9158"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=15071"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat.html"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/94.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-77103"
},
{
"db": "VULMON",
"id": "CVE-2014-9158"
},
{
"db": "BID",
"id": "71577"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005937"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-237"
},
{
"db": "NVD",
"id": "CVE-2014-9158"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-77103"
},
{
"db": "VULMON",
"id": "CVE-2014-9158"
},
{
"db": "BID",
"id": "71577"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005937"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-237"
},
{
"db": "NVD",
"id": "CVE-2014-9158"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-10T00:00:00",
"db": "VULHUB",
"id": "VHN-77103"
},
{
"date": "2014-12-10T00:00:00",
"db": "VULMON",
"id": "CVE-2014-9158"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71577"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005937"
},
{
"date": "2014-12-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-237"
},
{
"date": "2014-12-10T21:59:32.617000",
"db": "NVD",
"id": "CVE-2014-9158"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-77103"
},
{
"date": "2014-12-12T00:00:00",
"db": "VULMON",
"id": "CVE-2014-9158"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71577"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005937"
},
{
"date": "2014-12-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-237"
},
{
"date": "2014-12-12T01:40:25.750000",
"db": "NVD",
"id": "CVE-2014-9158"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-237"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005937"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-237"
}
],
"trust": 0.6
}
}
var-201106-0031
Vulnerability from variot
Unspecified vulnerability in Adobe Reader and Acrobat before 10.1 on Windows and Mac OS X allows attackers to bypass intended access restrictions via unknown vectors. An attacker can exploit this issue to bypass intended security restrictions; this may aid in other attacks. Adobe Reader and Acrobat 10.x versions prior to 10.1 are affected.
Adobe has released Security Bulletin APSB11-17, which describes multiple vulnerabilities affecting Adobe Shockwave Player.
Adobe has released Security Bulletin APSB11-18, which describes multiple vulnerabilities affecting Adobe Flash Player.
I.
An attacker could exploit these vulnerabilities by convincing a user to open a specially crafted PDF file. The Adobe Reader browser plug-in, which can automatically open PDF documents hosted on a website, is available for multiple web browsers and operating systems.
Adobe Security Bulletin APSB11-17 describes a number of vulnerabilities affecting Adobe Shockwave Player. These vulnerabilities affect Shockwave Player 11.5.9.620 and earlier versions.
An attacker could exploit this vulnerability by convincing a user to open specially crafted Shockwave content. Shockwave content is commonly hosted on a web page, but it can also be embedded in PDF and other documents or provided as a stand-alone file.
Adobe Security Bulletin APSB11-18 describes a number of vulnerabilities affecting Adobe Flash Player. These vulnerabilities affect Flash Player 10.3.181.23 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems. These vulnerabilities also affect Flash Player 10.3.185.23 and earlier versions for Android.
An attacker could exploit this vulnerability by convincing a user to open specially crafted Flash content. Flash content is commonly hosted on a web page, but it can also be embedded in PDF and other documents or provided as a stand-alone file.
II. Impact
These vulnerabilities could allow a remote attacker to execute arbitrary code, write arbitrary files or folders to the file system, escalate local privileges, or cause a denial of service on an affected system as the result of a user opening a malicious PDF file.
If a user opens specially crafted Shockwave content, a remote attacker may be able to execute arbitrary code.
If a user opens specially crafted Flash content, a remote attacker may be able to execute arbitrary code.
III. Solution
Update Reader
Adobe has released updates to address this issue.
Update Adobe Shockwave Player
Adobe has released updates to address this issue. Users are encouraged to read Adobe Security Bulletin APSB11-17 and update vulnerable versions of Adobe Shockwave Player.
Update Adobe Flash Player
Adobe has released updates to address this issue. Users are encouraged to read Adobe Security Bulletin APSB11-18 and update vulnerable versions of Adobe Adobe Flash Player.
Disable Flash in your web browser
Uninstall Flash or restrict which sites are allowed to run Flash. To the extent possible, only run trusted Flash content on trusted domains. For more information, see Securing Your Web Browser.
Disable Flash in Adobe Reader and Acrobat
Disabling Flash in Adobe Reader will mitigate attacks that rely on Flash content embedded in a PDF file. Disabling 3D & Multimedia support does not directly address the vulnerability, but it does provide additional mitigation and results in a more user-friendly error message instead of a crash. To disable Flash and 3D & Multimedia support in Adobe Reader 9, delete, rename, or remove access to these files:
Microsoft Windows "%ProgramFiles%\Adobe\Reader 9.0\Reader\authplay.dll" "%ProgramFiles%\Adobe\Reader 9.0\Reader\rt3d.dll"
Apple Mac OS X "/Applications/Adobe Reader 9/Adobe Reader.app/Contents/Frameworks/AuthPlayLib.bundle" "/Applications/Adobe Reader 9/Adobe Reader.app/Contents/Frameworks/Adobe3D.framework"
GNU/Linux (locations may vary among distributions) "/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so" "/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so"
File locations may be different for Adobe Acrobat or other Adobe products that include Flash and 3D & Multimedia support. Disabling these plugins will reduce functionality and will not protect against Flash content hosted on websites. Depending on the update schedule for products other than Flash Player, consider leaving Flash and 3D & Multimedia support disabled unless they are absolutely required.
Disable JavaScript in Adobe Reader and Acrobat
Disabling JavaScript may prevent some exploits from resulting in code execution. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Adobe provides a framework to blacklist specific JavaScipt APIs. If JavaScript must be enabled, this feature may be useful when specific APIs are known to be vulnerable or used in attacks.
Prevent Internet Explorer from automatically opening PDF files
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7] "EditFlags"=hex:00,00,00,00
Disable the display of PDF files in the web browser
Preventing PDF files from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF files from automatically being opened in a web browser, do the following:
- Open the Edit menu.
- Choose the Preferences option.
- Choose the Internet section.
- Uncheck the "Display PDF in browser" checkbox.
Do not access PDF files from untrusted sources
Do not open unfamiliar or unexpected PDF files, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. References
-
Security update available for Adobe Reader and Acrobat - http://www.adobe.com/support/security/bulletins/apsb11-16.html
-
Adobe Reader and Acrobat JavaScript Blacklist Framework - http://kb2.adobe.com/cps/504/cpsid_50431.html
-
Security update available for Adobe Flash Player - http://www.adobe.com/support/security/bulletins/apsb11-18.html
-
Security update available for Adobe Shockwave Player - http://www.adobe.com/support/security/bulletins/apsb11-17.html
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA11-166A.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA11-166A Feedback" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2011 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
June 15, 2011: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBTfjkdz6pPKYJORa3AQL96Af/bfXjpbygssCruFOpIPCRkp2YprLJLjjc D+ydEKvBTLYUqm5QgUD99bKwcUjQvwbZRuQDM2hhb49+TeTQPWR3gKvSqasviAC9 wu73HEw6I5ystOW/v0m+IglgbQH6qBr1VdycxOQf3z63sWbt4XafBpbY3t4klcfj Wc9ysRAY0RbInH5oyxJrOZz68OFUJj+ZsJw7wvnC3kgd3r6Q92nEM0cAiuNxmk0l 4g+HR0LuQRrgurAiX/zdAylByhOVmzBAqHhPk9pEdlf6XgEAhu/nSHrPa9jD+YKh DtDSf9ETAnsqjY7zjP1RdgjcUU1HbzU1Egs3LOy33zfHEzKZZJe2QA== =p3nZ -----END PGP SIGNATURE----- . ----------------------------------------------------------------------
Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA43269
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43269/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43269
RELEASE DATE: 2011-06-16
DISCUSS ADVISORY: http://secunia.com/advisories/43269/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43269/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43269
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader / Acrobat, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, bypass certain security restrictions, and compromise a user's system.
1) An error in 3difr.x3d due to the component trusting the provided string length when processing certain files can be exploited to cause a stack-based buffer overflow.
2) An error in tesselate.x3d due to the component trusting the provided string length when processing certain files can be exploited to cause a stack-based buffer overflow.
3) An unspecified error can be exploited to cause a heap-based buffer overflow.
4) An integer overflow error in ACE.dll when parsing the "desc" ICC chunk can be exploited to corrupt memory via a specially crafted PDF file.
5) An unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to corrupt memory.
7) An error due to the application loading certain unspecified libraries in an insecure manner can be exploited to load arbitrary libraries by tricking a user into e.g. opening a file located on a remote WebDAV or SMB share.
8) Certain unspecified input is not properly sanitised and can be exploited to execute arbitrary script code.
10) An unspecified error can be exploited to corrupt memory.
11) An unspecified error can be exploited to corrupt memory.
12) An unspecified error can be exploited to corrupt memory.
13) An unspecified error can be exploited to corrupt memory.
SOLUTION: Apply updates (please see the vendor's advisory for details).
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1, 2) An anonymous person via ZDI. 4) Secunia Research.
The vendor also credits: 3, 6) Tarjei Mandt, Norman. 5) Rodrigo Rubira Branco. 7) Mila Parkour. 8) Billy Rios, Google Security Team. 9) Christian Navarrete, CubilFelino Security Research Lab. 10) Tavis Ormandy, Google Security Team. 11) Brett Gervasoni, Sense of Security. 12) Will Dormann, CERT/CC. 13) James Quirk, Los Alamos, New Mexico.
ORIGINAL ADVISORY: Adobe (APSB11-16): http://www.adobe.com/support/security/bulletins/apsb11-16.html
Secunia Research: http://secunia.com/secunia_research/2011-41/
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-218/ http://www.zerodayinitiative.com/advisories/ZDI-11-219/
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201106-0031",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0.3) for windows and macintosh"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0.1) for windows"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0.3) for macintosh"
},
{
"model": "turbolinux client",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2008"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
}
],
"sources": [
{
"db": "BID",
"id": "48253"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001787"
},
{
"db": "CNNVD",
"id": "CNNVD-201106-136"
},
{
"db": "NVD",
"id": "CVE-2011-2102"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_client",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001787"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Christian Navarrete of CubilFelino Security Research Lab",
"sources": [
{
"db": "BID",
"id": "48253"
},
{
"db": "CNNVD",
"id": "CNNVD-201106-136"
}
],
"trust": 0.9
},
"cve": "CVE-2011-2102",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2011-2102",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-50047",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-2102",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-2102",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201106-136",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-50047",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50047"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001787"
},
{
"db": "CNNVD",
"id": "CNNVD-201106-136"
},
{
"db": "NVD",
"id": "CVE-2011-2102"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in Adobe Reader and Acrobat before 10.1 on Windows and Mac OS X allows attackers to bypass intended access restrictions via unknown vectors. \nAn attacker can exploit this issue to bypass intended security restrictions; this may aid in other attacks. \nAdobe Reader and Acrobat 10.x versions prior to 10.1 are affected. \n\n Adobe has released Security Bulletin APSB11-17, which describes\n multiple vulnerabilities affecting Adobe Shockwave Player. \n\n Adobe has released Security Bulletin APSB11-18, which describes\n multiple vulnerabilities affecting Adobe Flash Player. \n\n\nI. \n\n An attacker could exploit these vulnerabilities by convincing a\n user to open a specially crafted PDF file. The Adobe Reader browser\n plug-in, which can automatically open PDF documents hosted on a\n website, is available for multiple web browsers and operating\n systems. \n\n Adobe Security Bulletin APSB11-17 describes a number of\n vulnerabilities affecting Adobe Shockwave Player. These\n vulnerabilities affect Shockwave Player 11.5.9.620 and earlier\n versions. \n\n An attacker could exploit this vulnerability by convincing a user\n to open specially crafted Shockwave content. Shockwave content is\n commonly hosted on a web page, but it can also be embedded in PDF\n and other documents or provided as a stand-alone file. \n\n Adobe Security Bulletin APSB11-18 describes a number of\n vulnerabilities affecting Adobe Flash Player. These vulnerabilities\n affect Flash Player 10.3.181.23 and earlier versions for Windows,\n Macintosh, Linux and Solaris operating systems. These\n vulnerabilities also affect Flash Player 10.3.185.23 and earlier\n versions for Android. \n\n An attacker could exploit this vulnerability by convincing a user\n to open specially crafted Flash content. Flash content is commonly\n hosted on a web page, but it can also be embedded in PDF and other\n documents or provided as a stand-alone file. \n\n\nII. Impact\n\n These vulnerabilities could allow a remote attacker to execute\n arbitrary code, write arbitrary files or folders to the file\n system, escalate local privileges, or cause a denial of service on\n an affected system as the result of a user opening a malicious PDF\n file. \n\n If a user opens specially crafted Shockwave content, a remote\n attacker may be able to execute arbitrary code. \n\n If a user opens specially crafted Flash content, a remote attacker\n may be able to execute arbitrary code. \n\n\nIII. Solution\n\n Update Reader\n\n Adobe has released updates to address this issue. \n\n Update Adobe Shockwave Player\n\n Adobe has released updates to address this issue. Users are\n encouraged to read Adobe Security Bulletin APSB11-17 and update\n vulnerable versions of Adobe Shockwave Player. \n\n Update Adobe Flash Player\n\n Adobe has released updates to address this issue. Users are\n encouraged to read Adobe Security Bulletin APSB11-18 and update\n vulnerable versions of Adobe Adobe Flash Player. \n\n Disable Flash in your web browser\n\n Uninstall Flash or restrict which sites are allowed to run Flash. \n To the extent possible, only run trusted Flash content on trusted\n domains. For more information, see Securing Your Web Browser. \n\n Disable Flash in Adobe Reader and Acrobat\n\n Disabling Flash in Adobe Reader will mitigate attacks that rely on\n Flash content embedded in a PDF file. Disabling 3D \u0026 Multimedia\n support does not directly address the vulnerability, but it does\n provide additional mitigation and results in a more user-friendly\n error message instead of a crash. To disable Flash and 3D \u0026\n Multimedia support in Adobe Reader 9, delete, rename, or remove\n access to these files:\n\n Microsoft Windows\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\authplay.dll\"\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\rt3d.dll\"\n\n Apple Mac OS X\n \"/Applications/Adobe Reader 9/Adobe Reader.app/Contents/Frameworks/AuthPlayLib.bundle\"\n \"/Applications/Adobe Reader 9/Adobe Reader.app/Contents/Frameworks/Adobe3D.framework\"\n\n GNU/Linux (locations may vary among distributions)\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so\"\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so\"\n\n File locations may be different for Adobe Acrobat or other Adobe\n products that include Flash and 3D \u0026 Multimedia support. Disabling\n these plugins will reduce functionality and will not protect\n against Flash content hosted on websites. Depending on the update\n schedule for products other than Flash Player, consider leaving\n Flash and 3D \u0026 Multimedia support disabled unless they are\n absolutely required. \n\n Disable JavaScript in Adobe Reader and Acrobat\n\n Disabling JavaScript may prevent some exploits from resulting in\n code execution. Acrobat JavaScript can be disabled using the\n Preferences menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable\n Acrobat JavaScript). \n\n Adobe provides a framework to blacklist specific JavaScipt APIs. If\n JavaScript must be enabled, this feature may be useful when\n specific APIs are known to be vulnerable or used in attacks. \n\n Prevent Internet Explorer from automatically opening PDF files\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF files in the web browser\n\n Preventing PDF files from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF files from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. \n\n Do not access PDF files from untrusted sources\n\n Do not open unfamiliar or unexpected PDF files, particularly those\n hosted on websites or delivered as email attachments. Please see\n Cyber Security Tip ST04-010. \n\n\nIV. References\n\n * Security update available for Adobe Reader and Acrobat -\n \u003chttp://www.adobe.com/support/security/bulletins/apsb11-16.html\u003e\n\n * Adobe Reader and Acrobat JavaScript Blacklist Framework -\n \u003chttp://kb2.adobe.com/cps/504/cpsid_50431.html\u003e\n\n * Security update available for Adobe Flash Player -\n \u003chttp://www.adobe.com/support/security/bulletins/apsb11-18.html\u003e\n\n * Security update available for Adobe Shockwave Player -\n \u003chttp://www.adobe.com/support/security/bulletins/apsb11-17.html\u003e\n\n ____________________________________________________________________\n\n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA11-166A.html\u003e\n ____________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA11-166A Feedback\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2011 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n June 15, 2011: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBTfjkdz6pPKYJORa3AQL96Af/bfXjpbygssCruFOpIPCRkp2YprLJLjjc\nD+ydEKvBTLYUqm5QgUD99bKwcUjQvwbZRuQDM2hhb49+TeTQPWR3gKvSqasviAC9\nwu73HEw6I5ystOW/v0m+IglgbQH6qBr1VdycxOQf3z63sWbt4XafBpbY3t4klcfj\nWc9ysRAY0RbInH5oyxJrOZz68OFUJj+ZsJw7wvnC3kgd3r6Q92nEM0cAiuNxmk0l\n4g+HR0LuQRrgurAiX/zdAylByhOVmzBAqHhPk9pEdlf6XgEAhu/nSHrPa9jD+YKh\nDtDSf9ETAnsqjY7zjP1RdgjcUU1HbzU1Egs3LOy33zfHEzKZZJe2QA==\n=p3nZ\n-----END PGP SIGNATURE-----\n. ----------------------------------------------------------------------\n\n\nJoin Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria\nSee to the presentation \"The Dynamics and Threats of End-Point Software Portfolios\" by Secunia\u0027s Research Analyst Director, Stefan Frei. \nRead more:\nhttp://conference.first.org/ \n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA43269\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43269/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43269\n\nRELEASE DATE:\n2011-06-16\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43269/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43269/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43269\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader /\nAcrobat, which can be exploited by malicious people to conduct\ncross-site scripting attacks, disclose potentially sensitive\ninformation, bypass certain security restrictions, and compromise a\nuser\u0027s system. \n\n1) An error in 3difr.x3d due to the component trusting the provided\nstring length when processing certain files can be exploited to cause\na stack-based buffer overflow. \n\n2) An error in tesselate.x3d due to the component trusting the\nprovided string length when processing certain files can be exploited\nto cause a stack-based buffer overflow. \n\n3) An unspecified error can be exploited to cause a heap-based buffer\noverflow. \n\n4) An integer overflow error in ACE.dll when parsing the \"desc\" ICC\nchunk can be exploited to corrupt memory via a specially crafted PDF\nfile. \n\n5) An unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to corrupt memory. \n\n7) An error due to the application loading certain unspecified\nlibraries in an insecure manner can be exploited to load arbitrary\nlibraries by tricking a user into e.g. opening a file located on a\nremote WebDAV or SMB share. \n\n8) Certain unspecified input is not properly sanitised and can be\nexploited to execute arbitrary script code. \n\n10) An unspecified error can be exploited to corrupt memory. \n\n11) An unspecified error can be exploited to corrupt memory. \n\n12) An unspecified error can be exploited to corrupt memory. \n\n13) An unspecified error can be exploited to corrupt memory. \n\nSOLUTION:\nApply updates (please see the vendor\u0027s advisory for details). \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1, 2) An anonymous person via ZDI. \n4) Secunia Research. \n\nThe vendor also credits:\n3, 6) Tarjei Mandt, Norman. \n5) Rodrigo Rubira Branco. \n7) Mila Parkour. \n8) Billy Rios, Google Security Team. \n9) Christian Navarrete, CubilFelino Security Research Lab. \n10) Tavis Ormandy, Google Security Team. \n11) Brett Gervasoni, Sense of Security. \n12) Will Dormann, CERT/CC. \n13) James Quirk, Los Alamos, New Mexico. \n\nORIGINAL ADVISORY:\nAdobe (APSB11-16):\nhttp://www.adobe.com/support/security/bulletins/apsb11-16.html\n\nSecunia Research:\nhttp://secunia.com/secunia_research/2011-41/\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-218/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-219/\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2102"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001787"
},
{
"db": "BID",
"id": "48253"
},
{
"db": "VULHUB",
"id": "VHN-50047"
},
{
"db": "PACKETSTORM",
"id": "102327"
},
{
"db": "PACKETSTORM",
"id": "102309"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-2102",
"trust": 2.8
},
{
"db": "BID",
"id": "48253",
"trust": 2.8
},
{
"db": "USCERT",
"id": "TA11-166A",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1025658",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "43269",
"trust": 1.6
},
{
"db": "OSVDB",
"id": "73064",
"trust": 1.1
},
{
"db": "USCERT",
"id": "SA11-166A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001787",
"trust": 0.8
},
{
"db": "NSFOCUS",
"id": "17025",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201106-136",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-50047",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "102327",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-218",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-219",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "102309",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50047"
},
{
"db": "BID",
"id": "48253"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001787"
},
{
"db": "PACKETSTORM",
"id": "102327"
},
{
"db": "PACKETSTORM",
"id": "102309"
},
{
"db": "CNNVD",
"id": "CNNVD-201106-136"
},
{
"db": "NVD",
"id": "CVE-2011-2102"
}
]
},
"id": "VAR-201106-0031",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-50047"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:35:11.597000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-16",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-16.html"
},
{
"title": "APSB11-16 (cpsid_90735)",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/907/cpsid_90735.html"
},
{
"title": "APSB11-16",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb11-16.html"
},
{
"title": "TLSA-2011-20",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-20j.txt"
},
{
"title": "TA11-166A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta11-166a.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001787"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2102"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/48253"
},
{
"trust": 2.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-16.html"
},
{
"trust": 1.9,
"url": "http://www.us-cert.gov/cas/techalerts/ta11-166a.html"
},
{
"trust": 1.4,
"url": "http://secunia.com/advisories/43269"
},
{
"trust": 1.1,
"url": "http://osvdb.org/73064"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14004"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1025658"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68016"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2102"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2011/at110017.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta11-166a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2102"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id/1025658"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa11-166a.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/17025"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-17.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta11-166a.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-18.html\u003e"
},
{
"trust": 0.1,
"url": "http://kb2.adobe.com/cps/504/cpsid_50431.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-16.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43269/"
},
{
"trust": 0.1,
"url": "http://conference.first.org/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43269/#comments"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-218/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-219/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_research/2011-41/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43269"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50047"
},
{
"db": "BID",
"id": "48253"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001787"
},
{
"db": "PACKETSTORM",
"id": "102327"
},
{
"db": "PACKETSTORM",
"id": "102309"
},
{
"db": "CNNVD",
"id": "CNNVD-201106-136"
},
{
"db": "NVD",
"id": "CVE-2011-2102"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-50047"
},
{
"db": "BID",
"id": "48253"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001787"
},
{
"db": "PACKETSTORM",
"id": "102327"
},
{
"db": "PACKETSTORM",
"id": "102309"
},
{
"db": "CNNVD",
"id": "CNNVD-201106-136"
},
{
"db": "NVD",
"id": "CVE-2011-2102"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-06-16T00:00:00",
"db": "VULHUB",
"id": "VHN-50047"
},
{
"date": "2011-06-14T00:00:00",
"db": "BID",
"id": "48253"
},
{
"date": "2011-06-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001787"
},
{
"date": "2011-06-16T10:27:51",
"db": "PACKETSTORM",
"id": "102327"
},
{
"date": "2011-06-16T02:14:44",
"db": "PACKETSTORM",
"id": "102309"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201106-136"
},
{
"date": "2011-06-16T23:55:01.870000",
"db": "NVD",
"id": "CVE-2011-2102"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-50047"
},
{
"date": "2011-06-14T00:00:00",
"db": "BID",
"id": "48253"
},
{
"date": "2011-06-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001787"
},
{
"date": "2011-06-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201106-136"
},
{
"date": "2017-09-19T01:32:53.693000",
"db": "NVD",
"id": "CVE-2011-2102"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201106-136"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to access restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001787"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201106-136"
}
],
"trust": 0.6
}
}
var-201412-0494
Vulnerability from variot
Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8457 and CVE-2014-9159. This vulnerability CVE-2014-8457 and CVE-2014-9159 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts likely result in denial-of-service conditions. The affected products are: Adobe Reader 11.x versions prior to 11.0.10 Adobe Reader 10.x versions prior to 10.1.13 Adobe Acrobat 11.x versions prior to 11.0.10 Adobe Acrobat 10.x versions prior to 10.1.13. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201412-0494",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.02"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.01"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.03"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.07"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.04"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.06"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.13)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.13)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.10)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.10)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "71579"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005935"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-235"
},
{
"db": "NVD",
"id": "CVE-2014-8460"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005935"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mateusz Jurczyk of Google Project Zero and Gynvael Coldwind of Google Security Team.",
"sources": [
{
"db": "BID",
"id": "71579"
}
],
"trust": 0.3
},
"cve": "CVE-2014-8460",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-8460",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-76405",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-8460",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-8460",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201412-235",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-76405",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76405"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005935"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-235"
},
{
"db": "NVD",
"id": "CVE-2014-8460"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8457 and CVE-2014-9159. This vulnerability CVE-2014-8457 and CVE-2014-9159 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts likely result in denial-of-service conditions. \nThe affected products are:\nAdobe Reader 11.x versions prior to 11.0.10\nAdobe Reader 10.x versions prior to 10.1.13\nAdobe Acrobat 11.x versions prior to 11.0.10\nAdobe Acrobat 10.x versions prior to 10.1.13. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8460"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005935"
},
{
"db": "BID",
"id": "71579"
},
{
"db": "VULHUB",
"id": "VHN-76405"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-8460",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005935",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201412-235",
"trust": 0.7
},
{
"db": "BID",
"id": "71579",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-76405",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76405"
},
{
"db": "BID",
"id": "71579"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005935"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-235"
},
{
"db": "NVD",
"id": "CVE-2014-8460"
}
]
},
"id": "VAR-201412-0494",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-76405"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T14:34:00.223000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb14-28.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005935"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76405"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005935"
},
{
"db": "NVD",
"id": "CVE-2014-8460"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8460"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20141210-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140053.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8460"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=15071"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76405"
},
{
"db": "BID",
"id": "71579"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005935"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-235"
},
{
"db": "NVD",
"id": "CVE-2014-8460"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-76405"
},
{
"db": "BID",
"id": "71579"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005935"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-235"
},
{
"db": "NVD",
"id": "CVE-2014-8460"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-10T00:00:00",
"db": "VULHUB",
"id": "VHN-76405"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71579"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005935"
},
{
"date": "2014-12-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-235"
},
{
"date": "2014-12-10T21:59:30.790000",
"db": "NVD",
"id": "CVE-2014-8460"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-76405"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71579"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005935"
},
{
"date": "2014-12-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-235"
},
{
"date": "2014-12-12T01:36:58.823000",
"db": "NVD",
"id": "CVE-2014-8460"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-235"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Heap-based buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005935"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-235"
}
],
"trust": 0.6
}
}
var-201412-0499
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8446, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE-2014-8459, CVE-2014-8461, and CVE-2014-9158. Adobe Reader and Acrobat are prone to an unspecified memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201412-0499",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.06"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.02"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.07"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.04"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.01"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.03"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.13)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.13)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.10)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.10)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "71561"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005921"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-221"
},
{
"db": "NVD",
"id": "CVE-2014-8445"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005921"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wei Lei and Wu Hongjun of Nanyang Technological University",
"sources": [
{
"db": "BID",
"id": "71561"
}
],
"trust": 0.3
},
"cve": "CVE-2014-8445",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-8445",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-76390",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-8445",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-8445",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201412-221",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-76390",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76390"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005921"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-221"
},
{
"db": "NVD",
"id": "CVE-2014-8445"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8446, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE-2014-8459, CVE-2014-8461, and CVE-2014-9158. Adobe Reader and Acrobat are prone to an unspecified memory-corruption vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8445"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005921"
},
{
"db": "BID",
"id": "71561"
},
{
"db": "VULHUB",
"id": "VHN-76390"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-8445",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005921",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201412-221",
"trust": 0.7
},
{
"db": "BID",
"id": "71561",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-76390",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76390"
},
{
"db": "BID",
"id": "71561"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005921"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-221"
},
{
"db": "NVD",
"id": "CVE-2014-8445"
}
]
},
"id": "VAR-201412-0499",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-76390"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T14:40:14.197000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb14-28.html"
},
{
"title": "AdbeRdrUpd10113",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52690"
},
{
"title": "AcrobatUpd11010",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52693"
},
{
"title": "AcrobatUpd10113",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52692"
},
{
"title": "AdbeRdrUpd11010",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52691"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005921"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-221"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76390"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005921"
},
{
"db": "NVD",
"id": "CVE-2014-8445"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8445"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20141210-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140053.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8445"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=15071"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat.html"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76390"
},
{
"db": "BID",
"id": "71561"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005921"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-221"
},
{
"db": "NVD",
"id": "CVE-2014-8445"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-76390"
},
{
"db": "BID",
"id": "71561"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005921"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-221"
},
{
"db": "NVD",
"id": "CVE-2014-8445"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-10T00:00:00",
"db": "VULHUB",
"id": "VHN-76390"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71561"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005921"
},
{
"date": "2014-12-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-221"
},
{
"date": "2014-12-10T21:59:18.337000",
"db": "NVD",
"id": "CVE-2014-8445"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-76390"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71561"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005921"
},
{
"date": "2014-12-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-221"
},
{
"date": "2014-12-12T00:43:44.443000",
"db": "NVD",
"id": "CVE-2014-8445"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-221"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005921"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-221"
}
],
"trust": 0.6
}
}
var-201601-0598
Vulnerability from variot
Use-after-free vulnerability in the OCG object implementation in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0932, CVE-2016-0934, CVE-2016-0940, and CVE-2016-0941. This vulnerability CVE-2016-0932 , CVE-2016-0934 , CVE-2016-0940 ,and CVE-2016-0941 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of OCG objects. A specially crafted PDF with a specific OCG action can force a dangling pointer to be reused after it has been freed. Adobe Acrobat and Reader are prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A use-after-free vulnerability exists in the OCG object implementation of several Adobe products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201601-0598",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.14 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30119 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20056 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30119 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20056 (windows/macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.14 (windows/macintosh)"
},
{
"model": "acrobat pro dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.006.30097"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-011"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001039"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-237"
},
{
"db": "NVD",
"id": "CVE-2016-0937"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001039"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-011"
}
],
"trust": 0.7
},
"cve": "CVE-2016-0937",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0937",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0937",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-88447",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2016-0937",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-0937",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-0937",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2016-0937",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-237",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-88447",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-011"
},
{
"db": "VULHUB",
"id": "VHN-88447"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001039"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-237"
},
{
"db": "NVD",
"id": "CVE-2016-0937"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in the OCG object implementation in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0932, CVE-2016-0934, CVE-2016-0940, and CVE-2016-0941. This vulnerability CVE-2016-0932 , CVE-2016-0934 , CVE-2016-0940 ,and CVE-2016-0941 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of OCG objects. A specially crafted PDF with a specific OCG action can force a dangling pointer to be reused after it has been freed. Adobe Acrobat and Reader are prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A use-after-free vulnerability exists in the OCG object implementation of several Adobe products",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0937"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001039"
},
{
"db": "ZDI",
"id": "ZDI-16-011"
},
{
"db": "BID",
"id": "80358"
},
{
"db": "VULHUB",
"id": "VHN-88447"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0937",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-16-011",
"trust": 2.7
},
{
"db": "SECTRACK",
"id": "1034646",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001039",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3312",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201601-237",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-008",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-016",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-010",
"trust": 0.3
},
{
"db": "BID",
"id": "80358",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-88447",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-011"
},
{
"db": "VULHUB",
"id": "VHN-88447"
},
{
"db": "BID",
"id": "80358"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001039"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-237"
},
{
"db": "NVD",
"id": "CVE-2016-0937"
}
]
},
"id": "VAR-201601-0598",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88447"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:32:58.178000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-02",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
},
{
"title": "APSB16-02",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb16-02.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160114.html"
},
{
"title": "Multiple Adobe Remediation measures for reusing vulnerabilities after product release",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59584"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-011"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001039"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-237"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001039"
},
{
"db": "NVD",
"id": "CVE-2016-0937"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
},
{
"trust": 1.7,
"url": "http://zerodayinitiative.com/advisories/zdi-16-011"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1034646"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0937"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160113-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160003.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0937"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17575"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "https://helpx.adobe.com/security/products/reader/apsb16-02.html"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-008/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-010/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-011/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-016/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-011"
},
{
"db": "VULHUB",
"id": "VHN-88447"
},
{
"db": "BID",
"id": "80358"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001039"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-237"
},
{
"db": "NVD",
"id": "CVE-2016-0937"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-16-011"
},
{
"db": "VULHUB",
"id": "VHN-88447"
},
{
"db": "BID",
"id": "80358"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001039"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-237"
},
{
"db": "NVD",
"id": "CVE-2016-0937"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-12T00:00:00",
"db": "ZDI",
"id": "ZDI-16-011"
},
{
"date": "2016-01-14T00:00:00",
"db": "VULHUB",
"id": "VHN-88447"
},
{
"date": "2016-01-12T00:00:00",
"db": "BID",
"id": "80358"
},
{
"date": "2016-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001039"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-237"
},
{
"date": "2016-01-14T05:59:06.157000",
"db": "NVD",
"id": "CVE-2016-0937"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-12T00:00:00",
"db": "ZDI",
"id": "ZDI-16-011"
},
{
"date": "2016-12-07T00:00:00",
"db": "VULHUB",
"id": "VHN-88447"
},
{
"date": "2016-01-14T23:58:00",
"db": "BID",
"id": "80358"
},
{
"date": "2016-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001039"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-237"
},
{
"date": "2016-12-07T23:43:53.007000",
"db": "NVD",
"id": "CVE-2016-0937"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-237"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of OCG Vulnerability in arbitrary code execution in object implementation",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001039"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-237"
}
],
"trust": 0.6
}
}
var-201405-0212
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X do not properly implement JavaScript APIs, which allows remote attackers to obtain sensitive information via a crafted PDF document. Adobe Reader and Acrobat are prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. The following products are affected: Adobe Reader 11.x versions prior to 11.0.07 Adobe Reader 10.x versions prior to 10.1.10 Adobe Acrobat 11.x versions prior to 11.0.07 Adobe Acrobat 10.x versions prior to 10.1.10. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The vulnerability stems from the program's incorrect implementation of JavaScript APIs
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201405-0212",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.07)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.10)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.07)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.10)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "67363"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002481"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-246"
},
{
"db": "NVD",
"id": "CVE-2014-0521"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002481"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "G\u00e1bor Moln\u00e1r of Ukatemi",
"sources": [
{
"db": "BID",
"id": "67363"
}
],
"trust": 0.3
},
"cve": "CVE-2014-0521",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2014-0521",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-68014",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-0521",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-0521",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201405-246",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-68014",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2014-0521",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68014"
},
{
"db": "VULMON",
"id": "CVE-2014-0521"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002481"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-246"
},
{
"db": "NVD",
"id": "CVE-2014-0521"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X do not properly implement JavaScript APIs, which allows remote attackers to obtain sensitive information via a crafted PDF document. Adobe Reader and Acrobat are prone to an information-disclosure vulnerability. \nAn attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. \nThe following products are affected:\nAdobe Reader 11.x versions prior to 11.0.07\nAdobe Reader 10.x versions prior to 10.1.10\nAdobe Acrobat 11.x versions prior to 11.0.07\nAdobe Acrobat 10.x versions prior to 10.1.10. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The vulnerability stems from the program\u0027s incorrect implementation of JavaScript APIs",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0521"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002481"
},
{
"db": "BID",
"id": "67363"
},
{
"db": "VULHUB",
"id": "VHN-68014"
},
{
"db": "VULMON",
"id": "CVE-2014-0521"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0521",
"trust": 2.9
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002481",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201405-246",
"trust": 0.7
},
{
"db": "BID",
"id": "67363",
"trust": 0.5
},
{
"db": "VULHUB",
"id": "VHN-68014",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2014-0521",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68014"
},
{
"db": "VULMON",
"id": "CVE-2014-0521"
},
{
"db": "BID",
"id": "67363"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002481"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-246"
},
{
"db": "NVD",
"id": "CVE-2014-0521"
}
]
},
"id": "VAR-201405-0212",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-68014"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T14:14:11.628000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB14-15",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-15.html"
},
{
"title": "APSB14-15",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb14-15.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20140515.html"
},
{
"title": "AdbeRdrUpd11007_MUI",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=49944"
},
{
"title": "AcrobatUpd11007",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=49948"
},
{
"title": "AdbeRdrUpd10110",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=49943"
},
{
"title": "AcrobatUpd10110",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=49947"
},
{
"title": "AdbeRdrUpd10110_MUI",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=49942"
},
{
"title": "cve-2014-0521",
"trust": 0.1,
"url": "https://github.com/molnarg/cve-2014-0521 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/0xCyberY/CVE-T4PDF "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0521"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002481"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-246"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68014"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002481"
},
{
"db": "NVD",
"id": "CVE-2014-0521"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-15.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0521"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20140514-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140023.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0521"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=13798"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/reader/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://github.com/molnarg/cve-2014-0521"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.securityfocus.com/bid/67363"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68014"
},
{
"db": "VULMON",
"id": "CVE-2014-0521"
},
{
"db": "BID",
"id": "67363"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002481"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-246"
},
{
"db": "NVD",
"id": "CVE-2014-0521"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-68014"
},
{
"db": "VULMON",
"id": "CVE-2014-0521"
},
{
"db": "BID",
"id": "67363"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002481"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-246"
},
{
"db": "NVD",
"id": "CVE-2014-0521"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-05-14T00:00:00",
"db": "VULHUB",
"id": "VHN-68014"
},
{
"date": "2014-05-14T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0521"
},
{
"date": "2014-05-13T00:00:00",
"db": "BID",
"id": "67363"
},
{
"date": "2014-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002481"
},
{
"date": "2014-05-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-246"
},
{
"date": "2014-05-14T11:13:05.070000",
"db": "NVD",
"id": "CVE-2014-0521"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-05-14T00:00:00",
"db": "VULHUB",
"id": "VHN-68014"
},
{
"date": "2014-05-14T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0521"
},
{
"date": "2014-05-13T00:00:00",
"db": "BID",
"id": "67363"
},
{
"date": "2014-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002481"
},
{
"date": "2014-05-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-246"
},
{
"date": "2014-05-14T13:23:15.133000",
"db": "NVD",
"id": "CVE-2014-0521"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201405-246"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerability in which important information is obtained",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002481"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201405-246"
}
],
"trust": 0.6
}
}
var-201510-0336
Vulnerability from variot
The CBSharedReviewCloseDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the CBSharedReviewCloseDialog method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the CBSharedReviewCloseDialog method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0336",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-504"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005276"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-232"
},
{
"db": "NVD",
"id": "CVE-2015-6719"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005276"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Matt Molinyawe and Jasiel Spelman of HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-504"
}
],
"trust": 0.7
},
"cve": "CVE-2015-6719",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6719",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.7,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-6719",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84680",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6719",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6719",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-6719",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-232",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-84680",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-504"
},
{
"db": "VULHUB",
"id": "VHN-84680"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005276"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-232"
},
{
"db": "NVD",
"id": "CVE-2015-6719"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The CBSharedReviewCloseDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the CBSharedReviewCloseDialog method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the CBSharedReviewCloseDialog method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6719"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005276"
},
{
"db": "ZDI",
"id": "ZDI-15-504"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "VULHUB",
"id": "VHN-84680"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6719",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-504",
"trust": 2.4
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005276",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3088",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-232",
"trust": 0.7
},
{
"db": "BID",
"id": "77074",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84680",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-504"
},
{
"db": "VULHUB",
"id": "VHN-84680"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005276"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-232"
},
{
"db": "NVD",
"id": "CVE-2015-6719"
}
]
},
"id": "VAR-201510-0336",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84680"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:37.188000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product Privilege License and Access Control Vulnerability Fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58081"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-504"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005276"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-232"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84680"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005276"
},
{
"db": "NVD",
"id": "CVE-2015-6719"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-504"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6719"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6719"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-504"
},
{
"db": "VULHUB",
"id": "VHN-84680"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005276"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-232"
},
{
"db": "NVD",
"id": "CVE-2015-6719"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-504"
},
{
"db": "VULHUB",
"id": "VHN-84680"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005276"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-232"
},
{
"db": "NVD",
"id": "CVE-2015-6719"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-504"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84680"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005276"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-232"
},
{
"date": "2015-10-14T23:59:40.680000",
"db": "NVD",
"id": "CVE-2015-6719"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-504"
},
{
"date": "2020-05-18T00:00:00",
"db": "VULHUB",
"id": "VHN-84680"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005276"
},
{
"date": "2020-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-232"
},
{
"date": "2021-09-08T17:19:32.313000",
"db": "NVD",
"id": "CVE-2015-6719"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-232"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of CBSharedReviewCloseDialog In the method JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005276"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-232"
}
],
"trust": 0.6
}
}
var-201505-0307
Vulnerability from variot
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3053, CVE-2015-3054, CVE-2015-3059, and CVE-2015-3075. This vulnerability CVE-2015-3053 , CVE-2015-3054 , CVE-2015-3059 ,and CVE-2015-3075 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of Fields. A specially crafted PDF with specific Fields embedded can force a dangling pointer to be reused after it has been freed. Failed exploit attempts will likely result in denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201505-0307",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-213"
},
{
"db": "BID",
"id": "74602"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002633"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-168"
},
{
"db": "NVD",
"id": "CVE-2015-3055"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002633"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-213"
}
],
"trust": 0.7
},
"cve": "CVE-2015-3055",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3055",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-3055",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-3055",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-81016",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3055",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-3055",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-3055",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-168",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-81016",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-213"
},
{
"db": "VULHUB",
"id": "VHN-81016"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002633"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-168"
},
{
"db": "NVD",
"id": "CVE-2015-3055"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3053, CVE-2015-3054, CVE-2015-3059, and CVE-2015-3075. This vulnerability CVE-2015-3053 , CVE-2015-3054 , CVE-2015-3059 ,and CVE-2015-3075 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of Fields. A specially crafted PDF with specific Fields embedded can force a dangling pointer to be reused after it has been freed. Failed exploit attempts will likely result in denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3055"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002633"
},
{
"db": "ZDI",
"id": "ZDI-15-213"
},
{
"db": "BID",
"id": "74602"
},
{
"db": "VULHUB",
"id": "VHN-81016"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3055",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-213",
"trust": 1.8
},
{
"db": "BID",
"id": "74602",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1032284",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002633",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2733",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201505-168",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-81016",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-213"
},
{
"db": "VULHUB",
"id": "VHN-81016"
},
{
"db": "BID",
"id": "74602"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002633"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-168"
},
{
"db": "NVD",
"id": "CVE-2015-3055"
}
]
},
"id": "VAR-201505-0307",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81016"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:34:03.470000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-10",
"trust": 1.5,
"url": "http://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb15-10.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150514.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-213"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002633"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81016"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002633"
},
{
"db": "NVD",
"id": "CVE-2015-3055"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/74602"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-213"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032284"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3055"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150513-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3055"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=16279"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-213"
},
{
"db": "VULHUB",
"id": "VHN-81016"
},
{
"db": "BID",
"id": "74602"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002633"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-168"
},
{
"db": "NVD",
"id": "CVE-2015-3055"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-213"
},
{
"db": "VULHUB",
"id": "VHN-81016"
},
{
"db": "BID",
"id": "74602"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002633"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-168"
},
{
"db": "NVD",
"id": "CVE-2015-3055"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-213"
},
{
"date": "2015-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-81016"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74602"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002633"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-168"
},
{
"date": "2015-05-13T10:59:51.077000",
"db": "NVD",
"id": "CVE-2015-3055"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-213"
},
{
"date": "2017-01-05T00:00:00",
"db": "VULHUB",
"id": "VHN-81016"
},
{
"date": "2015-05-15T00:10:00",
"db": "BID",
"id": "74602"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002633"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-168"
},
{
"date": "2017-01-05T20:03:01.753000",
"db": "NVD",
"id": "CVE-2015-3055"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-168"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002633"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "74602"
}
],
"trust": 0.3
}
}
var-201505-0291
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to obtain sensitive information from process memory via unspecified vectors. This vulnerability allows remote attackers to leak memory addresses from Spell.api on vulnerable installations of Adobe Acrobat Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the Spell object. By creating and exporting a custom dictionary, it is possible to leak memory addresses from Spell.api. An attacker can leverage this vulnerability to disclose arbitrary memory. Adobe Acrobat and Reader are prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201505-0291",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat pro",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-211"
},
{
"db": "BID",
"id": "74618"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002636"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-171"
},
{
"db": "NVD",
"id": "CVE-2015-3058"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002636"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-211"
}
],
"trust": 0.7
},
"cve": "CVE-2015-3058",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3058",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 2.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-81019",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3058",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-3058",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2015-3058",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-171",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-81019",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-211"
},
{
"db": "VULHUB",
"id": "VHN-81019"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002636"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-171"
},
{
"db": "NVD",
"id": "CVE-2015-3058"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to obtain sensitive information from process memory via unspecified vectors. This vulnerability allows remote attackers to leak memory addresses from Spell.api on vulnerable installations of Adobe Acrobat Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the Spell object. By creating and exporting a custom dictionary, it is possible to leak memory addresses from Spell.api. An attacker can leverage this vulnerability to disclose arbitrary memory. Adobe Acrobat and Reader are prone to an information-disclosure vulnerability. \nAn attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3058"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002636"
},
{
"db": "ZDI",
"id": "ZDI-15-211"
},
{
"db": "BID",
"id": "74618"
},
{
"db": "VULHUB",
"id": "VHN-81019"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3058",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-211",
"trust": 2.1
},
{
"db": "BID",
"id": "74618",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1032284",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002636",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2706",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201505-171",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-81019",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-211"
},
{
"db": "VULHUB",
"id": "VHN-81019"
},
{
"db": "BID",
"id": "74618"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002636"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-171"
},
{
"db": "NVD",
"id": "CVE-2015-3058"
}
]
},
"id": "VAR-201505-0291",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81019"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:34:07.029000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-10",
"trust": 1.5,
"url": "http://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb15-10.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150514.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-211"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002636"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81019"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002636"
},
{
"db": "NVD",
"id": "CVE-2015-3058"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/74618"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-211"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032284"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3058"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150513-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3058"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=16279"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/reader/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-211/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-211"
},
{
"db": "VULHUB",
"id": "VHN-81019"
},
{
"db": "BID",
"id": "74618"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002636"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-171"
},
{
"db": "NVD",
"id": "CVE-2015-3058"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-211"
},
{
"db": "VULHUB",
"id": "VHN-81019"
},
{
"db": "BID",
"id": "74618"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002636"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-171"
},
{
"db": "NVD",
"id": "CVE-2015-3058"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-211"
},
{
"date": "2015-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-81019"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74618"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002636"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-171"
},
{
"date": "2015-05-13T10:59:53.747000",
"db": "NVD",
"id": "CVE-2015-3058"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-211"
},
{
"date": "2017-01-03T00:00:00",
"db": "VULHUB",
"id": "VHN-81019"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74618"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002636"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-171"
},
{
"date": "2017-01-03T19:38:49.307000",
"db": "NVD",
"id": "CVE-2015-3058"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-171"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerability in which important information is obtained from process memory",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002636"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-171"
}
],
"trust": 0.6
}
}
var-201401-0370
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0495. Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201401-0370",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.06)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.9)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.06)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.9)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.6"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001181"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-335"
},
{
"db": "NVD",
"id": "CVE-2014-0493"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001181"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mateusz Jurczyk and Gynvael Coldwind of the Google Security Team",
"sources": [
{
"db": "BID",
"id": "64802"
}
],
"trust": 0.3
},
"cve": "CVE-2014-0493",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-0493",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-67986",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-0493",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-0493",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201401-335",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-67986",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2014-0493",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-67986"
},
{
"db": "VULMON",
"id": "CVE-2014-0493"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001181"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-335"
},
{
"db": "NVD",
"id": "CVE-2014-0493"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0495. Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0493"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001181"
},
{
"db": "BID",
"id": "64802"
},
{
"db": "VULHUB",
"id": "VHN-67986"
},
{
"db": "VULMON",
"id": "CVE-2014-0493"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0493",
"trust": 2.9
},
{
"db": "SECTRACK",
"id": "1029604",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001181",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "56303",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201401-335",
"trust": 0.6
},
{
"db": "BID",
"id": "64802",
"trust": 0.5
},
{
"db": "VULHUB",
"id": "VHN-67986",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2014-0493",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-67986"
},
{
"db": "VULMON",
"id": "CVE-2014-0493"
},
{
"db": "BID",
"id": "64802"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001181"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-335"
},
{
"db": "NVD",
"id": "CVE-2014-0493"
}
]
},
"id": "VAR-201401-0370",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-67986"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:48:18.178000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB14-01",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/acrobat/apsb14-01.html"
},
{
"title": "APSB14-01",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/acrobat/apsb14-01.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20140116.html"
},
{
"title": "AdbeRdrUpd11006",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=47547"
},
{
"title": "AcrobatUpd1019",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=47550"
},
{
"title": "AcrobatUpd11006",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=47549"
},
{
"title": "AdbeRdrUpd1019",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=47548"
},
{
"title": "Securelist",
"trust": 0.1,
"url": "https://securelist.com/adobes-first-patch-tuesday-of-2014/58211/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/adobe-updates-security-for-flash-reader-acrobat/103613/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0493"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001181"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-335"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-67986"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001181"
},
{
"db": "NVD",
"id": "CVE-2014-0493"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://helpx.adobe.com/security/products/acrobat/apsb14-01.html"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1029604"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0493"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20140115-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140003.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0493"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=12878"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/56303"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/support/downloads/product.jsp?product=10\u0026platform=macintosh"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/support/downloads/product.jsp?product=10\u0026platform=windows"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/reader/"
},
{
"trust": 0.3,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-01.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.securityfocus.com/bid/64802"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=32433"
},
{
"trust": 0.1,
"url": "https://threatpost.com/adobe-updates-security-for-flash-reader-acrobat/103613/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-67986"
},
{
"db": "VULMON",
"id": "CVE-2014-0493"
},
{
"db": "BID",
"id": "64802"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001181"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-335"
},
{
"db": "NVD",
"id": "CVE-2014-0493"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-67986"
},
{
"db": "VULMON",
"id": "CVE-2014-0493"
},
{
"db": "BID",
"id": "64802"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001181"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-335"
},
{
"db": "NVD",
"id": "CVE-2014-0493"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-01-15T00:00:00",
"db": "VULHUB",
"id": "VHN-67986"
},
{
"date": "2014-01-15T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0493"
},
{
"date": "2014-01-14T00:00:00",
"db": "BID",
"id": "64802"
},
{
"date": "2014-01-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001181"
},
{
"date": "2014-01-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201401-335"
},
{
"date": "2014-01-15T16:13:04.057000",
"db": "NVD",
"id": "CVE-2014-0493"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-13T00:00:00",
"db": "VULHUB",
"id": "VHN-67986"
},
{
"date": "2018-12-13T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0493"
},
{
"date": "2014-01-14T00:00:00",
"db": "BID",
"id": "64802"
},
{
"date": "2014-01-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001181"
},
{
"date": "2014-01-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201401-335"
},
{
"date": "2018-12-13T15:50:24.087000",
"db": "NVD",
"id": "CVE-2014-0493"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201401-335"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001181"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201401-335"
}
],
"trust": 0.6
}
}
var-201004-0121
Vulnerability from variot
Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0198, CVE-2010-0199, and CVE-2010-0202. Adobe Reader and Acrobat Contains a buffer overflow vulnerability. This vulnerability CVE-2010-0198 , CVE-2010-0199 and CVE-2010-0202 Is a different vulnerability.An attacker could execute arbitrary code. Attackers can exploit these issues to steal cookie-based authentication credentials, cause a denial-of-service, or execute arbitrary code in the context of the user running an affected application. They are used to create, view, search, digitally sign, verify, print, and collaborate on Adobe PDF files."
II. Binary Analysis & Proof-of-concept
In-depth binary analysis of the vulnerability and a code execution exploit with DEP bypass have been released by VUPEN through the VUPEN Binary Analysis & Exploits Service :
http://www.vupen.com/exploits/
V.
VI. CREDIT
The vulnerability was discovered by Nicolas Joly of VUPEN Security
VII. ABOUT VUPEN Security
VUPEN is a leading IT security research company providing vulnerability management and security intelligence solutions which enable enterprises and institutions to eliminate vulnerabilities before they can be exploited, ensure security policy compliance and meaningfully measure and manage risks.
Governmental and federal agencies, and global enterprises in the financial services, insurance, manufacturing and technology industries rely on VUPEN to improve their security, prioritize resources, cut time and costs, and stay ahead of the latest threats.
- VUPEN Vulnerability Notification Service:
http://www.vupen.com/english/services/
- VUPEN Binary Analysis & Exploits Service :
http://www.vupen.com/exploits/
VIII. REFERENCES
http://www.vupen.com/english/advisories/2010/0873 http://www.adobe.com/support/security/bulletins/apsb10-09.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203
IX. DISCLOSURE TIMELINE
2010-03-16 - Vendor notified 2010-03-16 - Vendor response 2010-04-07 - Status update received 2010-04-13 - Coordinated public Disclosure
.
I. These vulnerabilities affect Reader and Acrobat 9.3.1 and earlier 9.x versions, and 8.2.1 and earlier versions.
An attacker could exploit these vulnerabilities by convincing a user to open a specially crafted PDF file. The Adobe Reader browser plug-in is available for multiple web browsers and operating systems, which can automatically open PDF documents hosted on a website.
II.
III. For a fresh installation, first install Adobe Reader 9.3.0 or 8.2.0 and then use the automatic update feature or install the appropriate update referenced in APSB10-09. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Adobe provides a framework to blacklist specific JavaScipt APIs. If JavaScript must be enabled, this feature may be useful when specific APIs are known to be vulnerable or used in attacks.
Prevent Internet Explorer from automatically opening PDF documents
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7] "EditFlags"=hex:00,00,00,00
Disable the display of PDF documents in the web browser
Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF documents from automatically being opened in a web browser, do the following:
- Open the Edit menu.
- Choose the Preferences option.
- Choose the Internet section.
- Uncheck the "Display PDF in browser" checkbox.
Do not access PDF documents from untrusted sources
Do not open unfamiliar or unexpected PDF documents, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. Please send email to cert@cert.org with "TA10-103C Feedback VU#352598" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
April 13, 2010: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBS8TuRj6pPKYJORa3AQJfzggAj8p3s/TrJT16ceFtRzLR31QBgRq6GxYr h8WnsGlj2WR71XjH219XaWx9Mj3KBWVxbAsNPmK0tEir7KA+n4DwZCewTDYRqfYs 8N7G9MOI68Z87+7zBiZAo0j5/lQuxLWyTF9PqWbX8gCWLqJWW46cEZCqg7OGRbYt w8coxdMXU6tM3WGoWAIKwLRtpQUdubcITPTrE7RATyLJ1422B9dkTSeSCuHHZs5d eXSPYzTQ1EOwHpuA5/a/or2SjeRPLQcpxb/8WKelSqwW3hpK4zviEnPt4cYyeNqW BQY06OQMTKch/nmniuEDuiwe69m0gTw7Tw2Dm6xrg6BLBy3A6GAwkQ== =CQ6i -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201009-05
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: September 07, 2010 Bugs: #297385, #306429, #313343, #322857 ID: 201009-05
Synopsis
Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code or other attacks. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.3.4"
References
[ 1 ] APSA10-01 http://www.adobe.com/support/security/advisories/apsa10-01.html [ 2 ] APSB10-02 http://www.adobe.com/support/security/bulletins/apsb10-02.html [ 3 ] APSB10-07 http://www.adobe.com/support/security/bulletins/apsb10-07.html [ 4 ] APSB10-09 http://www.adobe.com/support/security/bulletins/apsb10-09.html [ 5 ] APSB10-14 http://www.adobe.com/support/security/bulletins/apsb10-14.html [ 6 ] APSB10-16 http://www.adobe.com/support/security/bulletins/apsb10-16.html [ 7 ] CVE-2009-3953 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953 [ 8 ] CVE-2009-4324 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324 [ 9 ] CVE-2010-0186 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186 [ 10 ] CVE-2010-0188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188 [ 11 ] CVE-2010-0190 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190 [ 12 ] CVE-2010-0191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191 [ 13 ] CVE-2010-0192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192 [ 14 ] CVE-2010-0193 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193 [ 15 ] CVE-2010-0194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194 [ 16 ] CVE-2010-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195 [ 17 ] CVE-2010-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196 [ 18 ] CVE-2010-0197 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197 [ 19 ] CVE-2010-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198 [ 20 ] CVE-2010-0199 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199 [ 21 ] CVE-2010-0201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201 [ 22 ] CVE-2010-0202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202 [ 23 ] CVE-2010-0203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203 [ 24 ] CVE-2010-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204 [ 25 ] CVE-2010-1241 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241 [ 26 ] CVE-2010-1285 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285 [ 27 ] CVE-2010-1295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295 [ 28 ] CVE-2010-1297 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297 [ 29 ] CVE-2010-2168 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168 [ 30 ] CVE-2010-2201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201 [ 31 ] CVE-2010-2202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202 [ 32 ] CVE-2010-2203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203 [ 33 ] CVE-2010-2204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204 [ 34 ] CVE-2010-2205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205 [ 35 ] CVE-2010-2206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206 [ 36 ] CVE-2010-2207 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207 [ 37 ] CVE-2010-2208 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208 [ 38 ] CVE-2010-2209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209 [ 39 ] CVE-2010-2210 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210 [ 40 ] CVE-2010-2211 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211 [ 41 ] CVE-2010-2212 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201009-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201004-0121",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.4.z (server)"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0"
}
],
"sources": [
{
"db": "BID",
"id": "39507"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001358"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-256"
},
{
"db": "NVD",
"id": "CVE-2010-0203"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001358"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Billy Rios and Microsoft Vulnerability Research (MSVR), Aki Helin of Oulu University Secure Programming Group, Microsoft Vulnerability Research Program (MSVR), Bing Liu of Fortinet\u0027s FortiGuard Labs, an anonymous researcher reported through TippingPoint\u0026a",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-256"
}
],
"trust": 0.6
},
"cve": "CVE-2010-0203",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-0203",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-42808",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-0203",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2010-0203",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201004-256",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-42808",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42808"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001358"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-256"
},
{
"db": "NVD",
"id": "CVE-2010-0203"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0198, CVE-2010-0199, and CVE-2010-0202. Adobe Reader and Acrobat Contains a buffer overflow vulnerability. This vulnerability CVE-2010-0198 , CVE-2010-0199 and CVE-2010-0202 Is a different vulnerability.An attacker could execute arbitrary code. \nAttackers can exploit these issues to steal cookie-based authentication credentials, cause a denial-of-service, or execute arbitrary code in the context of the user running an affected application. They are used to create, view, search, digitally\nsign, verify, print, and collaborate on Adobe PDF files.\"\n\n\nII. Binary Analysis \u0026 Proof-of-concept\n-----------------------------------------\n\nIn-depth binary analysis of the vulnerability and a code execution\nexploit with DEP bypass have been released by VUPEN through the\nVUPEN Binary Analysis \u0026 Exploits Service :\n\nhttp://www.vupen.com/exploits/\n\n\nV. \n\n\nVI. CREDIT\n--------------\n\nThe vulnerability was discovered by Nicolas Joly of VUPEN Security\n\n\nVII. ABOUT VUPEN Security\n--------------------------------\n\nVUPEN is a leading IT security research company providing vulnerability\nmanagement and security intelligence solutions which enable enterprises\nand institutions to eliminate vulnerabilities before they can be exploited,\nensure security policy compliance and meaningfully measure and manage risks. \n\nGovernmental and federal agencies, and global enterprises in the financial\nservices, insurance, manufacturing and technology industries rely on VUPEN\nto improve their security, prioritize resources, cut time and costs, and\nstay ahead of the latest threats. \n\n* VUPEN Vulnerability Notification Service:\n\nhttp://www.vupen.com/english/services/\n\n* VUPEN Binary Analysis \u0026 Exploits Service :\n\nhttp://www.vupen.com/exploits/\n\n\nVIII. REFERENCES\n----------------------\n\nhttp://www.vupen.com/english/advisories/2010/0873\nhttp://www.adobe.com/support/security/bulletins/apsb10-09.html\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203\n\n\nIX. DISCLOSURE TIMELINE\n----------------------------------- \n\n2010-03-16 - Vendor notified\n2010-03-16 - Vendor response\n2010-04-07 - Status update received\n2010-04-13 - Coordinated public Disclosure\n\n\n. \n\n\nI. These\n vulnerabilities affect Reader and Acrobat 9.3.1 and earlier 9.x\n versions, and 8.2.1 and earlier versions. \n\n An attacker could exploit these vulnerabilities by convincing a\n user to open a specially crafted PDF file. The Adobe Reader browser\n plug-in is available for multiple web browsers and operating\n systems, which can automatically open PDF documents hosted on a\n website. \n\n\nII. \n\n\nIII. For a fresh installation, first install\n Adobe Reader 9.3.0 or 8.2.0 and then use the automatic update\n feature or install the appropriate update referenced in APSB10-09. Acrobat JavaScript can be disabled using the\n Preferences menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable\n Acrobat JavaScript). \n\n Adobe provides a framework to blacklist specific JavaScipt APIs. If\n JavaScript must be enabled, this feature may be useful when\n specific APIs are known to be vulnerable or used in attacks. \n\n Prevent Internet Explorer from automatically opening PDF documents\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF documents in the web browser\n\n Preventing PDF documents from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF documents from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. \n\n Do not access PDF documents from untrusted sources\n\n Do not open unfamiliar or unexpected PDF documents, particularly\n those hosted on websites or delivered as email attachments. Please\n see Cyber Security Tip ST04-010. \n\n\nIV. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-103C Feedback VU#352598\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n April 13, 2010: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBS8TuRj6pPKYJORa3AQJfzggAj8p3s/TrJT16ceFtRzLR31QBgRq6GxYr\nh8WnsGlj2WR71XjH219XaWx9Mj3KBWVxbAsNPmK0tEir7KA+n4DwZCewTDYRqfYs\n8N7G9MOI68Z87+7zBiZAo0j5/lQuxLWyTF9PqWbX8gCWLqJWW46cEZCqg7OGRbYt\nw8coxdMXU6tM3WGoWAIKwLRtpQUdubcITPTrE7RATyLJ1422B9dkTSeSCuHHZs5d\neXSPYzTQ1EOwHpuA5/a/or2SjeRPLQcpxb/8WKelSqwW3hpK4zviEnPt4cYyeNqW\nBQY06OQMTKch/nmniuEDuiwe69m0gTw7Tw2Dm6xrg6BLBy3A6GAwkQ==\n=CQ6i\n-----END PGP SIGNATURE-----\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201009-05\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: September 07, 2010\n Bugs: #297385, #306429, #313343, #322857\n ID: 201009-05\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might result in the execution\nof arbitrary code or other attacks. For further\ninformation please consult the CVE entries and the Adobe Security\nBulletins referenced below. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.3.4\"\n\nReferences\n==========\n\n [ 1 ] APSA10-01\n http://www.adobe.com/support/security/advisories/apsa10-01.html\n [ 2 ] APSB10-02\n http://www.adobe.com/support/security/bulletins/apsb10-02.html\n [ 3 ] APSB10-07\n http://www.adobe.com/support/security/bulletins/apsb10-07.html\n [ 4 ] APSB10-09\n http://www.adobe.com/support/security/bulletins/apsb10-09.html\n [ 5 ] APSB10-14\n http://www.adobe.com/support/security/bulletins/apsb10-14.html\n [ 6 ] APSB10-16\n http://www.adobe.com/support/security/bulletins/apsb10-16.html\n [ 7 ] CVE-2009-3953\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953\n [ 8 ] CVE-2009-4324\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324\n [ 9 ] CVE-2010-0186\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186\n [ 10 ] CVE-2010-0188\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188\n [ 11 ] CVE-2010-0190\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190\n [ 12 ] CVE-2010-0191\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191\n [ 13 ] CVE-2010-0192\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192\n [ 14 ] CVE-2010-0193\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193\n [ 15 ] CVE-2010-0194\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194\n [ 16 ] CVE-2010-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195\n [ 17 ] CVE-2010-0196\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196\n [ 18 ] CVE-2010-0197\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197\n [ 19 ] CVE-2010-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198\n [ 20 ] CVE-2010-0199\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199\n [ 21 ] CVE-2010-0201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201\n [ 22 ] CVE-2010-0202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202\n [ 23 ] CVE-2010-0203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203\n [ 24 ] CVE-2010-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204\n [ 25 ] CVE-2010-1241\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241\n [ 26 ] CVE-2010-1285\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285\n [ 27 ] CVE-2010-1295\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295\n [ 28 ] CVE-2010-1297\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297\n [ 29 ] CVE-2010-2168\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168\n [ 30 ] CVE-2010-2201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201\n [ 31 ] CVE-2010-2202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202\n [ 32 ] CVE-2010-2203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203\n [ 33 ] CVE-2010-2204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204\n [ 34 ] CVE-2010-2205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205\n [ 35 ] CVE-2010-2206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206\n [ 36 ] CVE-2010-2207\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207\n [ 37 ] CVE-2010-2208\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208\n [ 38 ] CVE-2010-2209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209\n [ 39 ] CVE-2010-2210\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210\n [ 40 ] CVE-2010-2211\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211\n [ 41 ] CVE-2010-2212\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201009-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-0203"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001358"
},
{
"db": "BID",
"id": "39507"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "VULHUB",
"id": "VHN-42808"
},
{
"db": "PACKETSTORM",
"id": "88445"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
}
],
"trust": 2.52
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-42808",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42808"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-0203",
"trust": 3.0
},
{
"db": "VUPEN",
"id": "ADV-2010-0873",
"trust": 2.6
},
{
"db": "USCERT",
"id": "TA10-103C",
"trust": 2.6
},
{
"db": "BID",
"id": "39329",
"trust": 2.0
},
{
"db": "BID",
"id": "39507",
"trust": 1.2
},
{
"db": "USCERT",
"id": "SA10-103C",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001358",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201004-256",
"trust": 0.7
},
{
"db": "CERT/CC",
"id": "TA10-103C",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "88445",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-42808",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88345",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "93607",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42808"
},
{
"db": "BID",
"id": "39507"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001358"
},
{
"db": "PACKETSTORM",
"id": "88445"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-256"
},
{
"db": "NVD",
"id": "CVE-2010-0203"
}
]
},
"id": "VAR-201004-0121",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-42808"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:38:37.917000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-09",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"title": "APSB10-09",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-09.html"
},
{
"title": "RHSA-2010:0349",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0349.html"
},
{
"title": "TA10-103C",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-103c.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001358"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42808"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001358"
},
{
"db": "NVD",
"id": "CVE-2010-0203"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.vupen.com/english/advisories/2010/0873"
},
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-103c.html"
},
{
"trust": 2.5,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/39329"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7494"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0203"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100009.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-103c/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-13/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0203"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/39507"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-103c.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/index.html#topics"
},
{
"trust": 0.6,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "/archive/1/510742"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/research.php"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/services/"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/exploits/"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-103c.html\u003e"
},
{
"trust": 0.1,
"url": "http://kb2.adobe.com/cps/504/cpsid_50431.html\u003e"
},
{
"trust": 0.1,
"url": "http://blogs.adobe.com/adobereader/2010/04/upcoming_adobe_reader_and_acro.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2203"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2209"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0188"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0199"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201009-05.xml"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2205"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2206"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2211"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1285"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0199"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0190"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2210"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0188"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0198"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-07.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1297"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1241"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1295"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2208"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0190"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0198"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2207"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2168"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2201"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-16.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0186"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2212"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42808"
},
{
"db": "BID",
"id": "39507"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001358"
},
{
"db": "PACKETSTORM",
"id": "88445"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-256"
},
{
"db": "NVD",
"id": "CVE-2010-0203"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-42808"
},
{
"db": "BID",
"id": "39507"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001358"
},
{
"db": "PACKETSTORM",
"id": "88445"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-256"
},
{
"db": "NVD",
"id": "CVE-2010-0203"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-14T00:00:00",
"db": "VULHUB",
"id": "VHN-42808"
},
{
"date": "2010-04-13T00:00:00",
"db": "BID",
"id": "39507"
},
{
"date": "2010-04-08T00:00:00",
"db": "BID",
"id": "39329"
},
{
"date": "2010-04-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001358"
},
{
"date": "2010-04-16T02:27:08",
"db": "PACKETSTORM",
"id": "88445"
},
{
"date": "2010-04-14T07:04:22",
"db": "PACKETSTORM",
"id": "88345"
},
{
"date": "2010-09-08T05:23:46",
"db": "PACKETSTORM",
"id": "93607"
},
{
"date": "2010-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-256"
},
{
"date": "2010-04-14T16:00:01.337000",
"db": "NVD",
"id": "CVE-2010-0203"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-42808"
},
{
"date": "2015-03-19T09:24:00",
"db": "BID",
"id": "39507"
},
{
"date": "2010-04-16T15:53:00",
"db": "BID",
"id": "39329"
},
{
"date": "2010-04-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001358"
},
{
"date": "2010-04-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-256"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2010-0203"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "39507"
},
{
"db": "BID",
"id": "39329"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001358"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-256"
}
],
"trust": 0.6
}
}
var-201409-0438
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allow attackers to cause a denial of service (memory corruption) via unspecified vectors. Adobe Acrobat and Reader are prone to an unspecified memory-corruption vulnerability. Attackers can exploit this issue to crash the affected application. The following products are affected: Adobe Reader 11.x versions prior to 11.0.09 Adobe Reader 10.x versions prior to 10.1.12 Adobe Acrobat 11.x versions prior to 11.0.09 Adobe Acrobat 10.x versions prior to 10.1.12. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201409-0438",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.09)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.12)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.09)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.12)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-004242"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-582"
},
{
"db": "NVD",
"id": "CVE-2014-0563"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-004242"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wei Lei and Wu Hongjun of Nanyang Technological University.",
"sources": [
{
"db": "BID",
"id": "69826"
}
],
"trust": 0.3
},
"cve": "CVE-2014-0563",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-0563",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-68056",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-0563",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-0563",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201409-582",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-68056",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68056"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004242"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-582"
},
{
"db": "NVD",
"id": "CVE-2014-0563"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allow attackers to cause a denial of service (memory corruption) via unspecified vectors. Adobe Acrobat and Reader are prone to an unspecified memory-corruption vulnerability. \nAttackers can exploit this issue to crash the affected application. \nThe following products are affected:\nAdobe Reader 11.x versions prior to 11.0.09\nAdobe Reader 10.x versions prior to 10.1.12\nAdobe Acrobat 11.x versions prior to 11.0.09\nAdobe Acrobat 10.x versions prior to 10.1.12. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0563"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004242"
},
{
"db": "BID",
"id": "69826"
},
{
"db": "VULHUB",
"id": "VHN-68056"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0563",
"trust": 2.8
},
{
"db": "BID",
"id": "69826",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1030853",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004242",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201409-582",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-68056",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68056"
},
{
"db": "BID",
"id": "69826"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004242"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-582"
},
{
"db": "NVD",
"id": "CVE-2014-0563"
}
]
},
"id": "VAR-201409-0438",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-68056"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:52.474000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB14-20",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-20.html"
},
{
"title": "APSB14-20",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb14-20.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20140918.html"
},
{
"title": "AdbeRdrUpd11009",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51674"
},
{
"title": "AcrobatUpd11009",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51678"
},
{
"title": "AdbeRdrUpd10112",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51673"
},
{
"title": "AcrobatUpd10112",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51677"
},
{
"title": "AdbeRdrUpd11009",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51676"
},
{
"title": "AcrobatUpd11009",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51680"
},
{
"title": "AdbeRdrUpd10112",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51675"
},
{
"title": "AcrobatUpd10112",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51679"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-004242"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-582"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68056"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004242"
},
{
"db": "NVD",
"id": "CVE-2014-0563"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-20.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/69826"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1030853"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95998"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0563"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20140917-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140036.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0563"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=14605"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68056"
},
{
"db": "BID",
"id": "69826"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004242"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-582"
},
{
"db": "NVD",
"id": "CVE-2014-0563"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-68056"
},
{
"db": "BID",
"id": "69826"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004242"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-582"
},
{
"db": "NVD",
"id": "CVE-2014-0563"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-09-17T00:00:00",
"db": "VULHUB",
"id": "VHN-68056"
},
{
"date": "2014-09-16T00:00:00",
"db": "BID",
"id": "69826"
},
{
"date": "2014-09-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-004242"
},
{
"date": "2014-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201409-582"
},
{
"date": "2014-09-17T10:55:06.730000",
"db": "NVD",
"id": "CVE-2014-0563"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-68056"
},
{
"date": "2014-09-16T00:00:00",
"db": "BID",
"id": "69826"
},
{
"date": "2014-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-004242"
},
{
"date": "2014-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201409-582"
},
{
"date": "2017-08-29T01:34:12.590000",
"db": "NVD",
"id": "CVE-2014-0563"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201409-582"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-004242"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201409-582"
}
],
"trust": 0.6
}
}
var-201405-0216
Vulnerability from variot
The API in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X does not prevent access to unmapped memory, which allows attackers to execute arbitrary code via unspecified API calls. Adobe Reader and Acrobat are prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts likely result in denial-of-service conditions. The affected products are: Adobe Reader 11.x versions prior to 11.0.07 Adobe Reader 10.x versions prior to 10.1.10 Adobe Acrobat 11.x versions prior to 11.0.07 Adobe Acrobat 10.x versions prior to 10.1.10. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. A security vulnerability exists in the APIs of Adobe Reader and Acrobat on Windows and OS X platforms. The vulnerability stems from the program not properly preventing access to unmapped memory
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201405-0216",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.07)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.10)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.07)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.10)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "67365"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002485"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-250"
},
{
"db": "NVD",
"id": "CVE-2014-0525"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002485"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Yuki Chen of Trend Micro",
"sources": [
{
"db": "BID",
"id": "67365"
}
],
"trust": 0.3
},
"cve": "CVE-2014-0525",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-0525",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-68018",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-0525",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-0525",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201405-250",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-68018",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68018"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002485"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-250"
},
{
"db": "NVD",
"id": "CVE-2014-0525"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The API in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X does not prevent access to unmapped memory, which allows attackers to execute arbitrary code via unspecified API calls. Adobe Reader and Acrobat are prone to a remote code-execution vulnerability. \nAttackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts likely result in denial-of-service conditions. \nThe affected products are:\nAdobe Reader 11.x versions prior to 11.0.07\nAdobe Reader 10.x versions prior to 10.1.10\nAdobe Acrobat 11.x versions prior to 11.0.07\nAdobe Acrobat 10.x versions prior to 10.1.10. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. A security vulnerability exists in the APIs of Adobe Reader and Acrobat on Windows and OS X platforms. The vulnerability stems from the program not properly preventing access to unmapped memory",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0525"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002485"
},
{
"db": "BID",
"id": "67365"
},
{
"db": "VULHUB",
"id": "VHN-68018"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0525",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002485",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201405-250",
"trust": 0.7
},
{
"db": "BID",
"id": "67365",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-68018",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68018"
},
{
"db": "BID",
"id": "67365"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002485"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-250"
},
{
"db": "NVD",
"id": "CVE-2014-0525"
}
]
},
"id": "VAR-201405-0216",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-68018"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T15:24:15.735000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB14-15",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-15.html"
},
{
"title": "APSB14-15",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb14-15.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20140515.html"
},
{
"title": "AdbeRdrUpd11007",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=49945"
},
{
"title": "AcrobatUpd11007",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=49949"
},
{
"title": "AdbeRdrUpd11007_MUI",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=49944"
},
{
"title": "AcrobatUpd11007",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=49948"
},
{
"title": "AdbeRdrUpd10110",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=49943"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002485"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-250"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68018"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002485"
},
{
"db": "NVD",
"id": "CVE-2014-0525"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-15.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0525"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20140514-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140023.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0525"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=13798"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/reader/"
},
{
"trust": 0.3,
"url": "http://helpx.adobe.com/security/products/acrobat/apsb14-15.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68018"
},
{
"db": "BID",
"id": "67365"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002485"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-250"
},
{
"db": "NVD",
"id": "CVE-2014-0525"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-68018"
},
{
"db": "BID",
"id": "67365"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002485"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-250"
},
{
"db": "NVD",
"id": "CVE-2014-0525"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-05-14T00:00:00",
"db": "VULHUB",
"id": "VHN-68018"
},
{
"date": "2014-05-13T00:00:00",
"db": "BID",
"id": "67365"
},
{
"date": "2014-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002485"
},
{
"date": "2014-05-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-250"
},
{
"date": "2014-05-14T11:13:05.333000",
"db": "NVD",
"id": "CVE-2014-0525"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-05-14T00:00:00",
"db": "VULHUB",
"id": "VHN-68018"
},
{
"date": "2014-05-13T00:00:00",
"db": "BID",
"id": "67365"
},
{
"date": "2014-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002485"
},
{
"date": "2014-05-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-250"
},
{
"date": "2014-05-14T14:45:03.820000",
"db": "NVD",
"id": "CVE-2014-0525"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201405-250"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of API Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002485"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201405-250"
}
],
"trust": 0.6
}
}
var-201006-1193
Vulnerability from variot
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, dereference a heap object after this object's deletion, which allows attackers to execute arbitrary code via unspecified vectors. Adobe Flash contains a vulnerability in the handling of the ActionScript newfunction instruction, which can allow a remote, unauthenticated attacker to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple remote vulnerabilities. Attackers can exploit these issues to execute arbitrary code or cause denial-of-service conditions. Adobe Reader and Acrobat versions prior to and including 9.3.2 and 8.2.2 are affected. This BID is being retired. The following individual records exist to better document the issues: 41230 Adobe Acrobat and Reader CVE-2010-1295 Remote Memory Corruption Vulnerability 41231 Adobe Acrobat and Reader CoolType Typography Engine Remote Denial of Service Vulnerability 41232 Adobe Acrobat andReader CVE-2010-1285 Remote Code Execution Vulnerability 41234 Adobe Acrobat and Reader CVE-2010-2202 Remote Memory Corruption Vulnerability 41235 Adobe Acrobat and Reader CVE-2010-2203 Remote Memory Corruption Vulnerability 41236 Adobe Acrobat and Reader CVE-2010-2168 Remote Code Execution Vulnerability 41237 Adobe Acrobat and Reader CVE-2010-2201 Remote Code Execution Vulnerability 41238 Adobe Acrobat and Reader CVE-2010-2205 Remote Code Execution Vulnerability 41239 Adobe Acrobat and Reader CVE-2010-2207 Remote Memory Corruption Vulnerability 41240 Adobe Acrobat and Reader CVE-2010-2209 Remote Memory Corruption Vulnerability 41241 Adobe Acrobat and Reader CVE-2010-2206 Remote Code Execution Vulnerability 41242 Adobe Acrobat and Reader CVE-2010-2210 Remote Memory Corruption Vulnerability 41243 Adobe Acrobat and Reader CVE-2010-2211 Remote Memory Corruption Vulnerability 41244 Adobe Acrobat and Reader CVE-2010-2208 Remote Code Execution Vulnerability 41245 Adobe Acrobat and Reader CVE-2010-2212 Remote Memory Corruption Vulnerability. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201009-05
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: September 07, 2010 Bugs: #297385, #306429, #313343, #322857 ID: 201009-05
Synopsis
Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code or other attacks. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.3.4"
References
[ 1 ] APSA10-01 http://www.adobe.com/support/security/advisories/apsa10-01.html [ 2 ] APSB10-02 http://www.adobe.com/support/security/bulletins/apsb10-02.html [ 3 ] APSB10-07 http://www.adobe.com/support/security/bulletins/apsb10-07.html [ 4 ] APSB10-09 http://www.adobe.com/support/security/bulletins/apsb10-09.html [ 5 ] APSB10-14 http://www.adobe.com/support/security/bulletins/apsb10-14.html [ 6 ] APSB10-16 http://www.adobe.com/support/security/bulletins/apsb10-16.html [ 7 ] CVE-2009-3953 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953 [ 8 ] CVE-2009-4324 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324 [ 9 ] CVE-2010-0186 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186 [ 10 ] CVE-2010-0188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188 [ 11 ] CVE-2010-0190 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190 [ 12 ] CVE-2010-0191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191 [ 13 ] CVE-2010-0192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192 [ 14 ] CVE-2010-0193 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193 [ 15 ] CVE-2010-0194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194 [ 16 ] CVE-2010-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195 [ 17 ] CVE-2010-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196 [ 18 ] CVE-2010-0197 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197 [ 19 ] CVE-2010-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198 [ 20 ] CVE-2010-0199 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199 [ 21 ] CVE-2010-0201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201 [ 22 ] CVE-2010-0202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202 [ 23 ] CVE-2010-0203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203 [ 24 ] CVE-2010-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204 [ 25 ] CVE-2010-1241 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241 [ 26 ] CVE-2010-1285 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285 [ 27 ] CVE-2010-1295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295 [ 28 ] CVE-2010-1297 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297 [ 29 ] CVE-2010-2168 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168 [ 30 ] CVE-2010-2201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201 [ 31 ] CVE-2010-2202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202 [ 32 ] CVE-2010-2203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203 [ 33 ] CVE-2010-2204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204 [ 34 ] CVE-2010-2205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205 [ 35 ] CVE-2010-2206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206 [ 36 ] CVE-2010-2207 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207 [ 37 ] CVE-2010-2208 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208 [ 38 ] CVE-2010-2209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209 [ 39 ] CVE-2010-2210 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210 [ 40 ] CVE-2010-2211 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211 [ 41 ] CVE-2010-2212 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201009-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. ----------------------------------------------------------------------
Secunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management
Free webinars
http://secunia.com/vulnerability_scanning/corporate/webinars/
TITLE: Adobe Flash Player Unspecified Code Execution Vulnerability
SECUNIA ADVISORY ID: SA40026
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/40026/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=40026
RELEASE DATE: 2010-06-05
DISCUSS ADVISORY: http://secunia.com/advisories/40026/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/40026/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=40026
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an unspecified error. No more information is currently available.
The vulnerability is reported in version 10.0.45.2 and prior 10.0.x and 9.0.x versions for Windows, Macintosh, Linux, and Solaris.
NOTE: The vulnerability is reportedly being actively exploited.
SOLUTION: Reportedly, the latest version 10.1 Release Candidate is not affected.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day.
ORIGINAL ADVISORY: Adobe: http://www.adobe.com/support/security/advisories/apsa10-01.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA10-159A
Adobe Flash, Reader, and Acrobat Vulnerability
Original release date: June 08, 2010 Last revised: -- Source: US-CERT
Systems Affected
* Adobe Flash Player 10.0.45.2 and earlier 10.x versions
* Adobe Flash Player 9.0.262 and earlier 9.x versions
* Adobe Reader 9.3.2 and earlier 9.x versions
* Adobe Acrobat 9.3.2 and earlier 9.x versions
Other Adobe products that support Flash may also be vulnerable. This
vulnerability affects Flash Player, Reader, Acrobat, and possibly other products that support Flash.
I. It may also affect other products that independently support Flash, such as Photoshop, Photoshop Lightroom, Freehand MX, and Fireworks.
An attacker could exploit this vulnerability by convincing a user to open specially crafted Flash content. Flash content is commonly hosted on a web page, but it can also be embedded in PDF and other documents or provided as a stand-alone file.
II.
III. Solution
Update
Adobe Security Advisory APSA10-01 suggests updating to the release candidate of Flash Player 10.1.
Disable Flash in your web browser
Uninstall Flash or restrict which sites are allowed to run Flash. To the extent possible, only run trusted Flash content on trusted domains. For more information, see Securing Your Web Browser.
Disable Flash in Adobe Reader and Acrobat
Disabling Flash in Adobe Reader will mitigate attacks that rely on Flash content embedded in a PDF file. Disabling 3D & Multimedia support does not directly address the vulnerability, but it does provide additional mitigation and results in a more user-friendly error message instead of a crash. To disable Flash and 3D & Multimedia support in Adobe Reader 9, delete, rename, or remove access to these files:
Microsoft Windows
"%ProgramFiles%\Adobe\Reader 9.0\Reader\authplay.dll"
"%ProgramFiles%\Adobe\Reader 9.0\Reader\rt3d.dll"
Apple Mac OS X
"/Applications/Adobe Reader 9/Adobe
Reader.app/Contents/Frameworks/AuthPlayLib.bundle"
"/Applications/Adobe Reader 9/Adobe
Reader.app/Contents/Frameworks/Adobe3D.framework"
GNU/Linux (locations may vary among distributions)
"/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so"
"/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so"
File locations may be different for Adobe Acrobat or other Adobe products that include Flash and 3D & Multimedia support. Disabling these plugins will reduce functionality and will not protect against Flash content hosted on websites. Depending on the update schedule for products other than Flash Player, consider leaving Flash and 3D & Multimedia support disabled unless they are absolutely required.
Prevent Internet Explorer from automatically opening PDF documents
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7]
"EditFlags"=hex:00,00,00,00
Disable the display of PDF documents in the web browser
Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF documents from automatically being opened in a web browser, do the following:
1.
2. Open the Edit menu.
3. Choose the Preferences option.
4. Choose the Internet section.
5. Uncheck the "Display PDF in browser" checkbox.
Disable JavaScript in Adobe Reader and Acrobat
Disabling JavaScript provides some additional protection against attacks. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Enable DEP in Microsoft Windows
Consider enabling Data Execution Prevention (DEP) in supported versions of Windows. DEP should not be treated as a complete workaround, but it can mitigate the execution of attacker-supplied code in some cases. Microsoft has published detailed technical information about DEP in Security Research & Defense blog posts "Understanding DEP as a mitigation technology" part 1 and part 2. Use of DEP should be considered in conjunction with the application of patches or other mitigations described in this document.
Do not access PDF documents from untrusted sources
Do not open unfamiliar or unexpected PDF documents, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. References
-
Security Advisory for Flash Player, Adobe Reader and Acrobat - http://www.adobe.com/support/security/advisories/apsa10-01.html
-
Adobe Labs - Flash Player 10 pre-release - http://labs.adobe.com/technologies/flashplayer10/
-
US-CERT Vulnerability Note VU#486225 - http://www.kb.cert.org/vuls/id/486225
-
Securing Your Web Browser - http://www.us-cert.gov/reading_room/securing_browser/
-
Understanding DEP as a mitigation technology part 1 - http://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx
-
Understanding DEP as a mitigation technology part 2 - http://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA10-159A.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA10-159A Feedback VU#486225" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
June 08, 2010: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBTA65yT6pPKYJORa3AQLS9wf/fh+7IwRtBvoPgn8pYeOsVheLkbVLWC3W miWUnY1acuPTwZzG5JcAldRHksFkx1j0mMEvp4PhtiTr51JFPi4XgDfrG4cEcVaw nuAqEV+hLAWZkMex/jWxBV+85tZqKN0kiUr3bq5DPsdkhjV7c2MFfS8BSxLXLuPm OFAXPT+XFldq6MJhYUOtWT1CIz6PNPfo68KmZaUThjdqkkBW3HQu90OSRf2c6M/u V6KBQf7QuhpPqYUqAZU6ZUNEfL/7g2BwvuPjUMlgE5N+Z8EYnhyhu0qDtZeLUcXA 2gH31VEr79DUHJqpb9jk61bi5Dm4gjHeLHoTAwu0IrduZzXvWncfIg== =ZPZM -----END PGP SIGNATURE----- .
SOLUTION: Delete, rename, or remove access to authplay.dll to prevent running SWF content in PDF files
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201006-1193",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.4.z (server)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "BID",
"id": "41244"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001714"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-486"
},
{
"db": "NVD",
"id": "CVE-2010-2208"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001714"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tavis Ormandy of the Google Security Team",
"sources": [
{
"db": "BID",
"id": "41244"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-486"
}
],
"trust": 0.9
},
"cve": "CVE-2010-2208",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-2208",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CARNEGIE MELLON",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 9.0,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 7.0,
"exploitability": "PROOF-OF-CONCEPT",
"exploitabilityScore": 8.6,
"id": "VU#486225",
"impactScore": 9.5,
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "OFFICIAL FIX",
"reportConfidence": "CONFIRMED",
"severity": "HIGH",
"targetDistribution": "NOT DEFINED",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-44813",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-2208",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#486225",
"trust": 0.8,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2010-2208",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201006-486",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-44813",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44813"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001714"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-486"
},
{
"db": "NVD",
"id": "CVE-2010-2208"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, dereference a heap object after this object\u0027s deletion, which allows attackers to execute arbitrary code via unspecified vectors. Adobe Flash contains a vulnerability in the handling of the ActionScript newfunction instruction, which can allow a remote, unauthenticated attacker to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple remote vulnerabilities. \nAttackers can exploit these issues to execute arbitrary code or cause denial-of-service conditions. \nAdobe Reader and Acrobat versions prior to and including 9.3.2 and 8.2.2 are affected. \nThis BID is being retired. The following individual records exist to better document the issues:\n41230 Adobe Acrobat and Reader CVE-2010-1295 Remote Memory Corruption Vulnerability\n41231 Adobe Acrobat and Reader CoolType Typography Engine Remote Denial of Service Vulnerability\n41232 Adobe Acrobat andReader CVE-2010-1285 Remote Code Execution Vulnerability\n41234 Adobe Acrobat and Reader CVE-2010-2202 Remote Memory Corruption Vulnerability\n41235 Adobe Acrobat and Reader CVE-2010-2203 Remote Memory Corruption Vulnerability\n41236 Adobe Acrobat and Reader CVE-2010-2168 Remote Code Execution Vulnerability\n41237 Adobe Acrobat and Reader CVE-2010-2201 Remote Code Execution Vulnerability\n41238 Adobe Acrobat and Reader CVE-2010-2205 Remote Code Execution Vulnerability\n41239 Adobe Acrobat and Reader CVE-2010-2207 Remote Memory Corruption Vulnerability\n41240 Adobe Acrobat and Reader CVE-2010-2209 Remote Memory Corruption Vulnerability\n41241 Adobe Acrobat and Reader CVE-2010-2206 Remote Code Execution Vulnerability\n41242 Adobe Acrobat and Reader CVE-2010-2210 Remote Memory Corruption Vulnerability\n41243 Adobe Acrobat and Reader CVE-2010-2211 Remote Memory Corruption Vulnerability\n41244 Adobe Acrobat and Reader CVE-2010-2208 Remote Code Execution Vulnerability\n41245 Adobe Acrobat and Reader CVE-2010-2212 Remote Memory Corruption Vulnerability. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201009-05\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: September 07, 2010\n Bugs: #297385, #306429, #313343, #322857\n ID: 201009-05\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might result in the execution\nof arbitrary code or other attacks. For further\ninformation please consult the CVE entries and the Adobe Security\nBulletins referenced below. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.3.4\"\n\nReferences\n==========\n\n [ 1 ] APSA10-01\n http://www.adobe.com/support/security/advisories/apsa10-01.html\n [ 2 ] APSB10-02\n http://www.adobe.com/support/security/bulletins/apsb10-02.html\n [ 3 ] APSB10-07\n http://www.adobe.com/support/security/bulletins/apsb10-07.html\n [ 4 ] APSB10-09\n http://www.adobe.com/support/security/bulletins/apsb10-09.html\n [ 5 ] APSB10-14\n http://www.adobe.com/support/security/bulletins/apsb10-14.html\n [ 6 ] APSB10-16\n http://www.adobe.com/support/security/bulletins/apsb10-16.html\n [ 7 ] CVE-2009-3953\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953\n [ 8 ] CVE-2009-4324\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324\n [ 9 ] CVE-2010-0186\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186\n [ 10 ] CVE-2010-0188\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188\n [ 11 ] CVE-2010-0190\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190\n [ 12 ] CVE-2010-0191\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191\n [ 13 ] CVE-2010-0192\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192\n [ 14 ] CVE-2010-0193\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193\n [ 15 ] CVE-2010-0194\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194\n [ 16 ] CVE-2010-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195\n [ 17 ] CVE-2010-0196\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196\n [ 18 ] CVE-2010-0197\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197\n [ 19 ] CVE-2010-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198\n [ 20 ] CVE-2010-0199\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199\n [ 21 ] CVE-2010-0201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201\n [ 22 ] CVE-2010-0202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202\n [ 23 ] CVE-2010-0203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203\n [ 24 ] CVE-2010-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204\n [ 25 ] CVE-2010-1241\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241\n [ 26 ] CVE-2010-1285\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285\n [ 27 ] CVE-2010-1295\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295\n [ 28 ] CVE-2010-1297\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297\n [ 29 ] CVE-2010-2168\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168\n [ 30 ] CVE-2010-2201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201\n [ 31 ] CVE-2010-2202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202\n [ 32 ] CVE-2010-2203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203\n [ 33 ] CVE-2010-2204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204\n [ 34 ] CVE-2010-2205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205\n [ 35 ] CVE-2010-2206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206\n [ 36 ] CVE-2010-2207\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207\n [ 37 ] CVE-2010-2208\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208\n [ 38 ] CVE-2010-2209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209\n [ 39 ] CVE-2010-2210\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210\n [ 40 ] CVE-2010-2211\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211\n [ 41 ] CVE-2010-2212\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201009-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. ----------------------------------------------------------------------\n\n\nSecunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management\n\nFree webinars\n\nhttp://secunia.com/vulnerability_scanning/corporate/webinars/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player Unspecified Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA40026\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/40026/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026\n\nRELEASE DATE:\n2010-06-05\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/40026/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/40026/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in Adobe Flash Player, which can be\nexploited by malicious people to compromise a user\u0027s system. \n\nThe vulnerability is caused due to an unspecified error. No more\ninformation is currently available. \n\nThe vulnerability is reported in version 10.0.45.2 and prior 10.0.x\nand 9.0.x versions for Windows, Macintosh, Linux, and Solaris. \n\nNOTE: The vulnerability is reportedly being actively exploited. \n\nSOLUTION:\nReportedly, the latest version 10.1 Release Candidate is not\naffected. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\nReported as a 0-day. \n\nORIGINAL ADVISORY:\nAdobe:\nhttp://www.adobe.com/support/security/advisories/apsa10-01.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n National Cyber Alert System\n\n Technical Cyber Security Alert TA10-159A\n\n\nAdobe Flash, Reader, and Acrobat Vulnerability\n\n Original release date: June 08, 2010\n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n * Adobe Flash Player 10.0.45.2 and earlier 10.x versions\n * Adobe Flash Player 9.0.262 and earlier 9.x versions\n * Adobe Reader 9.3.2 and earlier 9.x versions\n * Adobe Acrobat 9.3.2 and earlier 9.x versions\n\n Other Adobe products that support Flash may also be vulnerable. This\n vulnerability affects Flash Player, Reader, Acrobat, and possibly\n other products that support Flash. \n\n\nI. It may\n also affect other products that independently support Flash, such\n as Photoshop, Photoshop Lightroom, Freehand MX, and Fireworks. \n\n An attacker could exploit this vulnerability by convincing a user\n to open specially crafted Flash content. Flash content is commonly\n hosted on a web page, but it can also be embedded in PDF and other\n documents or provided as a stand-alone file. \n\n\nII. \n\n\nIII. Solution\n\n Update\n\n Adobe Security Advisory APSA10-01 suggests updating to the release\n candidate of Flash Player 10.1. \n\n Disable Flash in your web browser\n\n Uninstall Flash or restrict which sites are allowed to run Flash. \n To the extent possible, only run trusted Flash content on trusted\n domains. For more information, see Securing Your Web Browser. \n\n Disable Flash in Adobe Reader and Acrobat\n\n Disabling Flash in Adobe Reader will mitigate attacks that rely on\n Flash content embedded in a PDF file. Disabling 3D \u0026 Multimedia\n support does not directly address the vulnerability, but it does\n provide additional mitigation and results in a more user-friendly\n error message instead of a crash. To disable Flash and 3D \u0026\n Multimedia support in Adobe Reader 9, delete, rename, or remove\n access to these files:\n\n Microsoft Windows\n\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\authplay.dll\"\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\rt3d.dll\"\n\n Apple Mac OS X\n\n \"/Applications/Adobe Reader 9/Adobe\n Reader.app/Contents/Frameworks/AuthPlayLib.bundle\"\n \"/Applications/Adobe Reader 9/Adobe\n Reader.app/Contents/Frameworks/Adobe3D.framework\"\n\n\n GNU/Linux (locations may vary among distributions)\n\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so\"\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so\"\n\n File locations may be different for Adobe Acrobat or other Adobe\n products that include Flash and 3D \u0026 Multimedia support. Disabling\n these plugins will reduce functionality and will not protect\n against Flash content hosted on websites. Depending on the update\n schedule for products other than Flash Player, consider leaving\n Flash and 3D \u0026 Multimedia support disabled unless they are\n absolutely required. \n\n Prevent Internet Explorer from automatically opening PDF documents\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF documents in the web browser\n\n Preventing PDF documents from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF documents from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. \n\n Disable JavaScript in Adobe Reader and Acrobat\n\n Disabling JavaScript provides some additional protection against\n attacks. Acrobat JavaScript can be disabled using the Preferences\n menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable Acrobat\n JavaScript). \n\n Enable DEP in Microsoft Windows\n\n Consider enabling Data Execution Prevention (DEP) in supported\n versions of Windows. DEP should not be treated as a complete\n workaround, but it can mitigate the execution of attacker-supplied\n code in some cases. Microsoft has published detailed technical\n information about DEP in Security Research \u0026 Defense blog posts\n \"Understanding DEP as a mitigation technology\" part 1 and part 2. \n Use of DEP should be considered in conjunction with the application\n of patches or other mitigations described in this document. \n\n Do not access PDF documents from untrusted sources\n\n Do not open unfamiliar or unexpected PDF documents, particularly\n those hosted on websites or delivered as email attachments. Please\n see Cyber Security Tip ST04-010. \n\n\nIV. References\n\n * Security Advisory for Flash Player, Adobe Reader and Acrobat -\n \u003chttp://www.adobe.com/support/security/advisories/apsa10-01.html\u003e\n\n * Adobe Labs - Flash Player 10 pre-release -\n \u003chttp://labs.adobe.com/technologies/flashplayer10/\u003e\n\n * US-CERT Vulnerability Note VU#486225 -\n \u003chttp://www.kb.cert.org/vuls/id/486225\u003e\n\n * Securing Your Web Browser -\n \u003chttp://www.us-cert.gov/reading_room/securing_browser/\u003e\n\n * Understanding DEP as a mitigation technology part 1 -\n \u003chttp://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx\u003e\n\n * Understanding DEP as a mitigation technology part 2 -\n \u003chttp://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx\u003e\n\n ____________________________________________________________________\n\n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA10-159A.html\u003e\n ____________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-159A Feedback VU#486225\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n June 08, 2010: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBTA65yT6pPKYJORa3AQLS9wf/fh+7IwRtBvoPgn8pYeOsVheLkbVLWC3W\nmiWUnY1acuPTwZzG5JcAldRHksFkx1j0mMEvp4PhtiTr51JFPi4XgDfrG4cEcVaw\nnuAqEV+hLAWZkMex/jWxBV+85tZqKN0kiUr3bq5DPsdkhjV7c2MFfS8BSxLXLuPm\nOFAXPT+XFldq6MJhYUOtWT1CIz6PNPfo68KmZaUThjdqkkBW3HQu90OSRf2c6M/u\nV6KBQf7QuhpPqYUqAZU6ZUNEfL/7g2BwvuPjUMlgE5N+Z8EYnhyhu0qDtZeLUcXA\n2gH31VEr79DUHJqpb9jk61bi5Dm4gjHeLHoTAwu0IrduZzXvWncfIg==\n=ZPZM\n-----END PGP SIGNATURE-----\n. \n\nSOLUTION:\nDelete, rename, or remove access to authplay.dll to prevent running\nSWF content in PDF files",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-2208"
},
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001714"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "BID",
"id": "41244"
},
{
"db": "VULHUB",
"id": "VHN-44813"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "90321"
}
],
"trust": 3.33
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.kb.cert.org/vuls/id/486225",
"trust": 0.8,
"type": "poc"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-2208",
"trust": 2.9
},
{
"db": "BID",
"id": "41244",
"trust": 2.2
},
{
"db": "VUPEN",
"id": "ADV-2010-1636",
"trust": 1.9
},
{
"db": "SECTRACK",
"id": "1024159",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "40026",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#486225",
"trust": 0.9
},
{
"db": "USCERT",
"id": "TA10-159A",
"trust": 0.9
},
{
"db": "USCERT",
"id": "SA10-162A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "TA10-162A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA10-159A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001714",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201006-486",
"trust": 0.7
},
{
"db": "BID",
"id": "41130",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-44813",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "93607",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90322",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90516",
"trust": 0.1
},
{
"db": "SECUNIA",
"id": "40034",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90321",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44813"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "BID",
"id": "41244"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001714"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "90321"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-486"
},
{
"db": "NVD",
"id": "CVE-2010-2208"
}
]
},
"id": "VAR-201006-1193",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-44813"
}
],
"trust": 0.01
},
"last_update_date": "2024-09-09T21:49:02.432000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-15",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"
},
{
"title": "APSB10-15",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-15.html"
},
{
"title": "RHSA-2010:0503",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0503.html"
},
{
"title": "TA10-159A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-159a.html"
},
{
"title": "TA10-162A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-162a.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001714"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44813"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001714"
},
{
"db": "NVD",
"id": "CVE-2010-2208"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/41244"
},
{
"trust": 1.9,
"url": "http://www.vupen.com/english/advisories/2010/1636"
},
{
"trust": 1.8,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7188"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1024159"
},
{
"trust": 0.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2208"
},
{
"trust": 0.8,
"url": "http://www.adobe.com/devnet/actionscript/articles/avm2overview.pdf"
},
{
"trust": 0.8,
"url": "http://labs.adobe.com/technologies/flashplayer10/"
},
{
"trust": 0.8,
"url": "http://blog.zynamics.com/2010/06/09/analyzing-the-currently-exploited-0-day-for-adobe-reader-and-adobe-flash/"
},
{
"trust": 0.8,
"url": "http://www.symantec.com/connect/blogs/analysis-zero-day-exploit-adobe-flash-and-reader"
},
{
"trust": 0.8,
"url": "http://community.websense.com/blogs/securitylabs/archive/2010/06/09/having-fun-with-adobe-0-day-exploits.aspx"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/40026"
},
{
"trust": 0.8,
"url": "http://www.f-secure.com/weblog/archives/00001962.html"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20100611-adobe.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100015.txt"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100017.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-159a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-162a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-16"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2208"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-159a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-162a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-159a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-162a.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://www.adobe.com"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/webinars/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2203"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2209"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0188"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0199"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201009-05.xml"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2205"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2211"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1285"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0199"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0190"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2210"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0188"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0198"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-07.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1297"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1241"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1295"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0203"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0190"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0198"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2207"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2168"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2201"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-16.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0186"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2212"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40026/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40026/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/486225\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-159a.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx\u003e"
},
{
"trust": 0.1,
"url": "http://labs.adobe.com/technologies/flashplayer10/\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/reading_room/securing_browser/\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx\u003e"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40034/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40034"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40034/#comments"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44813"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "BID",
"id": "41244"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001714"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "90321"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-486"
},
{
"db": "NVD",
"id": "CVE-2010-2208"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44813"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "BID",
"id": "41244"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001714"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "90321"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-486"
},
{
"db": "NVD",
"id": "CVE-2010-2208"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-06-07T00:00:00",
"db": "CERT/CC",
"id": "VU#486225"
},
{
"date": "2010-06-30T00:00:00",
"db": "VULHUB",
"id": "VHN-44813"
},
{
"date": "2010-06-24T00:00:00",
"db": "BID",
"id": "41130"
},
{
"date": "2010-06-29T00:00:00",
"db": "BID",
"id": "41244"
},
{
"date": "2010-07-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001714"
},
{
"date": "2010-09-08T05:23:46",
"db": "PACKETSTORM",
"id": "93607"
},
{
"date": "2010-06-07T11:14:28",
"db": "PACKETSTORM",
"id": "90322"
},
{
"date": "2010-06-12T04:47:27",
"db": "PACKETSTORM",
"id": "90516"
},
{
"date": "2010-06-07T11:14:25",
"db": "PACKETSTORM",
"id": "90321"
},
{
"date": "2010-06-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-486"
},
{
"date": "2010-06-30T18:30:01.723000",
"db": "NVD",
"id": "CVE-2010-2208"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-03-28T00:00:00",
"db": "CERT/CC",
"id": "VU#486225"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-44813"
},
{
"date": "2010-06-29T22:08:00",
"db": "BID",
"id": "41130"
},
{
"date": "2015-03-19T08:37:00",
"db": "BID",
"id": "41244"
},
{
"date": "2010-07-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001714"
},
{
"date": "2010-07-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-486"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2010-2208"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-486"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash ActionScript AVM2 newfunction vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201006-486"
}
],
"trust": 0.6
}
}
var-201601-0595
Vulnerability from variot
Use-after-free vulnerability in AGM.dll in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via a multiple-layer PDF document, a different vulnerability than CVE-2016-0932, CVE-2016-0937, CVE-2016-0940, and CVE-2016-0941. This vulnerability is CVE-2016-0932 , CVE-2016-0937 , CVE-2016-0940 ,and CVE-2016-0941 This is a different vulnerability. Supplementary information : CWE Vulnerability types by CWE-416: Use-after-free ( Using freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlDepending on the attacker, multiple layers PDF Arbitrary code could be executed via documentation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within AGM.dll. A specially crafted PDF with multiple layers can force a dangling pointer to be reused after it has been freed. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. A use-after-free vulnerability exists in the AGM.dll file of several Adobe products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201601-0595",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.14 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classical 15.006.30119 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20056 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classical 15.006.30119 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20056 (windows/macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.14 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.13"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-016"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001036"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-234"
},
{
"db": "NVD",
"id": "CVE-2016-0934"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001036"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "kdot",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-016"
}
],
"trust": 0.7
},
"cve": "CVE-2016-0934",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0934",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 2.5,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-88444",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2016-0934",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-0934",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-0934",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2016-0934",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-234",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-88444",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-016"
},
{
"db": "VULHUB",
"id": "VHN-88444"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001036"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-234"
},
{
"db": "NVD",
"id": "CVE-2016-0934"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in AGM.dll in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via a multiple-layer PDF document, a different vulnerability than CVE-2016-0932, CVE-2016-0937, CVE-2016-0940, and CVE-2016-0941. This vulnerability is CVE-2016-0932 , CVE-2016-0937 , CVE-2016-0940 ,and CVE-2016-0941 This is a different vulnerability. Supplementary information : CWE Vulnerability types by CWE-416: Use-after-free ( Using freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlDepending on the attacker, multiple layers PDF Arbitrary code could be executed via documentation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within AGM.dll. A specially crafted PDF with multiple layers can force a dangling pointer to be reused after it has been freed. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. A use-after-free vulnerability exists in the AGM.dll file of several Adobe products",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0934"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001036"
},
{
"db": "ZDI",
"id": "ZDI-16-016"
},
{
"db": "BID",
"id": "80358"
},
{
"db": "VULHUB",
"id": "VHN-88444"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0934",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-16-016",
"trust": 2.7
},
{
"db": "SECTRACK",
"id": "1034646",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001036",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3250",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201601-234",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-011",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-008",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-010",
"trust": 0.3
},
{
"db": "BID",
"id": "80358",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-88444",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-016"
},
{
"db": "VULHUB",
"id": "VHN-88444"
},
{
"db": "BID",
"id": "80358"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001036"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-234"
},
{
"db": "NVD",
"id": "CVE-2016-0934"
}
]
},
"id": "VAR-201601-0595",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88444"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:32:57.784000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-02",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
},
{
"title": "APSB16-02",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb16-02.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160114.html"
},
{
"title": "Multiple Adobe Remediation measures for reusing vulnerabilities after product release",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59581"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-016"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001036"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-234"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001036"
},
{
"db": "NVD",
"id": "CVE-2016-0934"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
},
{
"trust": 1.7,
"url": "http://zerodayinitiative.com/advisories/zdi-16-016"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1034646"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0934"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160113-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160003.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0934"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17575"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "https://helpx.adobe.com/security/products/reader/apsb16-02.html"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-008/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-010/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-011/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-016/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-016"
},
{
"db": "VULHUB",
"id": "VHN-88444"
},
{
"db": "BID",
"id": "80358"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001036"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-234"
},
{
"db": "NVD",
"id": "CVE-2016-0934"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-16-016"
},
{
"db": "VULHUB",
"id": "VHN-88444"
},
{
"db": "BID",
"id": "80358"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001036"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-234"
},
{
"db": "NVD",
"id": "CVE-2016-0934"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-12T00:00:00",
"db": "ZDI",
"id": "ZDI-16-016"
},
{
"date": "2016-01-14T00:00:00",
"db": "VULHUB",
"id": "VHN-88444"
},
{
"date": "2016-01-12T00:00:00",
"db": "BID",
"id": "80358"
},
{
"date": "2016-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001036"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-234"
},
{
"date": "2016-01-14T05:59:03.203000",
"db": "NVD",
"id": "CVE-2016-0934"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-12T00:00:00",
"db": "ZDI",
"id": "ZDI-16-016"
},
{
"date": "2016-12-07T00:00:00",
"db": "VULHUB",
"id": "VHN-88444"
},
{
"date": "2016-01-14T23:58:00",
"db": "BID",
"id": "80358"
},
{
"date": "2016-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001036"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-234"
},
{
"date": "2016-12-07T23:43:14.157000",
"db": "NVD",
"id": "CVE-2016-0934"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-234"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of AGM.dll Vulnerabilities in arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001036"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-234"
}
],
"trust": 0.6
}
}
var-201208-0433
Vulnerability from variot
Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE-2012-4150, CVE-2012-4151, CVE-2012-4153, CVE-2012-4154, CVE-2012-4155, CVE-2012-4156, CVE-2012-4157, CVE-2012-4158, CVE-2012-4159, and CVE-2012-4160. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201308-03
http://security.gentoo.org/
Severity: High Title: Adobe Reader: Multiple vulnerabilities Date: August 22, 2013 Bugs: #431732, #451058, #469960 ID: 201308-03
Synopsis
Multiple vulnerabilities have been found in Adobe Reader, including potential remote execution of arbitrary code and local privilege escalation.
Background
Adobe Reader is a closed-source PDF reader.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.5.5 >= 9.5.5
Description
Multiple vulnerabilities have been discovered in Adobe Reader. Please review the CVE identifiers referenced below for details. A local attacker could gain privileges via unspecified vectors.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.5.5"
References
[ 1 ] CVE-2012-1525 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525 [ 2 ] CVE-2012-1530 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530 [ 3 ] CVE-2012-2049 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049 [ 4 ] CVE-2012-2050 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050 [ 5 ] CVE-2012-2051 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051 [ 6 ] CVE-2012-4147 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147 [ 7 ] CVE-2012-4148 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748 [ 8 ] CVE-2012-4149 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149 [ 9 ] CVE-2012-4150 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150 [ 10 ] CVE-2012-4151 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151 [ 11 ] CVE-2012-4152 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152 [ 12 ] CVE-2012-4153 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153 [ 13 ] CVE-2012-4154 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154 [ 14 ] CVE-2012-4155 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155 [ 15 ] CVE-2012-4156 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156 [ 16 ] CVE-2012-4157 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157 [ 17 ] CVE-2012-4158 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158 [ 18 ] CVE-2012-4159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159 [ 19 ] CVE-2012-4160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160 [ 20 ] CVE-2012-4363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363 [ 21 ] CVE-2013-0601 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601 [ 22 ] CVE-2013-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602 [ 23 ] CVE-2013-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603 [ 24 ] CVE-2013-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604 [ 25 ] CVE-2013-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605 [ 26 ] CVE-2013-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606 [ 27 ] CVE-2013-0607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607 [ 28 ] CVE-2013-0608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608 [ 29 ] CVE-2013-0609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609 [ 30 ] CVE-2013-0610 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610 [ 31 ] CVE-2013-0611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611 [ 32 ] CVE-2013-0612 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612 [ 33 ] CVE-2013-0613 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613 [ 34 ] CVE-2013-0614 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614 [ 35 ] CVE-2013-0615 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615 [ 36 ] CVE-2013-0616 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616 [ 37 ] CVE-2013-0617 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617 [ 38 ] CVE-2013-0618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618 [ 39 ] CVE-2013-0619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619 [ 40 ] CVE-2013-0620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620 [ 41 ] CVE-2013-0621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621 [ 42 ] CVE-2013-0622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622 [ 43 ] CVE-2013-0623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623 [ 44 ] CVE-2013-0624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624 [ 45 ] CVE-2013-0626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626 [ 46 ] CVE-2013-0627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627 [ 47 ] CVE-2013-0640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640 [ 48 ] CVE-2013-0641 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641 [ 49 ] CVE-2013-2549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549 [ 50 ] CVE-2013-2550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550 [ 51 ] CVE-2013-2718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718 [ 52 ] CVE-2013-2719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719 [ 53 ] CVE-2013-2720 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720 [ 54 ] CVE-2013-2721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721 [ 55 ] CVE-2013-2722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722 [ 56 ] CVE-2013-2723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723 [ 57 ] CVE-2013-2724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724 [ 58 ] CVE-2013-2725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725 [ 59 ] CVE-2013-2726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726 [ 60 ] CVE-2013-2727 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727 [ 61 ] CVE-2013-2729 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729 [ 62 ] CVE-2013-2730 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730 [ 63 ] CVE-2013-2731 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731 [ 64 ] CVE-2013-2732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732 [ 65 ] CVE-2013-2733 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733 [ 66 ] CVE-2013-2734 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734 [ 67 ] CVE-2013-2735 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735 [ 68 ] CVE-2013-2736 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736 [ 69 ] CVE-2013-2737 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737 [ 70 ] CVE-2013-3337 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337 [ 71 ] CVE-2013-3338 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338 [ 72 ] CVE-2013-3339 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339 [ 73 ] CVE-2013-3340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340 [ 74 ] CVE-2013-3341 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341 [ 75 ] CVE-2013-3342 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201308-03.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . ----------------------------------------------------------------------
The new Secunia CSI 6.0 is now available in beta! Seamless integration with your existing security solutions Sign-up to become a Beta tester: http://secunia.com/csi6beta
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50281
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50281/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
RELEASE DATE: 2012-08-14
DISCUSS ADVISORY: http://secunia.com/advisories/50281/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50281/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.
1) An unspecified error can be exploited to cause a stack-based buffer overflow.
2) An unspecified error can be exploited to cause a buffer overflow.
3) An unspecified error can be exploited to corrupt memory.
4) Another unspecified error can be exploited to corrupt memory.
5) Another unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to cause a heap-based buffer overflow.
7) Multiple unspecified errors can be exploited to corrupt memory.
8) Two unspecified errors can be exploited to corrupt memory.
Note: Vulnerability #8 affects the Macintosh platform only.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
SOLUTION: Apply updates.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1) Pavel Polischouk, TELUS Security Labs 2) An anonymous person via Beyond Security 3) Mateusz Jurczyk, Google Security Team 4, 8) James Quirk 5) John Leitch, Microsoft 6) Nicolas Gr\xe9goire via iDefense 7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team
ORIGINAL ADVISORY: http://www.adobe.com/support/security/bulletins/apsb12-16.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201208-0433",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (windows and macintosh)"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (windows and macintosh)"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "55013"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003640"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-251"
},
{
"db": "NVD",
"id": "CVE-2012-4152"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003640"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mateusz Jurczyk and Gynvael Coldwind, of the Google Security Team",
"sources": [
{
"db": "BID",
"id": "55013"
}
],
"trust": 0.3
},
"cve": "CVE-2012-4152",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2012-4152",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-57433",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-4152",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2012-4152",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201208-251",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-57433",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57433"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003640"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-251"
},
{
"db": "NVD",
"id": "CVE-2012-4152"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE-2012-4150, CVE-2012-4151, CVE-2012-4153, CVE-2012-4154, CVE-2012-4155, CVE-2012-4156, CVE-2012-4157, CVE-2012-4158, CVE-2012-4159, and CVE-2012-4160. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201308-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Adobe Reader: Multiple vulnerabilities\n Date: August 22, 2013\n Bugs: #431732, #451058, #469960\n ID: 201308-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Adobe Reader, including\npotential remote execution of arbitrary code and local privilege\nescalation. \n\nBackground\n==========\n\nAdobe Reader is a closed-source PDF reader. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/acroread \u003c 9.5.5 \u003e= 9.5.5\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Adobe Reader. Please\nreview the CVE identifiers referenced below for details. A local attacker could gain privileges via\nunspecified vectors. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.5.5\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-1525\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525\n[ 2 ] CVE-2012-1530\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530\n[ 3 ] CVE-2012-2049\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049\n[ 4 ] CVE-2012-2050\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050\n[ 5 ] CVE-2012-2051\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051\n[ 6 ] CVE-2012-4147\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147\n[ 7 ] CVE-2012-4148\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748\n[ 8 ] CVE-2012-4149\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149\n[ 9 ] CVE-2012-4150\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150\n[ 10 ] CVE-2012-4151\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151\n[ 11 ] CVE-2012-4152\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152\n[ 12 ] CVE-2012-4153\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153\n[ 13 ] CVE-2012-4154\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154\n[ 14 ] CVE-2012-4155\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155\n[ 15 ] CVE-2012-4156\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156\n[ 16 ] CVE-2012-4157\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157\n[ 17 ] CVE-2012-4158\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158\n[ 18 ] CVE-2012-4159\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159\n[ 19 ] CVE-2012-4160\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160\n[ 20 ] CVE-2012-4363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363\n[ 21 ] CVE-2013-0601\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601\n[ 22 ] CVE-2013-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602\n[ 23 ] CVE-2013-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603\n[ 24 ] CVE-2013-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604\n[ 25 ] CVE-2013-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605\n[ 26 ] CVE-2013-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606\n[ 27 ] CVE-2013-0607\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607\n[ 28 ] CVE-2013-0608\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608\n[ 29 ] CVE-2013-0609\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609\n[ 30 ] CVE-2013-0610\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610\n[ 31 ] CVE-2013-0611\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611\n[ 32 ] CVE-2013-0612\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612\n[ 33 ] CVE-2013-0613\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613\n[ 34 ] CVE-2013-0614\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614\n[ 35 ] CVE-2013-0615\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615\n[ 36 ] CVE-2013-0616\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616\n[ 37 ] CVE-2013-0617\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617\n[ 38 ] CVE-2013-0618\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618\n[ 39 ] CVE-2013-0619\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619\n[ 40 ] CVE-2013-0620\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620\n[ 41 ] CVE-2013-0621\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621\n[ 42 ] CVE-2013-0622\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622\n[ 43 ] CVE-2013-0623\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623\n[ 44 ] CVE-2013-0624\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624\n[ 45 ] CVE-2013-0626\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626\n[ 46 ] CVE-2013-0627\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627\n[ 47 ] CVE-2013-0640\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640\n[ 48 ] CVE-2013-0641\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641\n[ 49 ] CVE-2013-2549\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549\n[ 50 ] CVE-2013-2550\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550\n[ 51 ] CVE-2013-2718\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718\n[ 52 ] CVE-2013-2719\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719\n[ 53 ] CVE-2013-2720\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720\n[ 54 ] CVE-2013-2721\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721\n[ 55 ] CVE-2013-2722\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722\n[ 56 ] CVE-2013-2723\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723\n[ 57 ] CVE-2013-2724\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724\n[ 58 ] CVE-2013-2725\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725\n[ 59 ] CVE-2013-2726\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726\n[ 60 ] CVE-2013-2727\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727\n[ 61 ] CVE-2013-2729\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729\n[ 62 ] CVE-2013-2730\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730\n[ 63 ] CVE-2013-2731\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731\n[ 64 ] CVE-2013-2732\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732\n[ 65 ] CVE-2013-2733\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733\n[ 66 ] CVE-2013-2734\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734\n[ 67 ] CVE-2013-2735\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735\n[ 68 ] CVE-2013-2736\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736\n[ 69 ] CVE-2013-2737\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737\n[ 70 ] CVE-2013-3337\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337\n[ 71 ] CVE-2013-3338\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338\n[ 72 ] CVE-2013-3339\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339\n[ 73 ] CVE-2013-3340\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340\n[ 74 ] CVE-2013-3341\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341\n[ 75 ] CVE-2013-3342\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201308-03.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ----------------------------------------------------------------------\n\nThe new Secunia CSI 6.0 is now available in beta!\nSeamless integration with your existing security solutions Sign-up to \nbecome a Beta tester: http://secunia.com/csi6beta\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50281\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50281/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nRELEASE DATE:\n2012-08-14\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50281/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50281/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader and Adobe\nAcrobat, which can be exploited by malicious people to compromise a\nuser\u0027s system. \n\n1) An unspecified error can be exploited to cause a stack-based\nbuffer overflow. \n\n2) An unspecified error can be exploited to cause a buffer overflow. \n\n3) An unspecified error can be exploited to corrupt memory. \n\n4) Another unspecified error can be exploited to corrupt memory. \n\n5) Another unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to cause a heap-based buffer\noverflow. \n\n7) Multiple unspecified errors can be exploited to corrupt memory. \n\n8) Two unspecified errors can be exploited to corrupt memory. \n\nNote: Vulnerability #8 affects the Macintosh platform only. \n\nSuccessful exploitation of the vulnerabilities may allow execution of\narbitrary code. \n\nSOLUTION:\nApply updates. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1) Pavel Polischouk, TELUS Security Labs\n2) An anonymous person via Beyond Security\n3) Mateusz Jurczyk, Google Security Team\n4, 8) James Quirk\n5) John Leitch, Microsoft\n6) Nicolas Gr\\xe9goire via iDefense\n7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team\n\nORIGINAL ADVISORY:\nhttp://www.adobe.com/support/security/bulletins/apsb12-16.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4152"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003640"
},
{
"db": "BID",
"id": "55013"
},
{
"db": "VULHUB",
"id": "VHN-57433"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-4152",
"trust": 2.9
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003640",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201208-251",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "50281",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "20341",
"trust": 0.6
},
{
"db": "BID",
"id": "55013",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-57433",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "122930",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "115524",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57433"
},
{
"db": "BID",
"id": "55013"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003640"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-251"
},
{
"db": "NVD",
"id": "CVE-2012-4152"
}
]
},
"id": "VAR-201208-0433",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-57433"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:46:30.053000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"title": "APSB12-16 (cq08100817)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/acrobat/kb/cq08100817.html"
},
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb12-16.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20120816.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003640"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57433"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003640"
},
{
"db": "NVD",
"id": "CVE-2012-4152"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"trust": 1.2,
"url": "http://security.gentoo.org/glsa/glsa-201308-03.xml"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a15501"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4152"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2012/at120023.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4152"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50281"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/20341"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3338"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4147"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4155"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4152"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2729"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2718"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0611"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2719"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2722"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4147"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4152"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0620"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2725"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2721"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1525"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4153"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0607"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0617"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4151"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0615"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0601"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1525"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2735"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2726"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2737"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2549"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4154"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2727"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0608"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4157"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1530"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2734"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4157"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4153"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4150"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3342"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0641"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0610"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2731"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0623"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2049"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2733"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2736"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3337"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2050"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2720"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0614"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1530"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2730"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0616"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4151"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0619"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4150"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4154"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3341"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2550"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0640"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4155"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2049"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2732"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2724"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0612"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0613"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2723"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2050"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0621"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0601"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/"
},
{
"trust": 0.1,
"url": "http://secunia.com/csi6beta"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57433"
},
{
"db": "BID",
"id": "55013"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003640"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-251"
},
{
"db": "NVD",
"id": "CVE-2012-4152"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-57433"
},
{
"db": "BID",
"id": "55013"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003640"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-251"
},
{
"db": "NVD",
"id": "CVE-2012-4152"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-15T00:00:00",
"db": "VULHUB",
"id": "VHN-57433"
},
{
"date": "2012-08-14T00:00:00",
"db": "BID",
"id": "55013"
},
{
"date": "2012-08-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003640"
},
{
"date": "2013-08-23T06:29:02",
"db": "PACKETSTORM",
"id": "122930"
},
{
"date": "2012-08-14T04:36:45",
"db": "PACKETSTORM",
"id": "115524"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-251"
},
{
"date": "2012-08-15T10:31:41.397000",
"db": "NVD",
"id": "CVE-2012-4152"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-57433"
},
{
"date": "2013-08-26T00:16:00",
"db": "BID",
"id": "55013"
},
{
"date": "2012-08-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003640"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-251"
},
{
"date": "2017-09-19T01:35:16.793000",
"db": "NVD",
"id": "CVE-2012-4152"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-251"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X upper Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003640"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-251"
}
],
"trust": 0.6
}
}
var-201601-0597
Vulnerability from variot
Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JPEG 2000 data, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of PDFs that contain embedded JPEG2000 files. The issue lies in the failure to ensure that indexes are within the bounds of an allocated buffer. An attacker could leverage this vulnerability to execute code under the context of the current process. Adobe Acrobat and Reader are prone to multiple memory-corruption vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Security flaws exist in several Adobe products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201601-0597",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.14 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30119 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20056 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30119 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20056 (windows/macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.14 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.006.30097"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-014"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001038"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-236"
},
{
"db": "NVD",
"id": "CVE-2016-0936"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001038"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jaanus Kp Clarified Security",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-014"
}
],
"trust": 0.7
},
"cve": "CVE-2016-0936",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0936",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0936",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-88446",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2016-0936",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-0936",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-0936",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2016-0936",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-236",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-88446",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-014"
},
{
"db": "VULHUB",
"id": "VHN-88446"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001038"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-236"
},
{
"db": "NVD",
"id": "CVE-2016-0936"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JPEG 2000 data, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of PDFs that contain embedded JPEG2000 files. The issue lies in the failure to ensure that indexes are within the bounds of an allocated buffer. An attacker could leverage this vulnerability to execute code under the context of the current process. Adobe Acrobat and Reader are prone to multiple memory-corruption vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Security flaws exist in several Adobe products",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0936"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001038"
},
{
"db": "ZDI",
"id": "ZDI-16-014"
},
{
"db": "BID",
"id": "80361"
},
{
"db": "VULHUB",
"id": "VHN-88446"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0936",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-16-014",
"trust": 2.7
},
{
"db": "SECTRACK",
"id": "1034646",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001038",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3254",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201601-236",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-015",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-009",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-013",
"trust": 0.3
},
{
"db": "BID",
"id": "80361",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-88446",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-014"
},
{
"db": "VULHUB",
"id": "VHN-88446"
},
{
"db": "BID",
"id": "80361"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001038"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-236"
},
{
"db": "NVD",
"id": "CVE-2016-0936"
}
]
},
"id": "VAR-201601-0597",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88446"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:32:57.860000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-02",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
},
{
"title": "APSB16-02",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb16-02.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160114.html"
},
{
"title": "Multiple Adobe Product Buffer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59583"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-014"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001038"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-236"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88446"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001038"
},
{
"db": "NVD",
"id": "CVE-2016-0936"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
},
{
"trust": 1.7,
"url": "http://zerodayinitiative.com/advisories/zdi-16-014"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1034646"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0936"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160113-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160003.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0936"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17575"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
},
{
"trust": 0.3,
"url": "https://helpx.adobe.com/security/products/reader/apsb16-02.html"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-009/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-013/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-014/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-015/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-014"
},
{
"db": "VULHUB",
"id": "VHN-88446"
},
{
"db": "BID",
"id": "80361"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001038"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-236"
},
{
"db": "NVD",
"id": "CVE-2016-0936"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-16-014"
},
{
"db": "VULHUB",
"id": "VHN-88446"
},
{
"db": "BID",
"id": "80361"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001038"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-236"
},
{
"db": "NVD",
"id": "CVE-2016-0936"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-12T00:00:00",
"db": "ZDI",
"id": "ZDI-16-014"
},
{
"date": "2016-01-14T00:00:00",
"db": "VULHUB",
"id": "VHN-88446"
},
{
"date": "2016-01-12T00:00:00",
"db": "BID",
"id": "80361"
},
{
"date": "2016-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001038"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-236"
},
{
"date": "2016-01-14T05:59:05.233000",
"db": "NVD",
"id": "CVE-2016-0936"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-12T00:00:00",
"db": "ZDI",
"id": "ZDI-16-014"
},
{
"date": "2016-12-07T00:00:00",
"db": "VULHUB",
"id": "VHN-88446"
},
{
"date": "2016-01-14T23:58:00",
"db": "BID",
"id": "80361"
},
{
"date": "2016-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001038"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-236"
},
{
"date": "2016-12-07T23:42:29.777000",
"db": "NVD",
"id": "CVE-2016-0936"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-236"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001038"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-236"
}
],
"trust": 0.6
}
}
var-201510-0041
Vulnerability from variot
The ANVerifyComments method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the ANVerifyComments method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the ANVerifyComments method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0041",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-494"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005295"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-241"
},
{
"db": "NVD",
"id": "CVE-2015-7616"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005295"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-494"
}
],
"trust": 0.7
},
"cve": "CVE-2015-7616",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-7616",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.7,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-7616",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-85577",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-7616",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-7616",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-7616",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-241",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-85577",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-494"
},
{
"db": "VULHUB",
"id": "VHN-85577"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005295"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-241"
},
{
"db": "NVD",
"id": "CVE-2015-7616"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The ANVerifyComments method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the ANVerifyComments method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the ANVerifyComments method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7616"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005295"
},
{
"db": "ZDI",
"id": "ZDI-15-494"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "VULHUB",
"id": "VHN-85577"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-7616",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-494",
"trust": 2.4
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005295",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3073",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-241",
"trust": 0.7
},
{
"db": "BID",
"id": "77074",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-85577",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-494"
},
{
"db": "VULHUB",
"id": "VHN-85577"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005295"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-241"
},
{
"db": "NVD",
"id": "CVE-2015-7616"
}
]
},
"id": "VAR-201510-0041",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-85577"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:36.405000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58090"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-494"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005295"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-241"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85577"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005295"
},
{
"db": "NVD",
"id": "CVE-2015-7616"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-494"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7616"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7616"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-494"
},
{
"db": "VULHUB",
"id": "VHN-85577"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005295"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-241"
},
{
"db": "NVD",
"id": "CVE-2015-7616"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-494"
},
{
"db": "VULHUB",
"id": "VHN-85577"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005295"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-241"
},
{
"db": "NVD",
"id": "CVE-2015-7616"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-494"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-85577"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005295"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-241"
},
{
"date": "2015-10-14T23:59:49.997000",
"db": "NVD",
"id": "CVE-2015-7616"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-494"
},
{
"date": "2020-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-85577"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005295"
},
{
"date": "2020-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-241"
},
{
"date": "2021-09-08T17:19:32.520000",
"db": "NVD",
"id": "CVE-2015-7616"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-241"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of ANVerifyComments In the method JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005295"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-241"
}
],
"trust": 0.6
}
}
var-201004-0120
Vulnerability from variot
Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0198, CVE-2010-0199, and CVE-2010-0203. Adobe Reader and Acrobat Contains a buffer overflow vulnerability. This vulnerability CVE-2010-0198 , CVE-2010-0199 and CVE-2010-0203 Is a different vulnerability.An attacker could execute arbitrary code. Attackers can exploit these issues to steal cookie-based authentication credentials, cause a denial-of-service, or execute arbitrary code in the context of the user running an affected application.
I. These vulnerabilities affect Reader and Acrobat 9.3.1 and earlier 9.x versions, and 8.2.1 and earlier versions.
An attacker could exploit these vulnerabilities by convincing a user to open a specially crafted PDF file. The Adobe Reader browser plug-in is available for multiple web browsers and operating systems, which can automatically open PDF documents hosted on a website.
II.
III. For a fresh installation, first install Adobe Reader 9.3.0 or 8.2.0 and then use the automatic update feature or install the appropriate update referenced in APSB10-09. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Adobe provides a framework to blacklist specific JavaScipt APIs. If JavaScript must be enabled, this feature may be useful when specific APIs are known to be vulnerable or used in attacks.
Prevent Internet Explorer from automatically opening PDF documents
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7] "EditFlags"=hex:00,00,00,00
Disable the display of PDF documents in the web browser
Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF documents from automatically being opened in a web browser, do the following:
- Open the Edit menu.
- Choose the Preferences option.
- Choose the Internet section.
- Uncheck the "Display PDF in browser" checkbox.
Do not access PDF documents from untrusted sources
Do not open unfamiliar or unexpected PDF documents, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. Please send email to cert@cert.org with "TA10-103C Feedback VU#352598" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
April 13, 2010: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBS8TuRj6pPKYJORa3AQJfzggAj8p3s/TrJT16ceFtRzLR31QBgRq6GxYr h8WnsGlj2WR71XjH219XaWx9Mj3KBWVxbAsNPmK0tEir7KA+n4DwZCewTDYRqfYs 8N7G9MOI68Z87+7zBiZAo0j5/lQuxLWyTF9PqWbX8gCWLqJWW46cEZCqg7OGRbYt w8coxdMXU6tM3WGoWAIKwLRtpQUdubcITPTrE7RATyLJ1422B9dkTSeSCuHHZs5d eXSPYzTQ1EOwHpuA5/a/or2SjeRPLQcpxb/8WKelSqwW3hpK4zviEnPt4cYyeNqW BQY06OQMTKch/nmniuEDuiwe69m0gTw7Tw2Dm6xrg6BLBy3A6GAwkQ== =CQ6i -----END PGP SIGNATURE----- . They are used to create, view, search, digitally sign, verify, print, and collaborate on Adobe PDF files."
II. Binary Analysis & Proof-of-concept
In-depth binary analysis of the vulnerability and a code execution exploit with DEP bypass have been released by VUPEN through the VUPEN Binary Analysis & Exploits Service :
http://www.vupen.com/exploits/
V.
VI. CREDIT
The vulnerability was discovered by Nicolas Joly of VUPEN Security
VII. ABOUT VUPEN Security
VUPEN is a leading IT security research company providing vulnerability management and security intelligence solutions which enable enterprises and institutions to eliminate vulnerabilities before they can be exploited, ensure security policy compliance and meaningfully measure and manage risks.
Governmental and federal agencies, and global enterprises in the financial services, insurance, manufacturing and technology industries rely on VUPEN to improve their security, prioritize resources, cut time and costs, and stay ahead of the latest threats.
- VUPEN Vulnerability Notification Service:
http://www.vupen.com/english/services/
- VUPEN Binary Analysis & Exploits Service :
http://www.vupen.com/exploits/
VIII. REFERENCES
http://www.vupen.com/english/advisories/2010/0873 http://www.adobe.com/support/security/bulletins/apsb10-09.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202
IX. DISCLOSURE TIMELINE
2010-03-16 - Vendor notified 2010-03-16 - Vendor response 2010-04-07 - Status update received 2010-04-13 - Coordinated public Disclosure
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201009-05
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: September 07, 2010 Bugs: #297385, #306429, #313343, #322857 ID: 201009-05
Synopsis
Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code or other attacks. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.3.4"
References
[ 1 ] APSA10-01 http://www.adobe.com/support/security/advisories/apsa10-01.html [ 2 ] APSB10-02 http://www.adobe.com/support/security/bulletins/apsb10-02.html [ 3 ] APSB10-07 http://www.adobe.com/support/security/bulletins/apsb10-07.html [ 4 ] APSB10-09 http://www.adobe.com/support/security/bulletins/apsb10-09.html [ 5 ] APSB10-14 http://www.adobe.com/support/security/bulletins/apsb10-14.html [ 6 ] APSB10-16 http://www.adobe.com/support/security/bulletins/apsb10-16.html [ 7 ] CVE-2009-3953 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953 [ 8 ] CVE-2009-4324 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324 [ 9 ] CVE-2010-0186 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186 [ 10 ] CVE-2010-0188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188 [ 11 ] CVE-2010-0190 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190 [ 12 ] CVE-2010-0191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191 [ 13 ] CVE-2010-0192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192 [ 14 ] CVE-2010-0193 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193 [ 15 ] CVE-2010-0194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194 [ 16 ] CVE-2010-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195 [ 17 ] CVE-2010-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196 [ 18 ] CVE-2010-0197 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197 [ 19 ] CVE-2010-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198 [ 20 ] CVE-2010-0199 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199 [ 21 ] CVE-2010-0201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201 [ 22 ] CVE-2010-0202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202 [ 23 ] CVE-2010-0203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203 [ 24 ] CVE-2010-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204 [ 25 ] CVE-2010-1241 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241 [ 26 ] CVE-2010-1285 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285 [ 27 ] CVE-2010-1295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295 [ 28 ] CVE-2010-1297 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297 [ 29 ] CVE-2010-2168 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168 [ 30 ] CVE-2010-2201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201 [ 31 ] CVE-2010-2202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202 [ 32 ] CVE-2010-2203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203 [ 33 ] CVE-2010-2204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204 [ 34 ] CVE-2010-2205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205 [ 35 ] CVE-2010-2206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206 [ 36 ] CVE-2010-2207 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207 [ 37 ] CVE-2010-2208 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208 [ 38 ] CVE-2010-2209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209 [ 39 ] CVE-2010-2210 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210 [ 40 ] CVE-2010-2211 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211 [ 41 ] CVE-2010-2212 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201009-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201004-0120",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.4.z (server)"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0.0"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0"
}
],
"sources": [
{
"db": "BID",
"id": "39514"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001357"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-255"
},
{
"db": "NVD",
"id": "CVE-2010-0202"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001357"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Billy Rios and Microsoft Vulnerability Research (MSVR), Aki Helin of Oulu University Secure Programming Group, Microsoft Vulnerability Research Program (MSVR), Bing Liu of Fortinet\u0027s FortiGuard Labs, an anonymous researcher reported through TippingPoint\u0026a",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-255"
}
],
"trust": 0.6
},
"cve": "CVE-2010-0202",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-0202",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-42807",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-0202",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2010-0202",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201004-255",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-42807",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42807"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001357"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-255"
},
{
"db": "NVD",
"id": "CVE-2010-0202"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0198, CVE-2010-0199, and CVE-2010-0203. Adobe Reader and Acrobat Contains a buffer overflow vulnerability. This vulnerability CVE-2010-0198 , CVE-2010-0199 and CVE-2010-0203 Is a different vulnerability.An attacker could execute arbitrary code. \nAttackers can exploit these issues to steal cookie-based authentication credentials, cause a denial-of-service, or execute arbitrary code in the context of the user running an affected application. \n\n\nI. These\n vulnerabilities affect Reader and Acrobat 9.3.1 and earlier 9.x\n versions, and 8.2.1 and earlier versions. \n\n An attacker could exploit these vulnerabilities by convincing a\n user to open a specially crafted PDF file. The Adobe Reader browser\n plug-in is available for multiple web browsers and operating\n systems, which can automatically open PDF documents hosted on a\n website. \n\n\nII. \n\n\nIII. For a fresh installation, first install\n Adobe Reader 9.3.0 or 8.2.0 and then use the automatic update\n feature or install the appropriate update referenced in APSB10-09. Acrobat JavaScript can be disabled using the\n Preferences menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable\n Acrobat JavaScript). \n\n Adobe provides a framework to blacklist specific JavaScipt APIs. If\n JavaScript must be enabled, this feature may be useful when\n specific APIs are known to be vulnerable or used in attacks. \n\n Prevent Internet Explorer from automatically opening PDF documents\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF documents in the web browser\n\n Preventing PDF documents from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF documents from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. \n\n Do not access PDF documents from untrusted sources\n\n Do not open unfamiliar or unexpected PDF documents, particularly\n those hosted on websites or delivered as email attachments. Please\n see Cyber Security Tip ST04-010. \n\n\nIV. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-103C Feedback VU#352598\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n April 13, 2010: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBS8TuRj6pPKYJORa3AQJfzggAj8p3s/TrJT16ceFtRzLR31QBgRq6GxYr\nh8WnsGlj2WR71XjH219XaWx9Mj3KBWVxbAsNPmK0tEir7KA+n4DwZCewTDYRqfYs\n8N7G9MOI68Z87+7zBiZAo0j5/lQuxLWyTF9PqWbX8gCWLqJWW46cEZCqg7OGRbYt\nw8coxdMXU6tM3WGoWAIKwLRtpQUdubcITPTrE7RATyLJ1422B9dkTSeSCuHHZs5d\neXSPYzTQ1EOwHpuA5/a/or2SjeRPLQcpxb/8WKelSqwW3hpK4zviEnPt4cYyeNqW\nBQY06OQMTKch/nmniuEDuiwe69m0gTw7Tw2Dm6xrg6BLBy3A6GAwkQ==\n=CQ6i\n-----END PGP SIGNATURE-----\n. They are used to create, view, search, digitally\nsign, verify, print, and collaborate on Adobe PDF files.\"\n\n\nII. Binary Analysis \u0026 Proof-of-concept\n---------------------------------------\n\nIn-depth binary analysis of the vulnerability and a code execution\nexploit with DEP bypass have been released by VUPEN through the\nVUPEN Binary Analysis \u0026 Exploits Service :\n\nhttp://www.vupen.com/exploits/\n\n\nV. \n\n\nVI. CREDIT\n--------------\n\nThe vulnerability was discovered by Nicolas Joly of VUPEN Security\n\n\nVII. ABOUT VUPEN Security\n---------------------------\n\nVUPEN is a leading IT security research company providing vulnerability\nmanagement and security intelligence solutions which enable enterprises\nand institutions to eliminate vulnerabilities before they can be exploited,\nensure security policy compliance and meaningfully measure and manage risks. \n\nGovernmental and federal agencies, and global enterprises in the financial\nservices, insurance, manufacturing and technology industries rely on VUPEN\nto improve their security, prioritize resources, cut time and costs, and\nstay ahead of the latest threats. \n\n* VUPEN Vulnerability Notification Service:\n\nhttp://www.vupen.com/english/services/\n\n* VUPEN Binary Analysis \u0026 Exploits Service :\n\nhttp://www.vupen.com/exploits/\n\n\nVIII. REFERENCES\n----------------------\n\nhttp://www.vupen.com/english/advisories/2010/0873\nhttp://www.adobe.com/support/security/bulletins/apsb10-09.html\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202\n\n\nIX. DISCLOSURE TIMELINE\n----------------------------------- \n\n2010-03-16 - Vendor notified\n2010-03-16 - Vendor response\n2010-04-07 - Status update received\n2010-04-13 - Coordinated public Disclosure\n\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201009-05\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: September 07, 2010\n Bugs: #297385, #306429, #313343, #322857\n ID: 201009-05\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might result in the execution\nof arbitrary code or other attacks. For further\ninformation please consult the CVE entries and the Adobe Security\nBulletins referenced below. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.3.4\"\n\nReferences\n==========\n\n [ 1 ] APSA10-01\n http://www.adobe.com/support/security/advisories/apsa10-01.html\n [ 2 ] APSB10-02\n http://www.adobe.com/support/security/bulletins/apsb10-02.html\n [ 3 ] APSB10-07\n http://www.adobe.com/support/security/bulletins/apsb10-07.html\n [ 4 ] APSB10-09\n http://www.adobe.com/support/security/bulletins/apsb10-09.html\n [ 5 ] APSB10-14\n http://www.adobe.com/support/security/bulletins/apsb10-14.html\n [ 6 ] APSB10-16\n http://www.adobe.com/support/security/bulletins/apsb10-16.html\n [ 7 ] CVE-2009-3953\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953\n [ 8 ] CVE-2009-4324\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324\n [ 9 ] CVE-2010-0186\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186\n [ 10 ] CVE-2010-0188\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188\n [ 11 ] CVE-2010-0190\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190\n [ 12 ] CVE-2010-0191\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191\n [ 13 ] CVE-2010-0192\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192\n [ 14 ] CVE-2010-0193\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193\n [ 15 ] CVE-2010-0194\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194\n [ 16 ] CVE-2010-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195\n [ 17 ] CVE-2010-0196\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196\n [ 18 ] CVE-2010-0197\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197\n [ 19 ] CVE-2010-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198\n [ 20 ] CVE-2010-0199\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199\n [ 21 ] CVE-2010-0201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201\n [ 22 ] CVE-2010-0202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202\n [ 23 ] CVE-2010-0203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203\n [ 24 ] CVE-2010-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204\n [ 25 ] CVE-2010-1241\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241\n [ 26 ] CVE-2010-1285\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285\n [ 27 ] CVE-2010-1295\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295\n [ 28 ] CVE-2010-1297\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297\n [ 29 ] CVE-2010-2168\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168\n [ 30 ] CVE-2010-2201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201\n [ 31 ] CVE-2010-2202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202\n [ 32 ] CVE-2010-2203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203\n [ 33 ] CVE-2010-2204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204\n [ 34 ] CVE-2010-2205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205\n [ 35 ] CVE-2010-2206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206\n [ 36 ] CVE-2010-2207\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207\n [ 37 ] CVE-2010-2208\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208\n [ 38 ] CVE-2010-2209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209\n [ 39 ] CVE-2010-2210\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210\n [ 40 ] CVE-2010-2211\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211\n [ 41 ] CVE-2010-2212\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201009-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-0202"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001357"
},
{
"db": "BID",
"id": "39514"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "VULHUB",
"id": "VHN-42807"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "88446"
},
{
"db": "PACKETSTORM",
"id": "93607"
}
],
"trust": 2.52
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-42807",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42807"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-0202",
"trust": 3.0
},
{
"db": "VUPEN",
"id": "ADV-2010-0873",
"trust": 2.6
},
{
"db": "USCERT",
"id": "TA10-103C",
"trust": 2.6
},
{
"db": "BID",
"id": "39329",
"trust": 2.0
},
{
"db": "BID",
"id": "39514",
"trust": 1.2
},
{
"db": "USCERT",
"id": "SA10-103C",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001357",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201004-255",
"trust": 0.7
},
{
"db": "CERT/CC",
"id": "TA10-103C",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "88446",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-42807",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88345",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "93607",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42807"
},
{
"db": "BID",
"id": "39514"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001357"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "88446"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-255"
},
{
"db": "NVD",
"id": "CVE-2010-0202"
}
]
},
"id": "VAR-201004-0120",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-42807"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:22:19.944000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-09",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"title": "APSB10-09",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-09.html"
},
{
"title": "RHSA-2010:0349",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0349.html"
},
{
"title": "TA10-103C",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-103c.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001357"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42807"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001357"
},
{
"db": "NVD",
"id": "CVE-2010-0202"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.vupen.com/english/advisories/2010/0873"
},
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-103c.html"
},
{
"trust": 2.5,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/39329"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a6733"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0202"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100009.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-103c/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-13/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0202"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/39514"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-103c.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/index.html#topics"
},
{
"trust": 0.6,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "/archive/1/510754"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-103c.html\u003e"
},
{
"trust": 0.1,
"url": "http://kb2.adobe.com/cps/504/cpsid_50431.html\u003e"
},
{
"trust": 0.1,
"url": "http://blogs.adobe.com/adobereader/2010/04/upcoming_adobe_reader_and_acro.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/research.php"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/services/"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/exploits/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2203"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2209"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0188"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0194"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0199"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201009-05.xml"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2205"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2211"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1285"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0199"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0190"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2210"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0188"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0198"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-07.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1297"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1241"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1295"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2208"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0190"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0198"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2207"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2168"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2201"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-16.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0186"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2212"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42807"
},
{
"db": "BID",
"id": "39514"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001357"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "88446"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-255"
},
{
"db": "NVD",
"id": "CVE-2010-0202"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-42807"
},
{
"db": "BID",
"id": "39514"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001357"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "88446"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-255"
},
{
"db": "NVD",
"id": "CVE-2010-0202"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-14T00:00:00",
"db": "VULHUB",
"id": "VHN-42807"
},
{
"date": "2010-04-13T00:00:00",
"db": "BID",
"id": "39514"
},
{
"date": "2010-04-08T00:00:00",
"db": "BID",
"id": "39329"
},
{
"date": "2010-04-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001357"
},
{
"date": "2010-04-14T07:04:22",
"db": "PACKETSTORM",
"id": "88345"
},
{
"date": "2010-04-16T02:28:25",
"db": "PACKETSTORM",
"id": "88446"
},
{
"date": "2010-09-08T05:23:46",
"db": "PACKETSTORM",
"id": "93607"
},
{
"date": "2010-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-255"
},
{
"date": "2010-04-14T16:00:01.273000",
"db": "NVD",
"id": "CVE-2010-0202"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-42807"
},
{
"date": "2015-03-19T09:22:00",
"db": "BID",
"id": "39514"
},
{
"date": "2010-04-16T15:53:00",
"db": "BID",
"id": "39329"
},
{
"date": "2010-04-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001357"
},
{
"date": "2010-04-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-255"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2010-0202"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "39514"
},
{
"db": "BID",
"id": "39329"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001357"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-255"
}
],
"trust": 0.6
}
}
var-201102-0061
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via crafted JP2K record types in a JPEG2000 image in a PDF file, which causes heap corruption, a different vulnerability than CVE-2011-0596, CVE-2011-0598, and CVE-2011-0599. Adobe Reader and Acrobat Contains a vulnerability that allows arbitrary code execution. This vulnerability CVE-2011-0596 , CVE-2011-0598 and CVE-2011-0599 Is a different vulnerability.A third party may execute arbitrary code through the image.
For more information: SA43207
SOLUTION: Updated packages are available via Red Hat Network. BACKGROUND
Adobe Reader/Acrobat is a Portable Document Format Viewer (PDF). For more information, see the vendor's site found at the following link.
http://www.adobe.com/products/reader/
II.
JPEG2000 (JP2K) is an image file format similar to JPEG. In addition to JPEG markers, JP2K files also provide "boxes" that define different image properties. Several different JP2K record types are involved in the vulnerability. It is possible to increment a buffer index beyond the allocated data, and store pointers to file data at that location. This can result in the corruption of heap structures and application data, which leads to the execution of arbitrary code.
III. ANALYSIS
Exploitation of this vulnerability results in the execution of arbitrary code with the privileges of the user viewing the web page or opening the file. Since PDF files can be embedded into web pages and parsed without interaction by default, this vulnerability can be exploited as a typical browser vulnerability. To exploit this vulnerability, a targeted user must load a malicious webpage created by an attacker. An attacker typically accomplishes this via social engineering or injecting content into compromised, trusted sites. After the user visits the malicious web page, no further user interaction is needed.
IV. A full list of vulnerable Adobe products can be found in Adobe Security Bulletin APSB11-03.
V. WORKAROUND
Disabling the web view mode of Adobe Reader will prevent exploitation through the browser.
VI. VENDOR RESPONSE
Adobe has addressed this issue with an update. Further details and patches can be found at the following URL.
http://www.adobe.com/support/security/bulletins/apsb11-03.html
VII. This is a candidate for inclusion in the CVE list (http://cve.mitre.org/), which standardizes names for security problems.
VIII. DISCLOSURE TIMELINE
11/17/2010 Initial Vendor Notification 11/17/2010 Initial Vendor Reply 02/08/2011 Coordinated Public Disclosure
IX.
Get paid for vulnerability research http://labs.idefense.com/methodology/vulnerability/vcp.php
Free tools, research and upcoming events http://labs.idefense.com/
X. LEGAL NOTICES
Copyright \xa9 2011 iDefense, Inc.
Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDefense. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please e-mail customerservice@idefense.com for permission.
Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information. ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA43207
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43207/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
RELEASE DATE: 2011-02-09
DISCUSS ADVISORY: http://secunia.com/advisories/43207/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43207/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader / Acrobat, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks and compromise a user's system.
2) An unspecified error can be exploited to corrupt memory.
3) An unspecified error related to file permissions in Windows-based versions can be exploited to gain escalated privileges.
4) An unspecified error may allow code execution.
5) An unspecified error when parsing images can be exploited to corrupt memory.
6) An error in AcroRd32.dll when parsing certain images can be exploited to corrupt memory.
7) An unspecified error in the Macintosh-based versions may allow code execution.
9) An unspecified error may allow code execution.
10) A input validation error may allow code execution.
11) An input validation error can be exploited to conduct cross-site scripting attacks.
13) An unspecified error can be exploited to corrupt memory.
14) A boundary error when decoding U3D image data in an IFF file can be exploited to cause a buffer overflow.
15) A boundary error when decoding U3D image data in a RGBA file can be exploited to cause a buffer overflow.
16) A boundary error when decoding U3D image data in a BMP file can be exploited to cause a buffer overflow.
17) A boundary error when decoding U3D image data in a PSD file can be exploited to cause a buffer overflow.
18) An input validation error when parsing fonts may allow code execution.
19) A boundary error when decoding U3D image data in a FLI file can be exploited to cause a buffer overflow.
20) An error in 2d.dll when parsing height and width values of RLE_8 compressed BMP files can be exploited to cause a heap-based buffer overflow.
21) An integer overflow in ACE.dll when parsing certain ICC data can be exploited to cause a buffer overflow.
22) A boundary error in rt3d.dll when parsing bits per pixel and number of colors if 4/8-bit RLE compressed BMP files can be exploited to cause a heap-based buffer overflow.
23) An error in the U3D implementation when handling the Parent Node count can be exploited to cause a buffer overflow.
24) A boundary error when processing JPEG files embedded in a PDF file can be exploited to corrupt heap memory.
25) An unspecified error when parsing images may allow code execution.
26) An input validation error can be exploited to conduct cross-site scripting attacks.
27) An unspecified error in the Macintosh-based versions may allow code execution.
28) A boundary error in rt3d.dll when parsing certain files can be exploited to cause a stack-based buffer overflow.
29) An integer overflow in the U3D implementation when parsing a ILBM texture file can be exploited to cause a buffer overflow.
30) Some vulnerabilities are caused due to vulnerabilities in the bundled version of Adobe Flash Player.
For more information: SA43267
The vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1 and prior, and 10.0 and prior.
SOLUTION: Update to version 8.2.6, 9.4.2, or 10.0.1.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: 2) Bing Liu, Fortinet's FortiGuard Labs. 6) Abdullah Ada via ZDI. 8) Haifei Li, Fortinet's FortiGuard Labs. 14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. 21) Sebastian Apelt via ZDI. 23) el via ZDI. 14) Sean Larsson, iDefense Labs. 28) An anonymous person via ZDI.
The vendor also credits: 1) Mitja Kolsek, ACROS Security. 3) Matthew Pun. 4, 5, 18) Tavis Ormandy, Google Security Team. 7) James Quirk. 9) Brett Gervasoni, Sense of Security. 10) Joe Schatz. 11, 26) Billy Rios, Google Security Team. 12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. 13) CESG. 25) Will Dormann, CERT. 27) Marc Schoenefeld, Red Hat Security Response Team.
ORIGINAL ADVISORY: Adobe (APSB11-03) http://www.adobe.com/support/security/bulletins/apsb11-03.html http://www.adobe.com/support/security/bulletins/apsb11-02.html
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-065/ http://www.zerodayinitiative.com/advisories/ZDI-11-066/ http://www.zerodayinitiative.com/advisories/ZDI-11-067/ http://www.zerodayinitiative.com/advisories/ZDI-11-068/ http://www.zerodayinitiative.com/advisories/ZDI-11-069/ http://www.zerodayinitiative.com/advisories/ZDI-11-070/ http://www.zerodayinitiative.com/advisories/ZDI-11-071/ http://www.zerodayinitiative.com/advisories/ZDI-11-072/ http://www.zerodayinitiative.com/advisories/ZDI-11-073/ http://www.zerodayinitiative.com/advisories/ZDI-11-074/ http://www.zerodayinitiative.com/advisories/ZDI-11-075/ http://www.zerodayinitiative.com/advisories/ZDI-11-077/
FortiGuard Labs: http://www.fortiguard.com/advisory/FGA-2011-06.html
iDefense: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.4.7 >= 9.4.7=20
Description
Multiple vulnerabilities have been discovered in Adobe Reader. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.7"
References
[ 1 ] CVE-2010-4091 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091 [ 2 ] CVE-2011-0562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562 [ 3 ] CVE-2011-0563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563 [ 4 ] CVE-2011-0565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565 [ 5 ] CVE-2011-0566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566 [ 6 ] CVE-2011-0567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567 [ 7 ] CVE-2011-0570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570 [ 8 ] CVE-2011-0585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585 [ 9 ] CVE-2011-0586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586 [ 10 ] CVE-2011-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587 [ 11 ] CVE-2011-0588 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588 [ 12 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 13 ] CVE-2011-0590 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590 [ 14 ] CVE-2011-0591 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591 [ 15 ] CVE-2011-0592 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592 [ 16 ] CVE-2011-0593 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593 [ 17 ] CVE-2011-0594 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594 [ 18 ] CVE-2011-0595 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595 [ 19 ] CVE-2011-0596 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596 [ 20 ] CVE-2011-0598 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598 [ 21 ] CVE-2011-0599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599 [ 22 ] CVE-2011-0600 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600 [ 23 ] CVE-2011-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602 [ 24 ] CVE-2011-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603 [ 25 ] CVE-2011-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604 [ 26 ] CVE-2011-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605 [ 27 ] CVE-2011-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606 [ 28 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 29 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 30 ] CVE-2011-2135 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 31 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 32 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 33 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 34 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 35 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 36 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 37 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 38 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 39 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 40 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 41 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 42 ] CVE-2011-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431 [ 43 ] CVE-2011-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432 [ 44 ] CVE-2011-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433 [ 45 ] CVE-2011-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434 [ 46 ] CVE-2011-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435 [ 47 ] CVE-2011-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436 [ 48 ] CVE-2011-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437 [ 49 ] CVE-2011-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438 [ 50 ] CVE-2011-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439 [ 51 ] CVE-2011-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440 [ 52 ] CVE-2011-2441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441 [ 53 ] CVE-2011-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442 [ 54 ] CVE-2011-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462 [ 55 ] CVE-2011-4369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201201-19.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0061",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat professional extended",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
}
],
"sources": [
{
"db": "BID",
"id": "46221"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001212"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-135"
},
{
"db": "NVD",
"id": "CVE-2011-0602"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_server_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_workstation_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001212"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sean Larsson through iDefense",
"sources": [
{
"db": "BID",
"id": "46221"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-135"
}
],
"trust": 0.9
},
"cve": "CVE-2011-0602",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2011-0602",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-48547",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-0602",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-0602",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-135",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-48547",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2011-0602",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48547"
},
{
"db": "VULMON",
"id": "CVE-2011-0602"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001212"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-135"
},
{
"db": "NVD",
"id": "CVE-2011-0602"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via crafted JP2K record types in a JPEG2000 image in a PDF file, which causes heap corruption, a different vulnerability than CVE-2011-0596, CVE-2011-0598, and CVE-2011-0599. Adobe Reader and Acrobat Contains a vulnerability that allows arbitrary code execution. This vulnerability CVE-2011-0596 , CVE-2011-0598 and CVE-2011-0599 Is a different vulnerability.A third party may execute arbitrary code through the image. \n\nFor more information:\nSA43207\n\nSOLUTION:\nUpdated packages are available via Red Hat Network. BACKGROUND\n\nAdobe Reader/Acrobat is a Portable Document Format Viewer (PDF). For\nmore information, see the vendor\u0027s site found at the following link. \n\nhttp://www.adobe.com/products/reader/\n\nII. \n\nJPEG2000 (JP2K) is an image file format similar to JPEG. In addition to\nJPEG markers, JP2K files also provide \"boxes\" that define different\nimage properties. Several different JP2K record types are involved in the\nvulnerability. It is possible to increment a buffer index beyond the\nallocated data, and store pointers to file data at that location. This\ncan result in the corruption of heap structures and application data,\nwhich leads to the execution of arbitrary code. \n\nIII. ANALYSIS\n\nExploitation of this vulnerability results in the execution of arbitrary\ncode with the privileges of the user viewing the web page or opening the\nfile. Since PDF files can be embedded into web pages and parsed without\ninteraction by default, this vulnerability can be exploited as a\ntypical browser vulnerability. To exploit this vulnerability, a\ntargeted user must load a malicious webpage created by an attacker. An\nattacker typically accomplishes this via social engineering or\ninjecting content into compromised, trusted sites. After the user\nvisits the malicious web page, no further user interaction is needed. \n\nIV. A full list of vulnerable\nAdobe products can be found in Adobe Security Bulletin APSB11-03. \n\nV. WORKAROUND\n\nDisabling the web view mode of Adobe Reader will prevent exploitation\nthrough the browser. \n\nVI. VENDOR RESPONSE\n\nAdobe has addressed this issue with an update. Further details and\npatches can be found at the following URL. \n\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\n\nVII. This is a candidate for inclusion in\nthe CVE list (http://cve.mitre.org/), which standardizes names for\nsecurity problems. \n\nVIII. DISCLOSURE TIMELINE\n\n11/17/2010 Initial Vendor Notification\n11/17/2010 Initial Vendor Reply\n02/08/2011 Coordinated Public Disclosure\n\nIX. \n\nGet paid for vulnerability research\nhttp://labs.idefense.com/methodology/vulnerability/vcp.php\n\nFree tools, research and upcoming events\nhttp://labs.idefense.com/\n\nX. LEGAL NOTICES\n\nCopyright \\xa9 2011 iDefense, Inc. \n\nPermission is granted for the redistribution of this alert\nelectronically. It may not be edited in any way without the express\nwritten consent of iDefense. If you wish to reprint the whole or any\npart of this alert in any other medium other than electronically,\nplease e-mail customerservice@idefense.com for permission. \n\nDisclaimer: The information in the advisory is believed to be accurate\nat the time of publishing based on currently available information. Use\nof the information constitutes acceptance for use in an AS IS condition. \n There are no warranties with regard to this information. Neither the\nauthor nor the publisher accepts any liability for any direct,\nindirect, or consequential loss or damage arising from use of, or\nreliance on, this information. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA43207\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43207/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nRELEASE DATE:\n2011-02-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43207/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43207/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader /\nAcrobat, which can be exploited by malicious, local users to gain\nescalated privileges and by malicious people to conduct cross-site\nscripting attacks and compromise a user\u0027s system. \n\n2) An unspecified error can be exploited to corrupt memory. \n\n3) An unspecified error related to file permissions in Windows-based\nversions can be exploited to gain escalated privileges. \n\n4) An unspecified error may allow code execution. \n\n5) An unspecified error when parsing images can be exploited to\ncorrupt memory. \n\n6) An error in AcroRd32.dll when parsing certain images can be\nexploited to corrupt memory. \n\n7) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n9) An unspecified error may allow code execution. \n\n10) A input validation error may allow code execution. \n\n11) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n13) An unspecified error can be exploited to corrupt memory. \n\n14) A boundary error when decoding U3D image data in an IFF file can\nbe exploited to cause a buffer overflow. \n\n15) A boundary error when decoding U3D image data in a RGBA file can\nbe exploited to cause a buffer overflow. \n\n16) A boundary error when decoding U3D image data in a BMP file can\nbe exploited to cause a buffer overflow. \n\n17) A boundary error when decoding U3D image data in a PSD file can\nbe exploited to cause a buffer overflow. \n\n18) An input validation error when parsing fonts may allow code\nexecution. \n\n19) A boundary error when decoding U3D image data in a FLI file can\nbe exploited to cause a buffer overflow. \n\n20) An error in 2d.dll when parsing height and width values of RLE_8\ncompressed BMP files can be exploited to cause a heap-based buffer\noverflow. \n\n21) An integer overflow in ACE.dll when parsing certain ICC data can\nbe exploited to cause a buffer overflow. \n\n22) A boundary error in rt3d.dll when parsing bits per pixel and\nnumber of colors if 4/8-bit RLE compressed BMP files can be exploited\nto cause a heap-based buffer overflow. \n\n23) An error in the U3D implementation when handling the Parent Node\ncount can be exploited to cause a buffer overflow. \n\n24) A boundary error when processing JPEG files embedded in a PDF\nfile can be exploited to corrupt heap memory. \n\n25) An unspecified error when parsing images may allow code\nexecution. \n\n26) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n27) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n28) A boundary error in rt3d.dll when parsing certain files can be\nexploited to cause a stack-based buffer overflow. \n\n29) An integer overflow in the U3D implementation when parsing a ILBM\ntexture file can be exploited to cause a buffer overflow. \n\n30) Some vulnerabilities are caused due to vulnerabilities in the\nbundled version of Adobe Flash Player. \n\nFor more information:\nSA43267\n\nThe vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1\nand prior, and 10.0 and prior. \n\nSOLUTION:\nUpdate to version 8.2.6, 9.4.2, or 10.0.1. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\n2) Bing Liu, Fortinet\u0027s FortiGuard Labs. \n6) Abdullah Ada via ZDI. \n8) Haifei Li, Fortinet\u0027s FortiGuard Labs. \n14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. \n21) Sebastian Apelt via ZDI. \n23) el via ZDI. \n14) Sean Larsson, iDefense Labs. \n28) An anonymous person via ZDI. \n\nThe vendor also credits:\n1) Mitja Kolsek, ACROS Security. \n3) Matthew Pun. \n4, 5, 18) Tavis Ormandy, Google Security Team. \n7) James Quirk. \n9) Brett Gervasoni, Sense of Security. \n10) Joe Schatz. \n11, 26) Billy Rios, Google Security Team. \n12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. \n13) CESG. \n25) Will Dormann, CERT. \n27) Marc Schoenefeld, Red Hat Security Response Team. \n\nORIGINAL ADVISORY:\nAdobe (APSB11-03)\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-02.html\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-065/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-066/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-067/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-068/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-069/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-070/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-071/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-072/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-073/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-074/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-075/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-077/\n\nFortiGuard Labs:\nhttp://www.fortiguard.com/advisory/FGA-2011-06.html\n\niDefense:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/acroread \u003c 9.4.7 \u003e= 9.4.7=20\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Adobe Reader. Please\nreview the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.4.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-4091\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091\n[ 2 ] CVE-2011-0562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562\n[ 3 ] CVE-2011-0563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563\n[ 4 ] CVE-2011-0565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565\n[ 5 ] CVE-2011-0566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566\n[ 6 ] CVE-2011-0567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567\n[ 7 ] CVE-2011-0570\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570\n[ 8 ] CVE-2011-0585\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585\n[ 9 ] CVE-2011-0586\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586\n[ 10 ] CVE-2011-0587\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587\n[ 11 ] CVE-2011-0588\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588\n[ 12 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 13 ] CVE-2011-0590\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590\n[ 14 ] CVE-2011-0591\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591\n[ 15 ] CVE-2011-0592\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592\n[ 16 ] CVE-2011-0593\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593\n[ 17 ] CVE-2011-0594\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594\n[ 18 ] CVE-2011-0595\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595\n[ 19 ] CVE-2011-0596\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596\n[ 20 ] CVE-2011-0598\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598\n[ 21 ] CVE-2011-0599\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599\n[ 22 ] CVE-2011-0600\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600\n[ 23 ] CVE-2011-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602\n[ 24 ] CVE-2011-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603\n[ 25 ] CVE-2011-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604\n[ 26 ] CVE-2011-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605\n[ 27 ] CVE-2011-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606\n[ 28 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 29 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 30 ] CVE-2011-2135\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 31 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 32 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 33 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 34 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 35 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 36 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 37 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 38 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 39 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 40 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 41 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 42 ] CVE-2011-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431\n[ 43 ] CVE-2011-2432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432\n[ 44 ] CVE-2011-2433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433\n[ 45 ] CVE-2011-2434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434\n[ 46 ] CVE-2011-2435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435\n[ 47 ] CVE-2011-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436\n[ 48 ] CVE-2011-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437\n[ 49 ] CVE-2011-2438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438\n[ 50 ] CVE-2011-2439\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439\n[ 51 ] CVE-2011-2440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440\n[ 52 ] CVE-2011-2441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441\n[ 53 ] CVE-2011-2442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442\n[ 54 ] CVE-2011-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462\n[ 55 ] CVE-2011-4369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201201-19.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0602"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001212"
},
{
"db": "BID",
"id": "46221"
},
{
"db": "VULHUB",
"id": "VHN-48547"
},
{
"db": "VULMON",
"id": "CVE-2011-0602"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98325"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
}
],
"trust": 2.43
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-48547",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48547"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-0602",
"trust": 3.1
},
{
"db": "BID",
"id": "46221",
"trust": 2.3
},
{
"db": "VUPEN",
"id": "ADV-2011-0337",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1025033",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "43470",
"trust": 1.3
},
{
"db": "VUPEN",
"id": "ADV-2011-0492",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "43207",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001212",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201102-135",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "98325",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-48547",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2011-0602",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99246",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-074",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-071",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-070",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-066",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-067",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-077",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-073",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-072",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-065",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-068",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-075",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-069",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98320",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109194",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48547"
},
{
"db": "VULMON",
"id": "CVE-2011-0602"
},
{
"db": "BID",
"id": "46221"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001212"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98325"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-135"
},
{
"db": "NVD",
"id": "CVE-2011-0602"
}
]
},
"id": "VAR-201102-0061",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48547"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:32:52.994000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-03",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"title": "cpsid_89065",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/890/cpsid_89065.html"
},
{
"title": "RHSA-2011:0301",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2011-0301.html"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/0xCyberY/CVE-T4PDF "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2011-0602"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001212"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48547"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001212"
},
{
"db": "NVD",
"id": "CVE-2011-0602"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"trust": 2.1,
"url": "http://www.securityfocus.com/bid/46221"
},
{
"trust": 2.0,
"url": "http://www.securitytracker.com/id?1025033"
},
{
"trust": 2.0,
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"trust": 1.6,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12562"
},
{
"trust": 1.2,
"url": "http://www.redhat.com/support/errata/rhsa-2011-0301.html"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/43470"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2011/0492"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0602"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2011/at110004.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0602"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/43207"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "/archive/1/516319"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/vim/section_179/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/0xcybery/cve-t4pdf"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/#comments"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-0301.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43470"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/),"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/products/reader/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/methodology/vulnerability/vcp.php"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-066/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-068/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/#comments"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-065/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-072/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-073/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-069/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-075/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-070/"
},
{
"trust": 0.1,
"url": "http://www.fortiguard.com/advisory/fga-2011-06.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-077/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-067/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-071/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-074/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48547"
},
{
"db": "VULMON",
"id": "CVE-2011-0602"
},
{
"db": "BID",
"id": "46221"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001212"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98325"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-135"
},
{
"db": "NVD",
"id": "CVE-2011-0602"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-48547"
},
{
"db": "VULMON",
"id": "CVE-2011-0602"
},
{
"db": "BID",
"id": "46221"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001212"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98325"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-135"
},
{
"db": "NVD",
"id": "CVE-2011-0602"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-48547"
},
{
"date": "2011-02-10T00:00:00",
"db": "VULMON",
"id": "CVE-2011-0602"
},
{
"date": "2011-02-08T00:00:00",
"db": "BID",
"id": "46221"
},
{
"date": "2011-03-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001212"
},
{
"date": "2011-03-14T11:37:12",
"db": "PACKETSTORM",
"id": "99246"
},
{
"date": "2011-02-09T12:22:22",
"db": "PACKETSTORM",
"id": "98325"
},
{
"date": "2011-02-09T03:30:01",
"db": "PACKETSTORM",
"id": "98320"
},
{
"date": "2012-01-31T00:07:37",
"db": "PACKETSTORM",
"id": "109194"
},
{
"date": "2011-02-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-135"
},
{
"date": "2011-02-10T18:00:58.880000",
"db": "NVD",
"id": "CVE-2011-0602"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-48547"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2011-0602"
},
{
"date": "2015-03-19T09:16:00",
"db": "BID",
"id": "46221"
},
{
"date": "2011-03-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001212"
},
{
"date": "2011-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-135"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2011-0602"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "98325"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-135"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001212"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-135"
}
],
"trust": 0.6
}
}
var-201505-0313
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073, and CVE-2015-3074. This vulnerability CVE-2015-3060 , CVE-2015-3061 , CVE-2015-3063 , CVE-2015-3064 , CVE-2015-3065 , CVE-2015-3066 , CVE-2015-3067 , CVE-2015-3068 , CVE-2015-3069 , CVE-2015-3071 , CVE-2015-3072 , CVE-2015-3073 and CVE-2015-3074 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlBy the attacker, JavaScript API May limit the execution limit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the AFExactMatch method. By creating a specially crafted PDF with specific JavaScript instructions, it is possible to bypass the JavaScript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Reader and Acrobat are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201505-0313",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-207"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002640"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-175"
},
{
"db": "NVD",
"id": "CVE-2015-3062"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002640"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Simon Zuckerbraun - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-207"
}
],
"trust": 0.7
},
"cve": "CVE-2015-3062",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3062",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-3062",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-81023",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3062",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-3062",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-3062",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-175",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-81023",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-207"
},
{
"db": "VULHUB",
"id": "VHN-81023"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002640"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-175"
},
{
"db": "NVD",
"id": "CVE-2015-3062"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073, and CVE-2015-3074. This vulnerability CVE-2015-3060 , CVE-2015-3061 , CVE-2015-3063 , CVE-2015-3064 , CVE-2015-3065 , CVE-2015-3066 , CVE-2015-3067 , CVE-2015-3068 , CVE-2015-3069 , CVE-2015-3071 , CVE-2015-3072 , CVE-2015-3073 and CVE-2015-3074 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlBy the attacker, JavaScript API May limit the execution limit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the AFExactMatch method. By creating a specially crafted PDF with specific JavaScript instructions, it is possible to bypass the JavaScript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Reader and Acrobat are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3062"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002640"
},
{
"db": "ZDI",
"id": "ZDI-15-207"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "VULHUB",
"id": "VHN-81023"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3062",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-207",
"trust": 1.8
},
{
"db": "BID",
"id": "74604",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1032284",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002640",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2703",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201505-175",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-81023",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-207"
},
{
"db": "VULHUB",
"id": "VHN-81023"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002640"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-175"
},
{
"db": "NVD",
"id": "CVE-2015-3062"
}
]
},
"id": "VAR-201505-0313",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81023"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:34:07.066000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-10",
"trust": 1.5,
"url": "http://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb15-10.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150514.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-207"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002640"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-284",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81023"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002640"
},
{
"db": "NVD",
"id": "CVE-2015-3062"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/74604"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-207"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032284"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3062"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150513-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3062"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=16279"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-207"
},
{
"db": "VULHUB",
"id": "VHN-81023"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002640"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-175"
},
{
"db": "NVD",
"id": "CVE-2015-3062"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-207"
},
{
"db": "VULHUB",
"id": "VHN-81023"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002640"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-175"
},
{
"db": "NVD",
"id": "CVE-2015-3062"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-207"
},
{
"date": "2015-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-81023"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74604"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002640"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-175"
},
{
"date": "2015-05-13T10:59:57.247000",
"db": "NVD",
"id": "CVE-2015-3062"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-207"
},
{
"date": "2017-01-05T00:00:00",
"db": "VULHUB",
"id": "VHN-81023"
},
{
"date": "2015-05-15T01:17:00",
"db": "BID",
"id": "74604"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002640"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-175"
},
{
"date": "2017-01-05T19:53:36.553000",
"db": "NVD",
"id": "CVE-2015-3062"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-175"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat In JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002640"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "74604"
}
],
"trust": 0.3
}
}
var-201208-0729
Vulnerability from variot
Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE-2012-4150, CVE-2012-4151, CVE-2012-4152, CVE-2012-4153, CVE-2012-4154, CVE-2012-4155, CVE-2012-4156, CVE-2012-4157, CVE-2012-4158, CVE-2012-4159, and CVE-2012-4160. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201308-03
http://security.gentoo.org/
Severity: High Title: Adobe Reader: Multiple vulnerabilities Date: August 22, 2013 Bugs: #431732, #451058, #469960 ID: 201308-03
Synopsis
Multiple vulnerabilities have been found in Adobe Reader, including potential remote execution of arbitrary code and local privilege escalation.
Background
Adobe Reader is a closed-source PDF reader.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.5.5 >= 9.5.5
Description
Multiple vulnerabilities have been discovered in Adobe Reader. Please review the CVE identifiers referenced below for details. A local attacker could gain privileges via unspecified vectors.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.5.5"
References
[ 1 ] CVE-2012-1525 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525 [ 2 ] CVE-2012-1530 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530 [ 3 ] CVE-2012-2049 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049 [ 4 ] CVE-2012-2050 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050 [ 5 ] CVE-2012-2051 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051 [ 6 ] CVE-2012-4147 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147 [ 7 ] CVE-2012-4148 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748 [ 8 ] CVE-2012-4149 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149 [ 9 ] CVE-2012-4150 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150 [ 10 ] CVE-2012-4151 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151 [ 11 ] CVE-2012-4152 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152 [ 12 ] CVE-2012-4153 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153 [ 13 ] CVE-2012-4154 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154 [ 14 ] CVE-2012-4155 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155 [ 15 ] CVE-2012-4156 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156 [ 16 ] CVE-2012-4157 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157 [ 17 ] CVE-2012-4158 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158 [ 18 ] CVE-2012-4159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159 [ 19 ] CVE-2012-4160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160 [ 20 ] CVE-2012-4363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363 [ 21 ] CVE-2013-0601 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601 [ 22 ] CVE-2013-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602 [ 23 ] CVE-2013-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603 [ 24 ] CVE-2013-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604 [ 25 ] CVE-2013-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605 [ 26 ] CVE-2013-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606 [ 27 ] CVE-2013-0607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607 [ 28 ] CVE-2013-0608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608 [ 29 ] CVE-2013-0609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609 [ 30 ] CVE-2013-0610 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610 [ 31 ] CVE-2013-0611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611 [ 32 ] CVE-2013-0612 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612 [ 33 ] CVE-2013-0613 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613 [ 34 ] CVE-2013-0614 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614 [ 35 ] CVE-2013-0615 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615 [ 36 ] CVE-2013-0616 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616 [ 37 ] CVE-2013-0617 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617 [ 38 ] CVE-2013-0618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618 [ 39 ] CVE-2013-0619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619 [ 40 ] CVE-2013-0620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620 [ 41 ] CVE-2013-0621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621 [ 42 ] CVE-2013-0622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622 [ 43 ] CVE-2013-0623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623 [ 44 ] CVE-2013-0624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624 [ 45 ] CVE-2013-0626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626 [ 46 ] CVE-2013-0627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627 [ 47 ] CVE-2013-0640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640 [ 48 ] CVE-2013-0641 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641 [ 49 ] CVE-2013-2549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549 [ 50 ] CVE-2013-2550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550 [ 51 ] CVE-2013-2718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718 [ 52 ] CVE-2013-2719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719 [ 53 ] CVE-2013-2720 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720 [ 54 ] CVE-2013-2721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721 [ 55 ] CVE-2013-2722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722 [ 56 ] CVE-2013-2723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723 [ 57 ] CVE-2013-2724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724 [ 58 ] CVE-2013-2725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725 [ 59 ] CVE-2013-2726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726 [ 60 ] CVE-2013-2727 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727 [ 61 ] CVE-2013-2729 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729 [ 62 ] CVE-2013-2730 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730 [ 63 ] CVE-2013-2731 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731 [ 64 ] CVE-2013-2732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732 [ 65 ] CVE-2013-2733 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733 [ 66 ] CVE-2013-2734 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734 [ 67 ] CVE-2013-2735 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735 [ 68 ] CVE-2013-2736 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736 [ 69 ] CVE-2013-2737 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737 [ 70 ] CVE-2013-3337 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337 [ 71 ] CVE-2013-3338 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338 [ 72 ] CVE-2013-3339 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339 [ 73 ] CVE-2013-3340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340 [ 74 ] CVE-2013-3341 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341 [ 75 ] CVE-2013-3342 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201308-03.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . ----------------------------------------------------------------------
The new Secunia CSI 6.0 is now available in beta! Seamless integration with your existing security solutions Sign-up to become a Beta tester: http://secunia.com/csi6beta
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50281
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50281/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
RELEASE DATE: 2012-08-14
DISCUSS ADVISORY: http://secunia.com/advisories/50281/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50281/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.
1) An unspecified error can be exploited to cause a stack-based buffer overflow.
2) An unspecified error can be exploited to cause a buffer overflow.
3) An unspecified error can be exploited to corrupt memory.
4) Another unspecified error can be exploited to corrupt memory.
5) Another unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to cause a heap-based buffer overflow.
7) Multiple unspecified errors can be exploited to corrupt memory.
8) Two unspecified errors can be exploited to corrupt memory.
Note: Vulnerability #8 affects the Macintosh platform only.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
SOLUTION: Apply updates.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1) Pavel Polischouk, TELUS Security Labs 2) An anonymous person via Beyond Security 3) Mateusz Jurczyk, Google Security Team 4, 8) James Quirk 5) John Leitch, Microsoft 6) Nicolas Gr\xe9goire via iDefense 7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team
ORIGINAL ADVISORY: http://www.adobe.com/support/security/bulletins/apsb12-16.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201208-0729",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (windows and macintosh)"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (windows and macintosh)"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "55005"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003634"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-245"
},
{
"db": "NVD",
"id": "CVE-2012-2051"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003634"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mateusz Jurczyk of the Google Security Team",
"sources": [
{
"db": "BID",
"id": "55005"
}
],
"trust": 0.3
},
"cve": "CVE-2012-2051",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2012-2051",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-55332",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-2051",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2012-2051",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201208-245",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-55332",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2012-2051",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55332"
},
{
"db": "VULMON",
"id": "CVE-2012-2051"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003634"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-245"
},
{
"db": "NVD",
"id": "CVE-2012-2051"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE-2012-4150, CVE-2012-4151, CVE-2012-4152, CVE-2012-4153, CVE-2012-4154, CVE-2012-4155, CVE-2012-4156, CVE-2012-4157, CVE-2012-4158, CVE-2012-4159, and CVE-2012-4160. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201308-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Adobe Reader: Multiple vulnerabilities\n Date: August 22, 2013\n Bugs: #431732, #451058, #469960\n ID: 201308-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Adobe Reader, including\npotential remote execution of arbitrary code and local privilege\nescalation. \n\nBackground\n==========\n\nAdobe Reader is a closed-source PDF reader. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/acroread \u003c 9.5.5 \u003e= 9.5.5\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Adobe Reader. Please\nreview the CVE identifiers referenced below for details. A local attacker could gain privileges via\nunspecified vectors. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.5.5\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-1525\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525\n[ 2 ] CVE-2012-1530\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530\n[ 3 ] CVE-2012-2049\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049\n[ 4 ] CVE-2012-2050\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050\n[ 5 ] CVE-2012-2051\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051\n[ 6 ] CVE-2012-4147\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147\n[ 7 ] CVE-2012-4148\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748\n[ 8 ] CVE-2012-4149\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149\n[ 9 ] CVE-2012-4150\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150\n[ 10 ] CVE-2012-4151\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151\n[ 11 ] CVE-2012-4152\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152\n[ 12 ] CVE-2012-4153\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153\n[ 13 ] CVE-2012-4154\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154\n[ 14 ] CVE-2012-4155\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155\n[ 15 ] CVE-2012-4156\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156\n[ 16 ] CVE-2012-4157\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157\n[ 17 ] CVE-2012-4158\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158\n[ 18 ] CVE-2012-4159\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159\n[ 19 ] CVE-2012-4160\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160\n[ 20 ] CVE-2012-4363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363\n[ 21 ] CVE-2013-0601\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601\n[ 22 ] CVE-2013-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602\n[ 23 ] CVE-2013-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603\n[ 24 ] CVE-2013-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604\n[ 25 ] CVE-2013-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605\n[ 26 ] CVE-2013-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606\n[ 27 ] CVE-2013-0607\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607\n[ 28 ] CVE-2013-0608\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608\n[ 29 ] CVE-2013-0609\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609\n[ 30 ] CVE-2013-0610\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610\n[ 31 ] CVE-2013-0611\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611\n[ 32 ] CVE-2013-0612\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612\n[ 33 ] CVE-2013-0613\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613\n[ 34 ] CVE-2013-0614\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614\n[ 35 ] CVE-2013-0615\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615\n[ 36 ] CVE-2013-0616\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616\n[ 37 ] CVE-2013-0617\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617\n[ 38 ] CVE-2013-0618\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618\n[ 39 ] CVE-2013-0619\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619\n[ 40 ] CVE-2013-0620\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620\n[ 41 ] CVE-2013-0621\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621\n[ 42 ] CVE-2013-0622\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622\n[ 43 ] CVE-2013-0623\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623\n[ 44 ] CVE-2013-0624\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624\n[ 45 ] CVE-2013-0626\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626\n[ 46 ] CVE-2013-0627\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627\n[ 47 ] CVE-2013-0640\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640\n[ 48 ] CVE-2013-0641\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641\n[ 49 ] CVE-2013-2549\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549\n[ 50 ] CVE-2013-2550\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550\n[ 51 ] CVE-2013-2718\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718\n[ 52 ] CVE-2013-2719\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719\n[ 53 ] CVE-2013-2720\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720\n[ 54 ] CVE-2013-2721\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721\n[ 55 ] CVE-2013-2722\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722\n[ 56 ] CVE-2013-2723\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723\n[ 57 ] CVE-2013-2724\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724\n[ 58 ] CVE-2013-2725\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725\n[ 59 ] CVE-2013-2726\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726\n[ 60 ] CVE-2013-2727\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727\n[ 61 ] CVE-2013-2729\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729\n[ 62 ] CVE-2013-2730\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730\n[ 63 ] CVE-2013-2731\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731\n[ 64 ] CVE-2013-2732\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732\n[ 65 ] CVE-2013-2733\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733\n[ 66 ] CVE-2013-2734\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734\n[ 67 ] CVE-2013-2735\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735\n[ 68 ] CVE-2013-2736\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736\n[ 69 ] CVE-2013-2737\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737\n[ 70 ] CVE-2013-3337\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337\n[ 71 ] CVE-2013-3338\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338\n[ 72 ] CVE-2013-3339\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339\n[ 73 ] CVE-2013-3340\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340\n[ 74 ] CVE-2013-3341\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341\n[ 75 ] CVE-2013-3342\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201308-03.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ----------------------------------------------------------------------\n\nThe new Secunia CSI 6.0 is now available in beta!\nSeamless integration with your existing security solutions Sign-up to \nbecome a Beta tester: http://secunia.com/csi6beta\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50281\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50281/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nRELEASE DATE:\n2012-08-14\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50281/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50281/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader and Adobe\nAcrobat, which can be exploited by malicious people to compromise a\nuser\u0027s system. \n\n1) An unspecified error can be exploited to cause a stack-based\nbuffer overflow. \n\n2) An unspecified error can be exploited to cause a buffer overflow. \n\n3) An unspecified error can be exploited to corrupt memory. \n\n4) Another unspecified error can be exploited to corrupt memory. \n\n5) Another unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to cause a heap-based buffer\noverflow. \n\n7) Multiple unspecified errors can be exploited to corrupt memory. \n\n8) Two unspecified errors can be exploited to corrupt memory. \n\nNote: Vulnerability #8 affects the Macintosh platform only. \n\nSuccessful exploitation of the vulnerabilities may allow execution of\narbitrary code. \n\nSOLUTION:\nApply updates. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1) Pavel Polischouk, TELUS Security Labs\n2) An anonymous person via Beyond Security\n3) Mateusz Jurczyk, Google Security Team\n4, 8) James Quirk\n5) John Leitch, Microsoft\n6) Nicolas Gr\\xe9goire via iDefense\n7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team\n\nORIGINAL ADVISORY:\nhttp://www.adobe.com/support/security/bulletins/apsb12-16.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2051"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003634"
},
{
"db": "BID",
"id": "55005"
},
{
"db": "VULHUB",
"id": "VHN-55332"
},
{
"db": "VULMON",
"id": "CVE-2012-2051"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-2051",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003634",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201208-245",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "50281",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "20345",
"trust": 0.6
},
{
"db": "BID",
"id": "55005",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-55332",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2012-2051",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "122930",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "115524",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55332"
},
{
"db": "VULMON",
"id": "CVE-2012-2051"
},
{
"db": "BID",
"id": "55005"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003634"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-245"
},
{
"db": "NVD",
"id": "CVE-2012-2051"
}
]
},
"id": "VAR-201208-0729",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-55332"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:17:52.435000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"title": "APSB12-16 (cq08100817)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/acrobat/kb/cq08100817.html"
},
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb12-16.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20120816.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003634"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55332"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003634"
},
{
"db": "NVD",
"id": "CVE-2012-2051"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"trust": 1.3,
"url": "http://security.gentoo.org/glsa/glsa-201308-03.xml"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16394"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2051"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2012/at120023.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2051"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50281"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/20345"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3338"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4147"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4155"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4152"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2729"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2718"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0611"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2719"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2722"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4147"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4152"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0620"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2725"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2721"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1525"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4153"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0607"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0617"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4151"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0615"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0601"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1525"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2735"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2726"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2737"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2549"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4154"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2727"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0608"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4157"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1530"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2734"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4157"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4153"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4150"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3342"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0641"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0610"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2731"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0623"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2049"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2733"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2736"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3337"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2050"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2720"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0614"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1530"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2730"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0616"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4151"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0619"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4150"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4154"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3341"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2550"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0640"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4155"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2049"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2732"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2724"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0612"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0613"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2723"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2050"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0621"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0601"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/"
},
{
"trust": 0.1,
"url": "http://secunia.com/csi6beta"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55332"
},
{
"db": "VULMON",
"id": "CVE-2012-2051"
},
{
"db": "BID",
"id": "55005"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003634"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-245"
},
{
"db": "NVD",
"id": "CVE-2012-2051"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-55332"
},
{
"db": "VULMON",
"id": "CVE-2012-2051"
},
{
"db": "BID",
"id": "55005"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003634"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-245"
},
{
"db": "NVD",
"id": "CVE-2012-2051"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-15T00:00:00",
"db": "VULHUB",
"id": "VHN-55332"
},
{
"date": "2012-08-15T00:00:00",
"db": "VULMON",
"id": "CVE-2012-2051"
},
{
"date": "2012-08-14T00:00:00",
"db": "BID",
"id": "55005"
},
{
"date": "2012-08-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003634"
},
{
"date": "2013-08-23T06:29:02",
"db": "PACKETSTORM",
"id": "122930"
},
{
"date": "2012-08-14T04:36:45",
"db": "PACKETSTORM",
"id": "115524"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-245"
},
{
"date": "2012-08-15T10:31:41.053000",
"db": "NVD",
"id": "CVE-2012-2051"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-55332"
},
{
"date": "2017-09-19T00:00:00",
"db": "VULMON",
"id": "CVE-2012-2051"
},
{
"date": "2013-08-26T00:16:00",
"db": "BID",
"id": "55005"
},
{
"date": "2012-08-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003634"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-245"
},
{
"date": "2017-09-19T01:34:56.433000",
"db": "NVD",
"id": "CVE-2012-2051"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-245"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X upper Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003634"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-245"
}
],
"trust": 0.6
}
}
var-201601-0596
Vulnerability from variot
Double free vulnerability in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via a crafted ExtGState dictionary. Supplementary information : CWE Vulnerability type by CWE-415: Double Free ( Double release ) Has been identified. http://cwe.mitre.org/data/definitions/415.htmlCrafted by attackers ExtGState Arbitrary code may be executed through the dictionary. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the ExtGState dictionary within PDFs. The issue lies in the processing of malformed dictionaries leading to a double free. Failed exploit attempts will likely cause denial-of-service conditions. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201601-0596",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.14 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30119 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20056 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30119 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20056 (windows/macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.14 (windows/macintosh)"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-017"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001037"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-235"
},
{
"db": "NVD",
"id": "CVE-2016-0935"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001037"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "kdot",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-017"
}
],
"trust": 0.7
},
"cve": "CVE-2016-0935",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0935",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 2.5,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-88445",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2016-0935",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-0935",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-0935",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2016-0935",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-235",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-88445",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-017"
},
{
"db": "VULHUB",
"id": "VHN-88445"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001037"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-235"
},
{
"db": "NVD",
"id": "CVE-2016-0935"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Double free vulnerability in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via a crafted ExtGState dictionary. Supplementary information : CWE Vulnerability type by CWE-415: Double Free ( Double release ) Has been identified. http://cwe.mitre.org/data/definitions/415.htmlCrafted by attackers ExtGState Arbitrary code may be executed through the dictionary. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the ExtGState dictionary within PDFs. The issue lies in the processing of malformed dictionaries leading to a double free. Failed exploit attempts will likely cause denial-of-service conditions. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0935"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001037"
},
{
"db": "ZDI",
"id": "ZDI-16-017"
},
{
"db": "BID",
"id": "80363"
},
{
"db": "VULHUB",
"id": "VHN-88445"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0935",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-16-017",
"trust": 2.7
},
{
"db": "SECTRACK",
"id": "1034646",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001037",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3273",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201601-235",
"trust": 0.7
},
{
"db": "BID",
"id": "80363",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-88445",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-017"
},
{
"db": "VULHUB",
"id": "VHN-88445"
},
{
"db": "BID",
"id": "80363"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001037"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-235"
},
{
"db": "NVD",
"id": "CVE-2016-0935"
}
]
},
"id": "VAR-201601-0596",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88445"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:32:58.072000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-02",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
},
{
"title": "APSB16-02",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb16-02.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160114.html"
},
{
"title": "Multiple Adobe Product double release vulnerability repair measures",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59582"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-017"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001037"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-235"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001037"
},
{
"db": "NVD",
"id": "CVE-2016-0935"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
},
{
"trust": 1.7,
"url": "http://zerodayinitiative.com/advisories/zdi-16-017"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1034646"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0935"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160113-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160003.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0935"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17575"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
},
{
"trust": 0.3,
"url": "https://helpx.adobe.com/security/products/reader/apsb16-02.html"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-017/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-017"
},
{
"db": "VULHUB",
"id": "VHN-88445"
},
{
"db": "BID",
"id": "80363"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001037"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-235"
},
{
"db": "NVD",
"id": "CVE-2016-0935"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-16-017"
},
{
"db": "VULHUB",
"id": "VHN-88445"
},
{
"db": "BID",
"id": "80363"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001037"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-235"
},
{
"db": "NVD",
"id": "CVE-2016-0935"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-12T00:00:00",
"db": "ZDI",
"id": "ZDI-16-017"
},
{
"date": "2016-01-14T00:00:00",
"db": "VULHUB",
"id": "VHN-88445"
},
{
"date": "2016-01-12T00:00:00",
"db": "BID",
"id": "80363"
},
{
"date": "2016-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001037"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-235"
},
{
"date": "2016-01-14T05:59:04.343000",
"db": "NVD",
"id": "CVE-2016-0935"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-12T00:00:00",
"db": "ZDI",
"id": "ZDI-16-017"
},
{
"date": "2016-12-07T00:00:00",
"db": "VULHUB",
"id": "VHN-88445"
},
{
"date": "2016-02-02T20:26:00",
"db": "BID",
"id": "80363"
},
{
"date": "2016-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001037"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-235"
},
{
"date": "2016-12-07T23:41:23.657000",
"db": "NVD",
"id": "CVE-2016-0935"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-235"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Memory double free vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001037"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-235"
}
],
"trust": 0.6
}
}
var-201006-1213
Vulnerability from variot
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2209, CVE-2010-2211, and CVE-2010-2212. Adobe Reader and Acrobat Any code that could be executed or service disruption (DoS) There is a vulnerability that becomes a condition. Adobe Reader and Acrobat versions prior to and including 9.3.2 and 8.2.2 are affected. This BID is being retired. ring). - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201009-05
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: September 07, 2010 Bugs: #297385, #306429, #313343, #322857 ID: 201009-05
Synopsis
Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code or other attacks. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.3.4"
References
[ 1 ] APSA10-01 http://www.adobe.com/support/security/advisories/apsa10-01.html [ 2 ] APSB10-02 http://www.adobe.com/support/security/bulletins/apsb10-02.html [ 3 ] APSB10-07 http://www.adobe.com/support/security/bulletins/apsb10-07.html [ 4 ] APSB10-09 http://www.adobe.com/support/security/bulletins/apsb10-09.html [ 5 ] APSB10-14 http://www.adobe.com/support/security/bulletins/apsb10-14.html [ 6 ] APSB10-16 http://www.adobe.com/support/security/bulletins/apsb10-16.html [ 7 ] CVE-2009-3953 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953 [ 8 ] CVE-2009-4324 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324 [ 9 ] CVE-2010-0186 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186 [ 10 ] CVE-2010-0188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188 [ 11 ] CVE-2010-0190 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190 [ 12 ] CVE-2010-0191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191 [ 13 ] CVE-2010-0192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192 [ 14 ] CVE-2010-0193 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193 [ 15 ] CVE-2010-0194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194 [ 16 ] CVE-2010-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195 [ 17 ] CVE-2010-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196 [ 18 ] CVE-2010-0197 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197 [ 19 ] CVE-2010-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198 [ 20 ] CVE-2010-0199 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199 [ 21 ] CVE-2010-0201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201 [ 22 ] CVE-2010-0202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202 [ 23 ] CVE-2010-0203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203 [ 24 ] CVE-2010-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204 [ 25 ] CVE-2010-1241 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241 [ 26 ] CVE-2010-1285 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285 [ 27 ] CVE-2010-1295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295 [ 28 ] CVE-2010-1297 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297 [ 29 ] CVE-2010-2168 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168 [ 30 ] CVE-2010-2201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201 [ 31 ] CVE-2010-2202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202 [ 32 ] CVE-2010-2203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203 [ 33 ] CVE-2010-2204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204 [ 34 ] CVE-2010-2205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205 [ 35 ] CVE-2010-2206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206 [ 36 ] CVE-2010-2207 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207 [ 37 ] CVE-2010-2208 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208 [ 38 ] CVE-2010-2209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209 [ 39 ] CVE-2010-2210 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210 [ 40 ] CVE-2010-2211 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211 [ 41 ] CVE-2010-2212 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201009-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. ----------------------------------------------------------------------
Secunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management
Free webinars
http://secunia.com/vulnerability_scanning/corporate/webinars/
TITLE: Adobe Flash Player Unspecified Code Execution Vulnerability
SECUNIA ADVISORY ID: SA40026
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/40026/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=40026
RELEASE DATE: 2010-06-05
DISCUSS ADVISORY: http://secunia.com/advisories/40026/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/40026/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=40026
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an unspecified error. No more information is currently available.
The vulnerability is reported in version 10.0.45.2 and prior 10.0.x and 9.0.x versions for Windows, Macintosh, Linux, and Solaris.
NOTE: The vulnerability is reportedly being actively exploited.
SOLUTION: Reportedly, the latest version 10.1 Release Candidate is not affected.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day.
ORIGINAL ADVISORY: Adobe: http://www.adobe.com/support/security/advisories/apsa10-01.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA10-159A
Adobe Flash, Reader, and Acrobat Vulnerability
Original release date: June 08, 2010 Last revised: -- Source: US-CERT
Systems Affected
* Adobe Flash Player 10.0.45.2 and earlier 10.x versions
* Adobe Flash Player 9.0.262 and earlier 9.x versions
* Adobe Reader 9.3.2 and earlier 9.x versions
* Adobe Acrobat 9.3.2 and earlier 9.x versions
Other Adobe products that support Flash may also be vulnerable. This
vulnerability affects Flash Player, Reader, Acrobat, and possibly other products that support Flash.
I. It may also affect other products that independently support Flash, such as Photoshop, Photoshop Lightroom, Freehand MX, and Fireworks.
An attacker could exploit this vulnerability by convincing a user to open specially crafted Flash content. Flash content is commonly hosted on a web page, but it can also be embedded in PDF and other documents or provided as a stand-alone file.
II.
III. Solution
Update
Adobe Security Advisory APSA10-01 suggests updating to the release candidate of Flash Player 10.1.
Disable Flash in your web browser
Uninstall Flash or restrict which sites are allowed to run Flash. To the extent possible, only run trusted Flash content on trusted domains. For more information, see Securing Your Web Browser.
Disable Flash in Adobe Reader and Acrobat
Disabling Flash in Adobe Reader will mitigate attacks that rely on Flash content embedded in a PDF file. Disabling 3D & Multimedia support does not directly address the vulnerability, but it does provide additional mitigation and results in a more user-friendly error message instead of a crash. To disable Flash and 3D & Multimedia support in Adobe Reader 9, delete, rename, or remove access to these files:
Microsoft Windows
"%ProgramFiles%\Adobe\Reader 9.0\Reader\authplay.dll"
"%ProgramFiles%\Adobe\Reader 9.0\Reader\rt3d.dll"
Apple Mac OS X
"/Applications/Adobe Reader 9/Adobe
Reader.app/Contents/Frameworks/AuthPlayLib.bundle"
"/Applications/Adobe Reader 9/Adobe
Reader.app/Contents/Frameworks/Adobe3D.framework"
GNU/Linux (locations may vary among distributions)
"/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so"
"/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so"
File locations may be different for Adobe Acrobat or other Adobe products that include Flash and 3D & Multimedia support. Disabling these plugins will reduce functionality and will not protect against Flash content hosted on websites. Depending on the update schedule for products other than Flash Player, consider leaving Flash and 3D & Multimedia support disabled unless they are absolutely required.
Prevent Internet Explorer from automatically opening PDF documents
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7]
"EditFlags"=hex:00,00,00,00
Disable the display of PDF documents in the web browser
Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF documents from automatically being opened in a web browser, do the following:
1.
2. Open the Edit menu.
3. Choose the Preferences option.
4. Choose the Internet section.
5. Uncheck the "Display PDF in browser" checkbox.
Disable JavaScript in Adobe Reader and Acrobat
Disabling JavaScript provides some additional protection against attacks. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Enable DEP in Microsoft Windows
Consider enabling Data Execution Prevention (DEP) in supported versions of Windows. DEP should not be treated as a complete workaround, but it can mitigate the execution of attacker-supplied code in some cases. Microsoft has published detailed technical information about DEP in Security Research & Defense blog posts "Understanding DEP as a mitigation technology" part 1 and part 2. Use of DEP should be considered in conjunction with the application of patches or other mitigations described in this document.
Do not access PDF documents from untrusted sources
Do not open unfamiliar or unexpected PDF documents, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. References
-
Security Advisory for Flash Player, Adobe Reader and Acrobat - http://www.adobe.com/support/security/advisories/apsa10-01.html
-
Adobe Labs - Flash Player 10 pre-release - http://labs.adobe.com/technologies/flashplayer10/
-
US-CERT Vulnerability Note VU#486225 - http://www.kb.cert.org/vuls/id/486225
-
Securing Your Web Browser - http://www.us-cert.gov/reading_room/securing_browser/
-
Understanding DEP as a mitigation technology part 1 - http://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx
-
Understanding DEP as a mitigation technology part 2 - http://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA10-159A.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA10-159A Feedback VU#486225" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
June 08, 2010: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBTA65yT6pPKYJORa3AQLS9wf/fh+7IwRtBvoPgn8pYeOsVheLkbVLWC3W miWUnY1acuPTwZzG5JcAldRHksFkx1j0mMEvp4PhtiTr51JFPi4XgDfrG4cEcVaw nuAqEV+hLAWZkMex/jWxBV+85tZqKN0kiUr3bq5DPsdkhjV7c2MFfS8BSxLXLuPm OFAXPT+XFldq6MJhYUOtWT1CIz6PNPfo68KmZaUThjdqkkBW3HQu90OSRf2c6M/u V6KBQf7QuhpPqYUqAZU6ZUNEfL/7g2BwvuPjUMlgE5N+Z8EYnhyhu0qDtZeLUcXA 2gH31VEr79DUHJqpb9jk61bi5Dm4gjHeLHoTAwu0IrduZzXvWncfIg== =ZPZM -----END PGP SIGNATURE----- .
SOLUTION: Delete, rename, or remove access to authplay.dll to prevent running SWF content in PDF files
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201006-1213",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.4.z (server)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "BID",
"id": "41242"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001716"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-488"
},
{
"db": "NVD",
"id": "CVE-2010-2210"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001716"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tavis Ormandy of the Google Security Team",
"sources": [
{
"db": "BID",
"id": "41242"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-488"
}
],
"trust": 0.9
},
"cve": "CVE-2010-2210",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-2210",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CARNEGIE MELLON",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 9.0,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 7.0,
"exploitability": "PROOF-OF-CONCEPT",
"exploitabilityScore": 8.6,
"id": "VU#486225",
"impactScore": 9.5,
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "OFFICIAL FIX",
"reportConfidence": "CONFIRMED",
"severity": "HIGH",
"targetDistribution": "NOT DEFINED",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-44815",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-2210",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#486225",
"trust": 0.8,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2010-2210",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201006-488",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-44815",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2010-2210",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44815"
},
{
"db": "VULMON",
"id": "CVE-2010-2210"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001716"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-488"
},
{
"db": "NVD",
"id": "CVE-2010-2210"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2209, CVE-2010-2211, and CVE-2010-2212. Adobe Reader and Acrobat Any code that could be executed or service disruption (DoS) There is a vulnerability that becomes a condition. \nAdobe Reader and Acrobat versions prior to and including 9.3.2 and 8.2.2 are affected. \nThis BID is being retired. ring). - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201009-05\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: September 07, 2010\n Bugs: #297385, #306429, #313343, #322857\n ID: 201009-05\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might result in the execution\nof arbitrary code or other attacks. For further\ninformation please consult the CVE entries and the Adobe Security\nBulletins referenced below. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.3.4\"\n\nReferences\n==========\n\n [ 1 ] APSA10-01\n http://www.adobe.com/support/security/advisories/apsa10-01.html\n [ 2 ] APSB10-02\n http://www.adobe.com/support/security/bulletins/apsb10-02.html\n [ 3 ] APSB10-07\n http://www.adobe.com/support/security/bulletins/apsb10-07.html\n [ 4 ] APSB10-09\n http://www.adobe.com/support/security/bulletins/apsb10-09.html\n [ 5 ] APSB10-14\n http://www.adobe.com/support/security/bulletins/apsb10-14.html\n [ 6 ] APSB10-16\n http://www.adobe.com/support/security/bulletins/apsb10-16.html\n [ 7 ] CVE-2009-3953\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953\n [ 8 ] CVE-2009-4324\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324\n [ 9 ] CVE-2010-0186\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186\n [ 10 ] CVE-2010-0188\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188\n [ 11 ] CVE-2010-0190\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190\n [ 12 ] CVE-2010-0191\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191\n [ 13 ] CVE-2010-0192\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192\n [ 14 ] CVE-2010-0193\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193\n [ 15 ] CVE-2010-0194\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194\n [ 16 ] CVE-2010-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195\n [ 17 ] CVE-2010-0196\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196\n [ 18 ] CVE-2010-0197\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197\n [ 19 ] CVE-2010-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198\n [ 20 ] CVE-2010-0199\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199\n [ 21 ] CVE-2010-0201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201\n [ 22 ] CVE-2010-0202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202\n [ 23 ] CVE-2010-0203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203\n [ 24 ] CVE-2010-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204\n [ 25 ] CVE-2010-1241\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241\n [ 26 ] CVE-2010-1285\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285\n [ 27 ] CVE-2010-1295\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295\n [ 28 ] CVE-2010-1297\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297\n [ 29 ] CVE-2010-2168\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168\n [ 30 ] CVE-2010-2201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201\n [ 31 ] CVE-2010-2202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202\n [ 32 ] CVE-2010-2203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203\n [ 33 ] CVE-2010-2204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204\n [ 34 ] CVE-2010-2205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205\n [ 35 ] CVE-2010-2206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206\n [ 36 ] CVE-2010-2207\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207\n [ 37 ] CVE-2010-2208\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208\n [ 38 ] CVE-2010-2209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209\n [ 39 ] CVE-2010-2210\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210\n [ 40 ] CVE-2010-2211\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211\n [ 41 ] CVE-2010-2212\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201009-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. ----------------------------------------------------------------------\n\n\nSecunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management\n\nFree webinars\n\nhttp://secunia.com/vulnerability_scanning/corporate/webinars/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player Unspecified Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA40026\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/40026/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026\n\nRELEASE DATE:\n2010-06-05\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/40026/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/40026/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in Adobe Flash Player, which can be\nexploited by malicious people to compromise a user\u0027s system. \n\nThe vulnerability is caused due to an unspecified error. No more\ninformation is currently available. \n\nThe vulnerability is reported in version 10.0.45.2 and prior 10.0.x\nand 9.0.x versions for Windows, Macintosh, Linux, and Solaris. \n\nNOTE: The vulnerability is reportedly being actively exploited. \n\nSOLUTION:\nReportedly, the latest version 10.1 Release Candidate is not\naffected. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\nReported as a 0-day. \n\nORIGINAL ADVISORY:\nAdobe:\nhttp://www.adobe.com/support/security/advisories/apsa10-01.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n National Cyber Alert System\n\n Technical Cyber Security Alert TA10-159A\n\n\nAdobe Flash, Reader, and Acrobat Vulnerability\n\n Original release date: June 08, 2010\n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n * Adobe Flash Player 10.0.45.2 and earlier 10.x versions\n * Adobe Flash Player 9.0.262 and earlier 9.x versions\n * Adobe Reader 9.3.2 and earlier 9.x versions\n * Adobe Acrobat 9.3.2 and earlier 9.x versions\n\n Other Adobe products that support Flash may also be vulnerable. This\n vulnerability affects Flash Player, Reader, Acrobat, and possibly\n other products that support Flash. \n\n\nI. It may\n also affect other products that independently support Flash, such\n as Photoshop, Photoshop Lightroom, Freehand MX, and Fireworks. \n\n An attacker could exploit this vulnerability by convincing a user\n to open specially crafted Flash content. Flash content is commonly\n hosted on a web page, but it can also be embedded in PDF and other\n documents or provided as a stand-alone file. \n\n\nII. \n\n\nIII. Solution\n\n Update\n\n Adobe Security Advisory APSA10-01 suggests updating to the release\n candidate of Flash Player 10.1. \n\n Disable Flash in your web browser\n\n Uninstall Flash or restrict which sites are allowed to run Flash. \n To the extent possible, only run trusted Flash content on trusted\n domains. For more information, see Securing Your Web Browser. \n\n Disable Flash in Adobe Reader and Acrobat\n\n Disabling Flash in Adobe Reader will mitigate attacks that rely on\n Flash content embedded in a PDF file. Disabling 3D \u0026 Multimedia\n support does not directly address the vulnerability, but it does\n provide additional mitigation and results in a more user-friendly\n error message instead of a crash. To disable Flash and 3D \u0026\n Multimedia support in Adobe Reader 9, delete, rename, or remove\n access to these files:\n\n Microsoft Windows\n\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\authplay.dll\"\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\rt3d.dll\"\n\n Apple Mac OS X\n\n \"/Applications/Adobe Reader 9/Adobe\n Reader.app/Contents/Frameworks/AuthPlayLib.bundle\"\n \"/Applications/Adobe Reader 9/Adobe\n Reader.app/Contents/Frameworks/Adobe3D.framework\"\n\n\n GNU/Linux (locations may vary among distributions)\n\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so\"\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so\"\n\n File locations may be different for Adobe Acrobat or other Adobe\n products that include Flash and 3D \u0026 Multimedia support. Disabling\n these plugins will reduce functionality and will not protect\n against Flash content hosted on websites. Depending on the update\n schedule for products other than Flash Player, consider leaving\n Flash and 3D \u0026 Multimedia support disabled unless they are\n absolutely required. \n\n Prevent Internet Explorer from automatically opening PDF documents\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF documents in the web browser\n\n Preventing PDF documents from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF documents from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. \n\n Disable JavaScript in Adobe Reader and Acrobat\n\n Disabling JavaScript provides some additional protection against\n attacks. Acrobat JavaScript can be disabled using the Preferences\n menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable Acrobat\n JavaScript). \n\n Enable DEP in Microsoft Windows\n\n Consider enabling Data Execution Prevention (DEP) in supported\n versions of Windows. DEP should not be treated as a complete\n workaround, but it can mitigate the execution of attacker-supplied\n code in some cases. Microsoft has published detailed technical\n information about DEP in Security Research \u0026 Defense blog posts\n \"Understanding DEP as a mitigation technology\" part 1 and part 2. \n Use of DEP should be considered in conjunction with the application\n of patches or other mitigations described in this document. \n\n Do not access PDF documents from untrusted sources\n\n Do not open unfamiliar or unexpected PDF documents, particularly\n those hosted on websites or delivered as email attachments. Please\n see Cyber Security Tip ST04-010. \n\n\nIV. References\n\n * Security Advisory for Flash Player, Adobe Reader and Acrobat -\n \u003chttp://www.adobe.com/support/security/advisories/apsa10-01.html\u003e\n\n * Adobe Labs - Flash Player 10 pre-release -\n \u003chttp://labs.adobe.com/technologies/flashplayer10/\u003e\n\n * US-CERT Vulnerability Note VU#486225 -\n \u003chttp://www.kb.cert.org/vuls/id/486225\u003e\n\n * Securing Your Web Browser -\n \u003chttp://www.us-cert.gov/reading_room/securing_browser/\u003e\n\n * Understanding DEP as a mitigation technology part 1 -\n \u003chttp://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx\u003e\n\n * Understanding DEP as a mitigation technology part 2 -\n \u003chttp://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx\u003e\n\n ____________________________________________________________________\n\n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA10-159A.html\u003e\n ____________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-159A Feedback VU#486225\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n June 08, 2010: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBTA65yT6pPKYJORa3AQLS9wf/fh+7IwRtBvoPgn8pYeOsVheLkbVLWC3W\nmiWUnY1acuPTwZzG5JcAldRHksFkx1j0mMEvp4PhtiTr51JFPi4XgDfrG4cEcVaw\nnuAqEV+hLAWZkMex/jWxBV+85tZqKN0kiUr3bq5DPsdkhjV7c2MFfS8BSxLXLuPm\nOFAXPT+XFldq6MJhYUOtWT1CIz6PNPfo68KmZaUThjdqkkBW3HQu90OSRf2c6M/u\nV6KBQf7QuhpPqYUqAZU6ZUNEfL/7g2BwvuPjUMlgE5N+Z8EYnhyhu0qDtZeLUcXA\n2gH31VEr79DUHJqpb9jk61bi5Dm4gjHeLHoTAwu0IrduZzXvWncfIg==\n=ZPZM\n-----END PGP SIGNATURE-----\n. \n\nSOLUTION:\nDelete, rename, or remove access to authplay.dll to prevent running\nSWF content in PDF files",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-2210"
},
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001716"
},
{
"db": "BID",
"id": "41242"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "VULHUB",
"id": "VHN-44815"
},
{
"db": "VULMON",
"id": "CVE-2010-2210"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "90321"
}
],
"trust": 3.42
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.kb.cert.org/vuls/id/486225",
"trust": 0.8,
"type": "poc"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-2210",
"trust": 3.0
},
{
"db": "BID",
"id": "41242",
"trust": 2.3
},
{
"db": "VUPEN",
"id": "ADV-2010-1636",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1024159",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "40026",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#486225",
"trust": 0.9
},
{
"db": "USCERT",
"id": "TA10-159A",
"trust": 0.9
},
{
"db": "USCERT",
"id": "SA10-162A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "TA10-162A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA10-159A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001716",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201006-488",
"trust": 0.7
},
{
"db": "BID",
"id": "41130",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-44815",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2010-2210",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "93607",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90322",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90516",
"trust": 0.1
},
{
"db": "SECUNIA",
"id": "40034",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90321",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44815"
},
{
"db": "VULMON",
"id": "CVE-2010-2210"
},
{
"db": "BID",
"id": "41242"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001716"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "90321"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-488"
},
{
"db": "NVD",
"id": "CVE-2010-2210"
}
]
},
"id": "VAR-201006-1213",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-44815"
}
],
"trust": 0.01
},
"last_update_date": "2024-09-09T21:52:06.401000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-15",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"
},
{
"title": "APSB10-15",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-15.html"
},
{
"title": "RHSA-2010:0503",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0503.html"
},
{
"title": "TA10-159A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-159a.html"
},
{
"title": "TA10-162A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-162a.html"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/0xCyberY/CVE-T4PDF "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-2210"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001716"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44815"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001716"
},
{
"db": "NVD",
"id": "CVE-2010-2210"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"
},
{
"trust": 2.1,
"url": "http://www.securityfocus.com/bid/41242"
},
{
"trust": 2.0,
"url": "http://www.vupen.com/english/advisories/2010/1636"
},
{
"trust": 1.8,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a6929"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id?1024159"
},
{
"trust": 0.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2210"
},
{
"trust": 0.8,
"url": "http://www.adobe.com/devnet/actionscript/articles/avm2overview.pdf"
},
{
"trust": 0.8,
"url": "http://labs.adobe.com/technologies/flashplayer10/"
},
{
"trust": 0.8,
"url": "http://blog.zynamics.com/2010/06/09/analyzing-the-currently-exploited-0-day-for-adobe-reader-and-adobe-flash/"
},
{
"trust": 0.8,
"url": "http://www.symantec.com/connect/blogs/analysis-zero-day-exploit-adobe-flash-and-reader"
},
{
"trust": 0.8,
"url": "http://community.websense.com/blogs/securitylabs/archive/2010/06/09/having-fun-with-adobe-0-day-exploits.aspx"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/40026"
},
{
"trust": 0.8,
"url": "http://www.f-secure.com/weblog/archives/00001962.html"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20100611-adobe.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100015.txt"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100017.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-159a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-162a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-16"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2210"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-159a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-162a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-159a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-162a.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://www.adobe.com"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/webinars/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/0xcybery/cve-t4pdf"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2203"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2209"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0188"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0199"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201009-05.xml"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2205"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2211"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1285"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0199"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0190"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0201"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0188"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0198"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-07.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1297"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1241"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1295"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2208"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0190"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0198"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2207"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2168"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2201"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-16.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0186"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2212"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40026/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40026/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/486225\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-159a.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx\u003e"
},
{
"trust": 0.1,
"url": "http://labs.adobe.com/technologies/flashplayer10/\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/reading_room/securing_browser/\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx\u003e"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40034/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40034"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40034/#comments"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44815"
},
{
"db": "VULMON",
"id": "CVE-2010-2210"
},
{
"db": "BID",
"id": "41242"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001716"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "90321"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-488"
},
{
"db": "NVD",
"id": "CVE-2010-2210"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44815"
},
{
"db": "VULMON",
"id": "CVE-2010-2210"
},
{
"db": "BID",
"id": "41242"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001716"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "90321"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-488"
},
{
"db": "NVD",
"id": "CVE-2010-2210"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-06-07T00:00:00",
"db": "CERT/CC",
"id": "VU#486225"
},
{
"date": "2010-06-30T00:00:00",
"db": "VULHUB",
"id": "VHN-44815"
},
{
"date": "2010-06-30T00:00:00",
"db": "VULMON",
"id": "CVE-2010-2210"
},
{
"date": "2010-06-29T00:00:00",
"db": "BID",
"id": "41242"
},
{
"date": "2010-06-24T00:00:00",
"db": "BID",
"id": "41130"
},
{
"date": "2010-07-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001716"
},
{
"date": "2010-09-08T05:23:46",
"db": "PACKETSTORM",
"id": "93607"
},
{
"date": "2010-06-07T11:14:28",
"db": "PACKETSTORM",
"id": "90322"
},
{
"date": "2010-06-12T04:47:27",
"db": "PACKETSTORM",
"id": "90516"
},
{
"date": "2010-06-07T11:14:25",
"db": "PACKETSTORM",
"id": "90321"
},
{
"date": "2010-06-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-488"
},
{
"date": "2010-06-30T18:30:01.770000",
"db": "NVD",
"id": "CVE-2010-2210"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-03-28T00:00:00",
"db": "CERT/CC",
"id": "VU#486225"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-44815"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2010-2210"
},
{
"date": "2015-03-19T08:11:00",
"db": "BID",
"id": "41242"
},
{
"date": "2010-06-29T22:08:00",
"db": "BID",
"id": "41130"
},
{
"date": "2010-07-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001716"
},
{
"date": "2010-07-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-488"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2010-2210"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-488"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash ActionScript AVM2 newfunction vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201006-488"
}
],
"trust": 0.6
}
}
var-201102-0075
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a 3D file, a different vulnerability than CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, CVE-2011-0595, and CVE-2011-0600. Adobe Reader and Acrobat Contains a vulnerability that allows arbitrary code execution. This vulnerability CVE-2011-0591 , CVE-2011-0592 , CVE-2011-0593 , CVE-2011-0595 and CVE-2011-0600 Is a different vulnerability.By a third party 3D An arbitrary code may be executed via the file. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the application's implementation of an image format supported by the Universal 3D compressed file format. When parsing a particular texture file specified by the format, the application will explicitly trust fields within the file in a multiply used to allocate space for the image data. Due to the application not accommodating for the result being larger than the architecture is able to store, the application will under allocate a buffer. When writing image data to this buffer the application will write outside the boundary of the allocation. This can lead to code execution under the context of the application.
For more information: SA43207
SOLUTION: Updated packages are available via Red Hat Network.
-- Vendor Response: Adobe has issued an update to correct this vulnerability. More details can be found at:
http://www.adobe.com/support/security/bulletins/apsb11-03.html
-- Disclosure Timeline: 2010-09-22 - Vulnerability reported to vendor 2011-02-08 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by: * Peter Vreugdenhil ( http://vreugdenhilresearch.nl )
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
Follow the ZDI on Twitter:
http://twitter.com/thezdi
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA43207
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43207/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
RELEASE DATE: 2011-02-09
DISCUSS ADVISORY: http://secunia.com/advisories/43207/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43207/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader / Acrobat, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks and compromise a user's system.
2) An unspecified error can be exploited to corrupt memory.
3) An unspecified error related to file permissions in Windows-based versions can be exploited to gain escalated privileges.
5) An unspecified error when parsing images can be exploited to corrupt memory.
6) An error in AcroRd32.dll when parsing certain images can be exploited to corrupt memory.
11) An input validation error can be exploited to conduct cross-site scripting attacks.
13) An unspecified error can be exploited to corrupt memory.
18) An input validation error when parsing fonts may allow code execution.
20) An error in 2d.dll when parsing height and width values of RLE_8 compressed BMP files can be exploited to cause a heap-based buffer overflow.
21) An integer overflow in ACE.dll when parsing certain ICC data can be exploited to cause a buffer overflow.
22) A boundary error in rt3d.dll when parsing bits per pixel and number of colors if 4/8-bit RLE compressed BMP files can be exploited to cause a heap-based buffer overflow.
23) An error in the U3D implementation when handling the Parent Node count can be exploited to cause a buffer overflow.
24) A boundary error when processing JPEG files embedded in a PDF file can be exploited to corrupt heap memory.
26) An input validation error can be exploited to conduct cross-site scripting attacks.
28) A boundary error in rt3d.dll when parsing certain files can be exploited to cause a stack-based buffer overflow.
29) An integer overflow in the U3D implementation when parsing a ILBM texture file can be exploited to cause a buffer overflow.
30) Some vulnerabilities are caused due to vulnerabilities in the bundled version of Adobe Flash Player.
For more information: SA43267
The vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1 and prior, and 10.0 and prior.
SOLUTION: Update to version 8.2.6, 9.4.2, or 10.0.1.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: 2) Bing Liu, Fortinet's FortiGuard Labs. 6) Abdullah Ada via ZDI. 8) Haifei Li, Fortinet's FortiGuard Labs. 14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. 21) Sebastian Apelt via ZDI. 23) el via ZDI. 14) Sean Larsson, iDefense Labs. 28) An anonymous person via ZDI.
The vendor also credits: 1) Mitja Kolsek, ACROS Security. 3) Matthew Pun. 4, 5, 18) Tavis Ormandy, Google Security Team. 7) James Quirk. 9) Brett Gervasoni, Sense of Security. 10) Joe Schatz. 11, 26) Billy Rios, Google Security Team. 12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. 13) CESG. 25) Will Dormann, CERT. 27) Marc Schoenefeld, Red Hat Security Response Team.
ORIGINAL ADVISORY: Adobe (APSB11-03) http://www.adobe.com/support/security/bulletins/apsb11-03.html http://www.adobe.com/support/security/bulletins/apsb11-02.html
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-065/ http://www.zerodayinitiative.com/advisories/ZDI-11-066/ http://www.zerodayinitiative.com/advisories/ZDI-11-067/ http://www.zerodayinitiative.com/advisories/ZDI-11-068/ http://www.zerodayinitiative.com/advisories/ZDI-11-069/ http://www.zerodayinitiative.com/advisories/ZDI-11-070/ http://www.zerodayinitiative.com/advisories/ZDI-11-071/ http://www.zerodayinitiative.com/advisories/ZDI-11-072/ http://www.zerodayinitiative.com/advisories/ZDI-11-073/ http://www.zerodayinitiative.com/advisories/ZDI-11-074/ http://www.zerodayinitiative.com/advisories/ZDI-11-075/ http://www.zerodayinitiative.com/advisories/ZDI-11-077/
FortiGuard Labs: http://www.fortiguard.com/advisory/FGA-2011-06.html
iDefense: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.7"
References
[ 1 ] CVE-2010-4091 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091 [ 2 ] CVE-2011-0562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562 [ 3 ] CVE-2011-0563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563 [ 4 ] CVE-2011-0565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565 [ 5 ] CVE-2011-0566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566 [ 6 ] CVE-2011-0567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567 [ 7 ] CVE-2011-0570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570 [ 8 ] CVE-2011-0585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585 [ 9 ] CVE-2011-0586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586 [ 10 ] CVE-2011-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587 [ 11 ] CVE-2011-0588 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588 [ 12 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 13 ] CVE-2011-0590 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590 [ 14 ] CVE-2011-0591 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591 [ 15 ] CVE-2011-0592 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592 [ 16 ] CVE-2011-0593 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593 [ 17 ] CVE-2011-0594 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594 [ 18 ] CVE-2011-0595 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595 [ 19 ] CVE-2011-0596 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596 [ 20 ] CVE-2011-0598 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598 [ 21 ] CVE-2011-0599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599 [ 22 ] CVE-2011-0600 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600 [ 23 ] CVE-2011-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602 [ 24 ] CVE-2011-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603 [ 25 ] CVE-2011-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604 [ 26 ] CVE-2011-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605 [ 27 ] CVE-2011-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606 [ 28 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 29 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 30 ] CVE-2011-2135 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 31 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 32 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 33 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 34 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 35 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 36 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 37 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 38 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 39 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 40 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 41 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 42 ] CVE-2011-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431 [ 43 ] CVE-2011-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432 [ 44 ] CVE-2011-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433 [ 45 ] CVE-2011-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434 [ 46 ] CVE-2011-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435 [ 47 ] CVE-2011-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436 [ 48 ] CVE-2011-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437 [ 49 ] CVE-2011-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438 [ 50 ] CVE-2011-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439 [ 51 ] CVE-2011-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440 [ 52 ] CVE-2011-2441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441 [ 53 ] CVE-2011-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442 [ 54 ] CVE-2011-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462 [ 55 ] CVE-2011-4369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201201-19.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0075",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "acrobat",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat professional extended",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-077"
},
{
"db": "ZDI",
"id": "ZDI-11-066"
},
{
"db": "BID",
"id": "46208"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001202"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-145"
},
{
"db": "NVD",
"id": "CVE-2011-0590"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_server_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_workstation_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001202"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Peter Vreugdenhil ( http://vreugdenhilresearch.nl )",
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-077"
},
{
"db": "ZDI",
"id": "ZDI-11-066"
}
],
"trust": 1.4
},
"cve": "CVE-2011-0590",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2011-0590",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2011-0590",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2011-0590",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-48535",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "ZDI",
"id": "CVE-2011-0590",
"trust": 1.4,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2011-0590",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-0590",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-145",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-48535",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-077"
},
{
"db": "ZDI",
"id": "ZDI-11-066"
},
{
"db": "VULHUB",
"id": "VHN-48535"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001202"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-145"
},
{
"db": "NVD",
"id": "CVE-2011-0590"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a 3D file, a different vulnerability than CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, CVE-2011-0595, and CVE-2011-0600. Adobe Reader and Acrobat Contains a vulnerability that allows arbitrary code execution. This vulnerability CVE-2011-0591 , CVE-2011-0592 , CVE-2011-0593 , CVE-2011-0595 and CVE-2011-0600 Is a different vulnerability.By a third party 3D An arbitrary code may be executed via the file. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the application\u0027s implementation of an image format supported by the Universal 3D compressed file format. When parsing a particular texture file specified by the format, the application will explicitly trust fields within the file in a multiply used to allocate space for the image data. Due to the application not accommodating for the result being larger than the architecture is able to store, the application will under allocate a buffer. When writing image data to this buffer the application will write outside the boundary of the allocation. This can lead to code execution under the context of the application. \n\nFor more information:\nSA43207\n\nSOLUTION:\nUpdated packages are available via Red Hat Network. \n\n-- Vendor Response:\nAdobe has issued an update to correct this vulnerability. More\ndetails can be found at:\n\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\n\n-- Disclosure Timeline:\n2010-09-22 - Vulnerability reported to vendor\n2011-02-08 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n * Peter Vreugdenhil ( http://vreugdenhilresearch.nl )\n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. TippingPoint does not re-sell the vulnerability details or any\nexploit code. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nFollow the ZDI on Twitter:\n\n http://twitter.com/thezdi\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA43207\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43207/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nRELEASE DATE:\n2011-02-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43207/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43207/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader /\nAcrobat, which can be exploited by malicious, local users to gain\nescalated privileges and by malicious people to conduct cross-site\nscripting attacks and compromise a user\u0027s system. \n\n2) An unspecified error can be exploited to corrupt memory. \n\n3) An unspecified error related to file permissions in Windows-based\nversions can be exploited to gain escalated privileges. \n\n5) An unspecified error when parsing images can be exploited to\ncorrupt memory. \n\n6) An error in AcroRd32.dll when parsing certain images can be\nexploited to corrupt memory. \n\n11) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n13) An unspecified error can be exploited to corrupt memory. \n\n18) An input validation error when parsing fonts may allow code\nexecution. \n\n20) An error in 2d.dll when parsing height and width values of RLE_8\ncompressed BMP files can be exploited to cause a heap-based buffer\noverflow. \n\n21) An integer overflow in ACE.dll when parsing certain ICC data can\nbe exploited to cause a buffer overflow. \n\n22) A boundary error in rt3d.dll when parsing bits per pixel and\nnumber of colors if 4/8-bit RLE compressed BMP files can be exploited\nto cause a heap-based buffer overflow. \n\n23) An error in the U3D implementation when handling the Parent Node\ncount can be exploited to cause a buffer overflow. \n\n24) A boundary error when processing JPEG files embedded in a PDF\nfile can be exploited to corrupt heap memory. \n\n26) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n28) A boundary error in rt3d.dll when parsing certain files can be\nexploited to cause a stack-based buffer overflow. \n\n29) An integer overflow in the U3D implementation when parsing a ILBM\ntexture file can be exploited to cause a buffer overflow. \n\n30) Some vulnerabilities are caused due to vulnerabilities in the\nbundled version of Adobe Flash Player. \n\nFor more information:\nSA43267\n\nThe vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1\nand prior, and 10.0 and prior. \n\nSOLUTION:\nUpdate to version 8.2.6, 9.4.2, or 10.0.1. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\n2) Bing Liu, Fortinet\u0027s FortiGuard Labs. \n6) Abdullah Ada via ZDI. \n8) Haifei Li, Fortinet\u0027s FortiGuard Labs. \n14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. \n21) Sebastian Apelt via ZDI. \n23) el via ZDI. \n14) Sean Larsson, iDefense Labs. \n28) An anonymous person via ZDI. \n\nThe vendor also credits:\n1) Mitja Kolsek, ACROS Security. \n3) Matthew Pun. \n4, 5, 18) Tavis Ormandy, Google Security Team. \n7) James Quirk. \n9) Brett Gervasoni, Sense of Security. \n10) Joe Schatz. \n11, 26) Billy Rios, Google Security Team. \n12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. \n13) CESG. \n25) Will Dormann, CERT. \n27) Marc Schoenefeld, Red Hat Security Response Team. \n\nORIGINAL ADVISORY:\nAdobe (APSB11-03)\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-02.html\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-065/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-066/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-067/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-068/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-069/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-070/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-071/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-072/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-073/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-074/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-075/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-077/\n\nFortiGuard Labs:\nhttp://www.fortiguard.com/advisory/FGA-2011-06.html\n\niDefense:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. Please\nreview the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.4.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-4091\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091\n[ 2 ] CVE-2011-0562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562\n[ 3 ] CVE-2011-0563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563\n[ 4 ] CVE-2011-0565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565\n[ 5 ] CVE-2011-0566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566\n[ 6 ] CVE-2011-0567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567\n[ 7 ] CVE-2011-0570\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570\n[ 8 ] CVE-2011-0585\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585\n[ 9 ] CVE-2011-0586\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586\n[ 10 ] CVE-2011-0587\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587\n[ 11 ] CVE-2011-0588\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588\n[ 12 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 13 ] CVE-2011-0590\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590\n[ 14 ] CVE-2011-0591\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591\n[ 15 ] CVE-2011-0592\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592\n[ 16 ] CVE-2011-0593\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593\n[ 17 ] CVE-2011-0594\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594\n[ 18 ] CVE-2011-0595\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595\n[ 19 ] CVE-2011-0596\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596\n[ 20 ] CVE-2011-0598\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598\n[ 21 ] CVE-2011-0599\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599\n[ 22 ] CVE-2011-0600\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600\n[ 23 ] CVE-2011-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602\n[ 24 ] CVE-2011-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603\n[ 25 ] CVE-2011-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604\n[ 26 ] CVE-2011-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605\n[ 27 ] CVE-2011-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606\n[ 28 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 29 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 30 ] CVE-2011-2135\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 31 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 32 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 33 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 34 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 35 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 36 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 37 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 38 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 39 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 40 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 41 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 42 ] CVE-2011-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431\n[ 43 ] CVE-2011-2432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432\n[ 44 ] CVE-2011-2433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433\n[ 45 ] CVE-2011-2434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434\n[ 46 ] CVE-2011-2435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435\n[ 47 ] CVE-2011-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436\n[ 48 ] CVE-2011-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437\n[ 49 ] CVE-2011-2438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438\n[ 50 ] CVE-2011-2439\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439\n[ 51 ] CVE-2011-2440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440\n[ 52 ] CVE-2011-2441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441\n[ 53 ] CVE-2011-2442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442\n[ 54 ] CVE-2011-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462\n[ 55 ] CVE-2011-4369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201201-19.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0590"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001202"
},
{
"db": "ZDI",
"id": "ZDI-11-077"
},
{
"db": "ZDI",
"id": "ZDI-11-066"
},
{
"db": "BID",
"id": "46208"
},
{
"db": "VULHUB",
"id": "VHN-48535"
},
{
"db": "PACKETSTORM",
"id": "98274"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98298"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
}
],
"trust": 3.69
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-48535",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48535"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-0590",
"trust": 4.5
},
{
"db": "SECTRACK",
"id": "1025033",
"trust": 1.9
},
{
"db": "VUPEN",
"id": "ADV-2011-0337",
"trust": 1.9
},
{
"db": "ZDI",
"id": "ZDI-11-077",
"trust": 1.2
},
{
"db": "ZDI",
"id": "ZDI-11-066",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "43470",
"trust": 1.2
},
{
"db": "BID",
"id": "46208",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2011-0492",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "43207",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001202",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-897",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-899",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201102-145",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "98274",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "98298",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-48535",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99246",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-074",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-071",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-070",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-067",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-073",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-072",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-065",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-068",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-075",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-069",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98320",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109194",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-077"
},
{
"db": "ZDI",
"id": "ZDI-11-066"
},
{
"db": "VULHUB",
"id": "VHN-48535"
},
{
"db": "BID",
"id": "46208"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001202"
},
{
"db": "PACKETSTORM",
"id": "98274"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98298"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-145"
},
{
"db": "NVD",
"id": "CVE-2011-0590"
}
]
},
"id": "VAR-201102-0075",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48535"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:05:00.475000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-03",
"trust": 2.2,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"title": "cpsid_89065",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/890/cpsid_89065.html"
},
{
"title": "RHSA-2011:0301",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2011-0301.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-077"
},
{
"db": "ZDI",
"id": "ZDI-11-066"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001202"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48535"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001202"
},
{
"db": "NVD",
"id": "CVE-2011-0590"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.7,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"trust": 1.9,
"url": "http://www.securitytracker.com/id?1025033"
},
{
"trust": 1.9,
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12621"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2011-0301.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/43470"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2011/0492"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0590"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2011/at110004.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0590"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/43207"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/46208"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.4,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-066/"
},
{
"trust": 0.4,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-077/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
},
{
"trust": 0.2,
"url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
},
{
"trust": 0.2,
"url": "http://vreugdenhilresearch.nl"
},
{
"trust": 0.2,
"url": "http://secunia.com/"
},
{
"trust": 0.2,
"url": "http://twitter.com/thezdi"
},
{
"trust": 0.2,
"url": "http://www.zerodayinitiative.com"
},
{
"trust": 0.2,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/vim/section_179/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-066"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/#comments"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-0301.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43470"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-077"
},
{
"trust": 0.1,
"url": "http://www.tippingpoint.com"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-068/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/#comments"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-065/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-072/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-073/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-069/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-075/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-070/"
},
{
"trust": 0.1,
"url": "http://www.fortiguard.com/advisory/fga-2011-06.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-067/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-071/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-074/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-077"
},
{
"db": "ZDI",
"id": "ZDI-11-066"
},
{
"db": "VULHUB",
"id": "VHN-48535"
},
{
"db": "BID",
"id": "46208"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001202"
},
{
"db": "PACKETSTORM",
"id": "98274"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98298"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-145"
},
{
"db": "NVD",
"id": "CVE-2011-0590"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-11-077"
},
{
"db": "ZDI",
"id": "ZDI-11-066"
},
{
"db": "VULHUB",
"id": "VHN-48535"
},
{
"db": "BID",
"id": "46208"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001202"
},
{
"db": "PACKETSTORM",
"id": "98274"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98298"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-145"
},
{
"db": "NVD",
"id": "CVE-2011-0590"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-08T00:00:00",
"db": "ZDI",
"id": "ZDI-11-077"
},
{
"date": "2011-02-08T00:00:00",
"db": "ZDI",
"id": "ZDI-11-066"
},
{
"date": "2011-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-48535"
},
{
"date": "2011-02-08T00:00:00",
"db": "BID",
"id": "46208"
},
{
"date": "2011-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001202"
},
{
"date": "2011-02-08T22:27:58",
"db": "PACKETSTORM",
"id": "98274"
},
{
"date": "2011-03-14T11:37:12",
"db": "PACKETSTORM",
"id": "99246"
},
{
"date": "2011-02-08T23:50:00",
"db": "PACKETSTORM",
"id": "98298"
},
{
"date": "2011-02-09T03:30:01",
"db": "PACKETSTORM",
"id": "98320"
},
{
"date": "2012-01-31T00:07:37",
"db": "PACKETSTORM",
"id": "109194"
},
{
"date": "2011-02-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-145"
},
{
"date": "2011-02-10T18:00:58.410000",
"db": "NVD",
"id": "CVE-2011-0590"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-08T00:00:00",
"db": "ZDI",
"id": "ZDI-11-077"
},
{
"date": "2011-02-08T00:00:00",
"db": "ZDI",
"id": "ZDI-11-066"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-48535"
},
{
"date": "2013-06-20T09:39:00",
"db": "BID",
"id": "46208"
},
{
"date": "2011-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001202"
},
{
"date": "2011-02-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-145"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2011-0590"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "98274"
},
{
"db": "PACKETSTORM",
"id": "98298"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-145"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001202"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-145"
}
],
"trust": 0.6
}
}
var-201510-0046
Vulnerability from variot
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via a crafted U3D object, a different vulnerability than CVE-2015-5586, CVE-2015-6683, CVE-2015-6684, CVE-2015-6687, CVE-2015-6688, CVE-2015-6689, CVE-2015-6690, CVE-2015-6691, CVE-2015-7615, and CVE-2015-7617. This vulnerability CVE-2015-5586 , CVE-2015-6683 , CVE-2015-6684 , CVE-2015-6687 , CVE-2015-6688 , CVE-2015-6689 , CVE-2015-6690 , CVE-2015-6691 , CVE-2015-7615 ,and CVE-2015-7617 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlCrafted by attackers U3D Arbitrary code may be executed through the object. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of U3D objects. A specially crafted U3D object can force a dangling pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code under the context of the current process. Adobe Acrobat and Reader are prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A use-after-free vulnerability exists in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0046",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-508"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005299"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-246"
},
{
"db": "NVD",
"id": "CVE-2015-7621"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005299"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "kdot",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-508"
}
],
"trust": 0.7
},
"cve": "CVE-2015-7621",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-7621",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-7621",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-85582",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-7621",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-7621",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-7621",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-246",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-85582",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2015-7621",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-508"
},
{
"db": "VULHUB",
"id": "VHN-85582"
},
{
"db": "VULMON",
"id": "CVE-2015-7621"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005299"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-246"
},
{
"db": "NVD",
"id": "CVE-2015-7621"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via a crafted U3D object, a different vulnerability than CVE-2015-5586, CVE-2015-6683, CVE-2015-6684, CVE-2015-6687, CVE-2015-6688, CVE-2015-6689, CVE-2015-6690, CVE-2015-6691, CVE-2015-7615, and CVE-2015-7617. This vulnerability CVE-2015-5586 , CVE-2015-6683 , CVE-2015-6684 , CVE-2015-6687 , CVE-2015-6688 , CVE-2015-6689 , CVE-2015-6690 , CVE-2015-6691 , CVE-2015-7615 ,and CVE-2015-7617 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlCrafted by attackers U3D Arbitrary code may be executed through the object. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of U3D objects. A specially crafted U3D object can force a dangling pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code under the context of the current process. Adobe Acrobat and Reader are prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A use-after-free vulnerability exists in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7621"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005299"
},
{
"db": "ZDI",
"id": "ZDI-15-508"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "VULHUB",
"id": "VHN-85582"
},
{
"db": "VULMON",
"id": "CVE-2015-7621"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-7621",
"trust": 3.6
},
{
"db": "ZDI",
"id": "ZDI-15-508",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005299",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3101",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-246",
"trust": 0.7
},
{
"db": "BID",
"id": "77064",
"trust": 0.4
},
{
"db": "ZDI",
"id": "ZDI-15-470",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-493",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-469",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-474",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-492",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-85582",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-7621",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-508"
},
{
"db": "VULHUB",
"id": "VHN-85582"
},
{
"db": "VULMON",
"id": "CVE-2015-7621"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005299"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-246"
},
{
"db": "NVD",
"id": "CVE-2015-7621"
}
]
},
"id": "VAR-201510-0046",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-85582"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:36.872000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Remediation measures for reusing vulnerabilities after product release",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58095"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-508"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005299"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-246"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85582"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005299"
},
{
"db": "NVD",
"id": "CVE-2015-7621"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.8,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-508"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7621"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7621"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-469/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-470/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-474/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-492/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-493/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-508/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/416.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.securityfocus.com/bid/77064"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=41495"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-508"
},
{
"db": "VULHUB",
"id": "VHN-85582"
},
{
"db": "VULMON",
"id": "CVE-2015-7621"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005299"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-246"
},
{
"db": "NVD",
"id": "CVE-2015-7621"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-508"
},
{
"db": "VULHUB",
"id": "VHN-85582"
},
{
"db": "VULMON",
"id": "CVE-2015-7621"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005299"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-246"
},
{
"db": "NVD",
"id": "CVE-2015-7621"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-508"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-85582"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULMON",
"id": "CVE-2015-7621"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77064"
},
{
"date": "2015-10-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005299"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-246"
},
{
"date": "2015-10-14T23:59:54.823000",
"db": "NVD",
"id": "CVE-2015-7621"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-508"
},
{
"date": "2020-05-19T00:00:00",
"db": "VULHUB",
"id": "VHN-85582"
},
{
"date": "2021-09-08T00:00:00",
"db": "VULMON",
"id": "CVE-2015-7621"
},
{
"date": "2015-10-26T17:00:00",
"db": "BID",
"id": "77064"
},
{
"date": "2015-10-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005299"
},
{
"date": "2020-05-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-246"
},
{
"date": "2021-09-08T17:19:32.633000",
"db": "NVD",
"id": "CVE-2015-7621"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-246"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005299"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-246"
}
],
"trust": 0.6
}
}
var-201102-0062
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image, a different vulnerability than CVE-2011-0566 and CVE-2011-0567. Adobe Reader and Acrobat Any code that could be executed or service disruption (DoS) There is a vulnerability that becomes a condition. This vulnerability CVE-2011-0566 and CVE-2011-0567 Is a different vulnerability.A third party may execute arbitrary code through the image. Adobe Reader and Acrobat versions prior to 9.4.2 and 10.0.1 are affected.
For more information: SA43207
SOLUTION: Updated packages are available via Red Hat Network. ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA43207
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43207/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
RELEASE DATE: 2011-02-09
DISCUSS ADVISORY: http://secunia.com/advisories/43207/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43207/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader / Acrobat, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks and compromise a user's system.
2) An unspecified error can be exploited to corrupt memory.
3) An unspecified error related to file permissions in Windows-based versions can be exploited to gain escalated privileges.
4) An unspecified error may allow code execution.
5) An unspecified error when parsing images can be exploited to corrupt memory.
6) An error in AcroRd32.dll when parsing certain images can be exploited to corrupt memory.
7) An unspecified error in the Macintosh-based versions may allow code execution.
9) An unspecified error may allow code execution.
10) A input validation error may allow code execution.
11) An input validation error can be exploited to conduct cross-site scripting attacks.
13) An unspecified error can be exploited to corrupt memory.
14) A boundary error when decoding U3D image data in an IFF file can be exploited to cause a buffer overflow.
15) A boundary error when decoding U3D image data in a RGBA file can be exploited to cause a buffer overflow.
16) A boundary error when decoding U3D image data in a BMP file can be exploited to cause a buffer overflow.
17) A boundary error when decoding U3D image data in a PSD file can be exploited to cause a buffer overflow.
18) An input validation error when parsing fonts may allow code execution.
19) A boundary error when decoding U3D image data in a FLI file can be exploited to cause a buffer overflow.
20) An error in 2d.dll when parsing height and width values of RLE_8 compressed BMP files can be exploited to cause a heap-based buffer overflow.
21) An integer overflow in ACE.dll when parsing certain ICC data can be exploited to cause a buffer overflow.
22) A boundary error in rt3d.dll when parsing bits per pixel and number of colors if 4/8-bit RLE compressed BMP files can be exploited to cause a heap-based buffer overflow.
23) An error in the U3D implementation when handling the Parent Node count can be exploited to cause a buffer overflow.
24) A boundary error when processing JPEG files embedded in a PDF file can be exploited to corrupt heap memory.
25) An unspecified error when parsing images may allow code execution.
26) An input validation error can be exploited to conduct cross-site scripting attacks.
27) An unspecified error in the Macintosh-based versions may allow code execution.
28) A boundary error in rt3d.dll when parsing certain files can be exploited to cause a stack-based buffer overflow.
29) An integer overflow in the U3D implementation when parsing a ILBM texture file can be exploited to cause a buffer overflow.
30) Some vulnerabilities are caused due to vulnerabilities in the bundled version of Adobe Flash Player.
For more information: SA43267
The vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1 and prior, and 10.0 and prior.
SOLUTION: Update to version 8.2.6, 9.4.2, or 10.0.1.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: 2) Bing Liu, Fortinet's FortiGuard Labs. 6) Abdullah Ada via ZDI. 8) Haifei Li, Fortinet's FortiGuard Labs. 14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. 21) Sebastian Apelt via ZDI. 23) el via ZDI. 14) Sean Larsson, iDefense Labs. 28) An anonymous person via ZDI.
The vendor also credits: 1) Mitja Kolsek, ACROS Security. 3) Matthew Pun. 4, 5, 18) Tavis Ormandy, Google Security Team. 7) James Quirk. 9) Brett Gervasoni, Sense of Security. 10) Joe Schatz. 11, 26) Billy Rios, Google Security Team. 12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. 13) CESG. 25) Will Dormann, CERT. 27) Marc Schoenefeld, Red Hat Security Response Team.
ORIGINAL ADVISORY: Adobe (APSB11-03) http://www.adobe.com/support/security/bulletins/apsb11-03.html http://www.adobe.com/support/security/bulletins/apsb11-02.html
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-065/ http://www.zerodayinitiative.com/advisories/ZDI-11-066/ http://www.zerodayinitiative.com/advisories/ZDI-11-067/ http://www.zerodayinitiative.com/advisories/ZDI-11-068/ http://www.zerodayinitiative.com/advisories/ZDI-11-069/ http://www.zerodayinitiative.com/advisories/ZDI-11-070/ http://www.zerodayinitiative.com/advisories/ZDI-11-071/ http://www.zerodayinitiative.com/advisories/ZDI-11-072/ http://www.zerodayinitiative.com/advisories/ZDI-11-073/ http://www.zerodayinitiative.com/advisories/ZDI-11-074/ http://www.zerodayinitiative.com/advisories/ZDI-11-075/ http://www.zerodayinitiative.com/advisories/ZDI-11-077/
FortiGuard Labs: http://www.fortiguard.com/advisory/FGA-2011-06.html
iDefense: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201201-19
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: January 30, 2012 Bugs: #354211, #382969, #393481 ID: 201201-19
Synopsis
Multiple vulnerabilities in Adobe Reader might allow remote attackers to execute arbitrary code or conduct various other attacks.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.4.7 >= 9.4.7=20
Description
Multiple vulnerabilities have been discovered in Adobe Reader. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.7"
References
[ 1 ] CVE-2010-4091 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091 [ 2 ] CVE-2011-0562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562 [ 3 ] CVE-2011-0563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563 [ 4 ] CVE-2011-0565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565 [ 5 ] CVE-2011-0566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566 [ 6 ] CVE-2011-0567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567 [ 7 ] CVE-2011-0570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570 [ 8 ] CVE-2011-0585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585 [ 9 ] CVE-2011-0586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586 [ 10 ] CVE-2011-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587 [ 11 ] CVE-2011-0588 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588 [ 12 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 13 ] CVE-2011-0590 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590 [ 14 ] CVE-2011-0591 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591 [ 15 ] CVE-2011-0592 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592 [ 16 ] CVE-2011-0593 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593 [ 17 ] CVE-2011-0594 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594 [ 18 ] CVE-2011-0595 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595 [ 19 ] CVE-2011-0596 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596 [ 20 ] CVE-2011-0598 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598 [ 21 ] CVE-2011-0599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599 [ 22 ] CVE-2011-0600 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600 [ 23 ] CVE-2011-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602 [ 24 ] CVE-2011-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603 [ 25 ] CVE-2011-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604 [ 26 ] CVE-2011-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605 [ 27 ] CVE-2011-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606 [ 28 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 29 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 30 ] CVE-2011-2135 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 31 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 32 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 33 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 34 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 35 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 36 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 37 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 38 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 39 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 40 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 41 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 42 ] CVE-2011-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431 [ 43 ] CVE-2011-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432 [ 44 ] CVE-2011-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433 [ 45 ] CVE-2011-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434 [ 46 ] CVE-2011-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435 [ 47 ] CVE-2011-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436 [ 48 ] CVE-2011-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437 [ 49 ] CVE-2011-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438 [ 50 ] CVE-2011-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439 [ 51 ] CVE-2011-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440 [ 52 ] CVE-2011-2441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441 [ 53 ] CVE-2011-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442 [ 54 ] CVE-2011-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462 [ 55 ] CVE-2011-4369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201201-19.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0062",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat professional extended",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
}
],
"sources": [
{
"db": "BID",
"id": "46222"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001213"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-134"
},
{
"db": "NVD",
"id": "CVE-2011-0603"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_server_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_workstation_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001213"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Will Dormann of CERT",
"sources": [
{
"db": "BID",
"id": "46222"
}
],
"trust": 0.3
},
"cve": "CVE-2011-0603",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2011-0603",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-48548",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-0603",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-0603",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-134",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-48548",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48548"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001213"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-134"
},
{
"db": "NVD",
"id": "CVE-2011-0603"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image, a different vulnerability than CVE-2011-0566 and CVE-2011-0567. Adobe Reader and Acrobat Any code that could be executed or service disruption (DoS) There is a vulnerability that becomes a condition. This vulnerability CVE-2011-0566 and CVE-2011-0567 Is a different vulnerability.A third party may execute arbitrary code through the image. \nAdobe Reader and Acrobat versions prior to 9.4.2 and 10.0.1 are affected. \n\nFor more information:\nSA43207\n\nSOLUTION:\nUpdated packages are available via Red Hat Network. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA43207\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43207/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nRELEASE DATE:\n2011-02-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43207/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43207/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader /\nAcrobat, which can be exploited by malicious, local users to gain\nescalated privileges and by malicious people to conduct cross-site\nscripting attacks and compromise a user\u0027s system. \n\n2) An unspecified error can be exploited to corrupt memory. \n\n3) An unspecified error related to file permissions in Windows-based\nversions can be exploited to gain escalated privileges. \n\n4) An unspecified error may allow code execution. \n\n5) An unspecified error when parsing images can be exploited to\ncorrupt memory. \n\n6) An error in AcroRd32.dll when parsing certain images can be\nexploited to corrupt memory. \n\n7) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n9) An unspecified error may allow code execution. \n\n10) A input validation error may allow code execution. \n\n11) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n13) An unspecified error can be exploited to corrupt memory. \n\n14) A boundary error when decoding U3D image data in an IFF file can\nbe exploited to cause a buffer overflow. \n\n15) A boundary error when decoding U3D image data in a RGBA file can\nbe exploited to cause a buffer overflow. \n\n16) A boundary error when decoding U3D image data in a BMP file can\nbe exploited to cause a buffer overflow. \n\n17) A boundary error when decoding U3D image data in a PSD file can\nbe exploited to cause a buffer overflow. \n\n18) An input validation error when parsing fonts may allow code\nexecution. \n\n19) A boundary error when decoding U3D image data in a FLI file can\nbe exploited to cause a buffer overflow. \n\n20) An error in 2d.dll when parsing height and width values of RLE_8\ncompressed BMP files can be exploited to cause a heap-based buffer\noverflow. \n\n21) An integer overflow in ACE.dll when parsing certain ICC data can\nbe exploited to cause a buffer overflow. \n\n22) A boundary error in rt3d.dll when parsing bits per pixel and\nnumber of colors if 4/8-bit RLE compressed BMP files can be exploited\nto cause a heap-based buffer overflow. \n\n23) An error in the U3D implementation when handling the Parent Node\ncount can be exploited to cause a buffer overflow. \n\n24) A boundary error when processing JPEG files embedded in a PDF\nfile can be exploited to corrupt heap memory. \n\n25) An unspecified error when parsing images may allow code\nexecution. \n\n26) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n27) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n28) A boundary error in rt3d.dll when parsing certain files can be\nexploited to cause a stack-based buffer overflow. \n\n29) An integer overflow in the U3D implementation when parsing a ILBM\ntexture file can be exploited to cause a buffer overflow. \n\n30) Some vulnerabilities are caused due to vulnerabilities in the\nbundled version of Adobe Flash Player. \n\nFor more information:\nSA43267\n\nThe vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1\nand prior, and 10.0 and prior. \n\nSOLUTION:\nUpdate to version 8.2.6, 9.4.2, or 10.0.1. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\n2) Bing Liu, Fortinet\u0027s FortiGuard Labs. \n6) Abdullah Ada via ZDI. \n8) Haifei Li, Fortinet\u0027s FortiGuard Labs. \n14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. \n21) Sebastian Apelt via ZDI. \n23) el via ZDI. \n14) Sean Larsson, iDefense Labs. \n28) An anonymous person via ZDI. \n\nThe vendor also credits:\n1) Mitja Kolsek, ACROS Security. \n3) Matthew Pun. \n4, 5, 18) Tavis Ormandy, Google Security Team. \n7) James Quirk. \n9) Brett Gervasoni, Sense of Security. \n10) Joe Schatz. \n11, 26) Billy Rios, Google Security Team. \n12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. \n13) CESG. \n25) Will Dormann, CERT. \n27) Marc Schoenefeld, Red Hat Security Response Team. \n\nORIGINAL ADVISORY:\nAdobe (APSB11-03)\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-02.html\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-065/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-066/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-067/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-068/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-069/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-070/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-071/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-072/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-073/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-074/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-075/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-077/\n\nFortiGuard Labs:\nhttp://www.fortiguard.com/advisory/FGA-2011-06.html\n\niDefense:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201201-19\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: January 30, 2012\n Bugs: #354211, #382969, #393481\n ID: 201201-19\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might allow remote attackers\nto execute arbitrary code or conduct various other attacks. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/acroread \u003c 9.4.7 \u003e= 9.4.7=20\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Adobe Reader. Please\nreview the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.4.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-4091\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091\n[ 2 ] CVE-2011-0562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562\n[ 3 ] CVE-2011-0563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563\n[ 4 ] CVE-2011-0565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565\n[ 5 ] CVE-2011-0566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566\n[ 6 ] CVE-2011-0567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567\n[ 7 ] CVE-2011-0570\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570\n[ 8 ] CVE-2011-0585\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585\n[ 9 ] CVE-2011-0586\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586\n[ 10 ] CVE-2011-0587\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587\n[ 11 ] CVE-2011-0588\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588\n[ 12 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 13 ] CVE-2011-0590\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590\n[ 14 ] CVE-2011-0591\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591\n[ 15 ] CVE-2011-0592\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592\n[ 16 ] CVE-2011-0593\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593\n[ 17 ] CVE-2011-0594\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594\n[ 18 ] CVE-2011-0595\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595\n[ 19 ] CVE-2011-0596\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596\n[ 20 ] CVE-2011-0598\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598\n[ 21 ] CVE-2011-0599\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599\n[ 22 ] CVE-2011-0600\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600\n[ 23 ] CVE-2011-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602\n[ 24 ] CVE-2011-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603\n[ 25 ] CVE-2011-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604\n[ 26 ] CVE-2011-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605\n[ 27 ] CVE-2011-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606\n[ 28 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 29 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 30 ] CVE-2011-2135\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 31 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 32 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 33 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 34 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 35 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 36 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 37 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 38 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 39 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 40 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 41 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 42 ] CVE-2011-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431\n[ 43 ] CVE-2011-2432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432\n[ 44 ] CVE-2011-2433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433\n[ 45 ] CVE-2011-2434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434\n[ 46 ] CVE-2011-2435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435\n[ 47 ] CVE-2011-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436\n[ 48 ] CVE-2011-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437\n[ 49 ] CVE-2011-2438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438\n[ 50 ] CVE-2011-2439\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439\n[ 51 ] CVE-2011-2440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440\n[ 52 ] CVE-2011-2441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441\n[ 53 ] CVE-2011-2442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442\n[ 54 ] CVE-2011-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462\n[ 55 ] CVE-2011-4369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201201-19.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0603"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001213"
},
{
"db": "BID",
"id": "46222"
},
{
"db": "VULHUB",
"id": "VHN-48548"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-0603",
"trust": 2.9
},
{
"db": "BID",
"id": "46222",
"trust": 2.2
},
{
"db": "VUPEN",
"id": "ADV-2011-0337",
"trust": 1.9
},
{
"db": "SECTRACK",
"id": "1025033",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "43470",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2011-0492",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "43207",
"trust": 1.0
},
{
"db": "XF",
"id": "65306",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001213",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201102-134",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-48548",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99246",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-074",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-071",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-070",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-066",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-067",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-077",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-073",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-072",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-065",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-068",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-075",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-069",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98320",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109194",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48548"
},
{
"db": "BID",
"id": "46222"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001213"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-134"
},
{
"db": "NVD",
"id": "CVE-2011-0603"
}
]
},
"id": "VAR-201102-0062",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48548"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:09:04.115000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-03",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"title": "cpsid_89065",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/890/cpsid_89065.html"
},
{
"title": "RHSA-2011:0301",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2011-0301.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001213"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48548"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001213"
},
{
"db": "NVD",
"id": "CVE-2011-0603"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/46222"
},
{
"trust": 1.9,
"url": "http://www.securitytracker.com/id?1025033"
},
{
"trust": 1.9,
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12492"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2011-0301.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/43470"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2011/0492"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65306"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0603"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/65306"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2011/at110004.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0603"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/43207"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/vim/section_179/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/#comments"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-0301.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43470"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-066/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-068/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/#comments"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-065/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-072/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-073/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-069/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-075/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-070/"
},
{
"trust": 0.1,
"url": "http://www.fortiguard.com/advisory/fga-2011-06.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-077/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-067/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-071/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-074/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48548"
},
{
"db": "BID",
"id": "46222"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001213"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-134"
},
{
"db": "NVD",
"id": "CVE-2011-0603"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-48548"
},
{
"db": "BID",
"id": "46222"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001213"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-134"
},
{
"db": "NVD",
"id": "CVE-2011-0603"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-48548"
},
{
"date": "2011-02-08T00:00:00",
"db": "BID",
"id": "46222"
},
{
"date": "2011-03-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001213"
},
{
"date": "2011-03-14T11:37:12",
"db": "PACKETSTORM",
"id": "99246"
},
{
"date": "2011-02-09T03:30:01",
"db": "PACKETSTORM",
"id": "98320"
},
{
"date": "2012-01-31T00:07:37",
"db": "PACKETSTORM",
"id": "109194"
},
{
"date": "2011-02-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-134"
},
{
"date": "2011-02-10T18:00:58.927000",
"db": "NVD",
"id": "CVE-2011-0603"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-48548"
},
{
"date": "2015-03-19T09:13:00",
"db": "BID",
"id": "46222"
},
{
"date": "2011-03-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001213"
},
{
"date": "2011-02-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-134"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2011-0603"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-134"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001213"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-134"
}
],
"trust": 0.6
}
}
var-201112-0089
Vulnerability from variot
Unspecified vulnerability in the PRC component in Adobe Reader and Acrobat 9.x before 9.4.7 on Windows, Adobe Reader and Acrobat 9.x through 9.4.6 on Mac OS X, Adobe Reader and Acrobat 10.x through 10.1.1 on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011. Adobe Reader and Acrobat of PRC Component can be executed arbitrary code or denial of service ( Memory corruption ) There is a vulnerability that becomes a condition.Arbitrary code is executed or service operation is interrupted by a third party ( Memory corruption ) There is a possibility of being put into a state. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. There are unidentified security vulnerabilities in PRC components in multiple versions of Adobe. A remote attacker can cause a denial of service (memory corruption) with the help of an unknown vector. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: acroread security update Advisory ID: RHSA-2012:0011-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-0011.html Issue date: 2012-01-10 CVE Names: CVE-2011-2462 CVE-2011-4369 =====================================================================
- Summary:
Updated acroread packages that fix two security issues are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Relevant releases/architectures:
Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
Adobe Reader allows users to view and print documents in Portable Document Format (PDF). These flaws are detailed on the Adobe security page APSB11-30, listed in the References section. Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259
- Package List:
Red Hat Enterprise Linux AS version 4 Extras:
i386: acroread-9.4.7-1.el4.i386.rpm acroread-plugin-9.4.7-1.el4.i386.rpm
x86_64: acroread-9.4.7-1.el4.i386.rpm
Red Hat Desktop version 4 Extras:
i386: acroread-9.4.7-1.el4.i386.rpm acroread-plugin-9.4.7-1.el4.i386.rpm
x86_64: acroread-9.4.7-1.el4.i386.rpm
Red Hat Enterprise Linux ES version 4 Extras:
i386: acroread-9.4.7-1.el4.i386.rpm acroread-plugin-9.4.7-1.el4.i386.rpm
x86_64: acroread-9.4.7-1.el4.i386.rpm
Red Hat Enterprise Linux WS version 4 Extras:
i386: acroread-9.4.7-1.el4.i386.rpm acroread-plugin-9.4.7-1.el4.i386.rpm
x86_64: acroread-9.4.7-1.el4.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: acroread-9.4.7-1.el5.i386.rpm acroread-plugin-9.4.7-1.el5.i386.rpm
x86_64: acroread-9.4.7-1.el5.i386.rpm acroread-plugin-9.4.7-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: acroread-9.4.7-1.el5.i386.rpm acroread-plugin-9.4.7-1.el5.i386.rpm
x86_64: acroread-9.4.7-1.el5.i386.rpm acroread-plugin-9.4.7-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: acroread-9.4.7-1.el6.i686.rpm acroread-plugin-9.4.7-1.el6.i686.rpm
x86_64: acroread-9.4.7-1.el6.i686.rpm acroread-plugin-9.4.7-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: acroread-9.4.7-1.el6.i686.rpm acroread-plugin-9.4.7-1.el6.i686.rpm
x86_64: acroread-9.4.7-1.el6.i686.rpm acroread-plugin-9.4.7-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: acroread-9.4.7-1.el6.i686.rpm acroread-plugin-9.4.7-1.el6.i686.rpm
x86_64: acroread-9.4.7-1.el6.i686.rpm acroread-plugin-9.4.7-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2011-2462.html https://www.redhat.com/security/data/cve/CVE-2011-4369.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb11-30.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201201-19
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: January 30, 2012 Bugs: #354211, #382969, #393481 ID: 201201-19
Synopsis
Multiple vulnerabilities in Adobe Reader might allow remote attackers to execute arbitrary code or conduct various other attacks. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.7"
References
[ 1 ] CVE-2010-4091 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091 [ 2 ] CVE-2011-0562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562 [ 3 ] CVE-2011-0563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563 [ 4 ] CVE-2011-0565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565 [ 5 ] CVE-2011-0566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566 [ 6 ] CVE-2011-0567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567 [ 7 ] CVE-2011-0570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570 [ 8 ] CVE-2011-0585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585 [ 9 ] CVE-2011-0586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586 [ 10 ] CVE-2011-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587 [ 11 ] CVE-2011-0588 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588 [ 12 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 13 ] CVE-2011-0590 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590 [ 14 ] CVE-2011-0591 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591 [ 15 ] CVE-2011-0592 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592 [ 16 ] CVE-2011-0593 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593 [ 17 ] CVE-2011-0594 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594 [ 18 ] CVE-2011-0595 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595 [ 19 ] CVE-2011-0596 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596 [ 20 ] CVE-2011-0598 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598 [ 21 ] CVE-2011-0599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599 [ 22 ] CVE-2011-0600 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600 [ 23 ] CVE-2011-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602 [ 24 ] CVE-2011-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603 [ 25 ] CVE-2011-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604 [ 26 ] CVE-2011-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605 [ 27 ] CVE-2011-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606 [ 28 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 29 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 30 ] CVE-2011-2135 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 31 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 32 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 33 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 34 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 35 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 36 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 37 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 38 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 39 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 40 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 41 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 42 ] CVE-2011-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431 [ 43 ] CVE-2011-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432 [ 44 ] CVE-2011-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433 [ 45 ] CVE-2011-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434 [ 46 ] CVE-2011-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435 [ 47 ] CVE-2011-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436 [ 48 ] CVE-2011-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437 [ 49 ] CVE-2011-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438 [ 50 ] CVE-2011-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439 [ 51 ] CVE-2011-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440 [ 52 ] CVE-2011-2441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441 [ 53 ] CVE-2011-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442 [ 54 ] CVE-2011-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462 [ 55 ] CVE-2011-4369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201201-19.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 .
I. Description
Adobe Security Bulletin APSB11-30 and Adobe Security Advisory APSA11-04 describe a number of vulnerabilities affecting Adobe Reader and Acrobat. These vulnerabilities affect Reader and Acrobat 9.4.6 and earlier 9.x versions. These vulnerabilities also affect Reader X and Acrobat X 10.1.1 and earlier 10.x versions.
An attacker could exploit these vulnerabilities by convincing a user to open a specially crafted PDF file. The Adobe Reader browser plug-in, which can automatically open PDF documents hosted on a website, is available for multiple web browsers and operating systems.
Adobe Reader X and Adobe Acrobat X will be patched in the next quarterly update scheduled for January 10, 2012.
II. Impact
These vulnerabilities could allow a remote attacker to execute arbitrary code, write arbitrary files or folders to the file system, escalate local privileges, or cause a denial of service on an affected system as the result of a user opening a malicious PDF file.
III. Solution
Update Reader
Adobe has released updates to address this issue. Users are encouraged to read Adobe Security Bulletin APSB11-30 and update vulnerable versions of Adobe Reader and Acrobat.
In addition to updating, please consider the following mitigations.
Disable Flash in Adobe Reader and Acrobat
Disabling Flash in Adobe Reader will mitigate attacks that rely on Flash content embedded in a PDF file. Disabling 3D & Multimedia support does not directly address the vulnerability, but it does provide additional mitigation and results in a more user-friendly error message instead of a crash. Disabling these plugins will reduce functionality and will not protect against Flash content that is hosted on websites. Depending on the update schedule for products other than Flash Player, consider leaving Flash and 3D & Multimedia support disabled unless they are absolutely required.
Disable JavaScript in Adobe Reader and Acrobat
Disabling JavaScript may prevent some exploits from resulting in code execution. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Adobe provides a framework to blacklist specific JavaScipt APIs. If JavaScript must be enabled, this framework may be useful when specific APIs are known to be vulnerable or used in attacks.
Prevent Internet Explorer from automatically opening PDF files
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7] "EditFlags"=hex:00,00,00,00
Disable the display of PDF files in the web browser
Preventing PDF files from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF files from automatically being opened in a web browser, do the following:
- Open the Edit menu.
- Choose the Preferences option.
- Choose the Internet section.
- Uncheck the "Display PDF in browser" checkbox.
Remove or restrict access to 3difr.x3d
By removing or restricting access to the 3difr.x3d file, Adobe Reader and Acrobat will fail to render U3D content, which helps to mitigate this vulnerability. PDF documents that use the PRC format for 3D content will continue to function on Windows and Linux platforms.
To disable U3D support in Adobe Reader 9 on Microsoft Windows, delete or rename this file:
"%ProgramFiles%\Adobe\Reader 9.0\Reader\plug_ins3d\3difr.x3d"
For Apple Mac OS X, delete or rename this directory:
"/Applications/Adobe Reader 9/Adobe Reader.app/Contents/Frameworks/Adobe3D.framework"
For GNU/Linux, delete or rename this file (locations may vary among distributions):
"/opt/Adobe/Reader9/Reader/intellinux/plug_ins3d/3difr.x3d"
File locations may be different for Adobe Acrobat or other Adobe products or versions.
Do not access PDF files from untrusted sources
Do not open unfamiliar or unexpected PDF files, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. Please send email to cert@cert.org with "TA11-350A Feedback VU#759307" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2011 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
December 16, 2011: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBTuuZnz/GkGVXE7GMAQIN8ggAjjQO8LOasl98uasGZW2J5SHfkKr675Mf ymRzBagFqO9QuId2RvFG2b9nuq5zdqETsrcG1t668wtYLUhBaoLmFXPe/KsDQ9n+ /p9PctVJFmJpV92S3kAHw+u4t1n/Aa/4IdK0oXNBDhkyXrp41F27LY+aQ8FWWuxZ lL4jXSUQ/gLgb6hOhLjRCsQtEhAcPbX/mPNxl6bACXZaOVZT88fz9M7JXryDiJWO uuFi3O2GT0Bd3fEsL57U/TSbq8SynadObMSj4/+Q1HmOHcD0L5gzd9/N4M3D1Emg y7aeUpgycY5eFefY3LVVkb7JkTUbEZHbuNHydFKIJDRlaXBAo+D0QQ== =rKM4 -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201112-0089",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.6 and 9.x previous version for macintosh"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.7 and 9.x previous version for windows"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.1) 10.x for windows and macintosh"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.6 and 9.x previous version for macintosh"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.7 and 9.x previous version for windows"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.1) 10.x for windows and macintosh"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
}
],
"sources": [
{
"db": "BID",
"id": "51092"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003414"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-342"
},
{
"db": "NVD",
"id": "CVE-2011-4369"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-003414"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Lockheed Martin CIRT, MITRE and members of the Defense Security Information Exchange",
"sources": [
{
"db": "BID",
"id": "51092"
}
],
"trust": 0.3
},
"cve": "CVE-2011-4369",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2011-4369",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-52314",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-4369",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-4369",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201112-342",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-52314",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-52314"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003414"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-342"
},
{
"db": "NVD",
"id": "CVE-2011-4369"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in the PRC component in Adobe Reader and Acrobat 9.x before 9.4.7 on Windows, Adobe Reader and Acrobat 9.x through 9.4.6 on Mac OS X, Adobe Reader and Acrobat 10.x through 10.1.1 on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011. Adobe Reader and Acrobat of PRC Component can be executed arbitrary code or denial of service ( Memory corruption ) There is a vulnerability that becomes a condition.Arbitrary code is executed or service operation is interrupted by a third party ( Memory corruption ) There is a possibility of being put into a state. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. There are unidentified security vulnerabilities in PRC components in multiple versions of Adobe. A remote attacker can cause a denial of service (memory corruption) with the help of an unknown vector. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: acroread security update\nAdvisory ID: RHSA-2012:0011-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2012-0011.html\nIssue date: 2012-01-10\nCVE Names: CVE-2011-2462 CVE-2011-4369 \n=====================================================================\n\n1. Summary:\n\nUpdated acroread packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 and 6\nSupplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. Relevant releases/architectures:\n\nRed Hat Desktop version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux AS version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux ES version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux WS version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nAdobe Reader allows users to view and print documents in Portable Document\nFormat (PDF). These flaws are\ndetailed on the Adobe security page APSB11-30, listed in the References\nsection. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\n5. Package List:\n\nRed Hat Enterprise Linux AS version 4 Extras:\n\ni386:\nacroread-9.4.7-1.el4.i386.rpm\nacroread-plugin-9.4.7-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.7-1.el4.i386.rpm\n\nRed Hat Desktop version 4 Extras:\n\ni386:\nacroread-9.4.7-1.el4.i386.rpm\nacroread-plugin-9.4.7-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.7-1.el4.i386.rpm\n\nRed Hat Enterprise Linux ES version 4 Extras:\n\ni386:\nacroread-9.4.7-1.el4.i386.rpm\nacroread-plugin-9.4.7-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.7-1.el4.i386.rpm\n\nRed Hat Enterprise Linux WS version 4 Extras:\n\ni386:\nacroread-9.4.7-1.el4.i386.rpm\nacroread-plugin-9.4.7-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.7-1.el4.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nacroread-9.4.7-1.el5.i386.rpm\nacroread-plugin-9.4.7-1.el5.i386.rpm\n\nx86_64:\nacroread-9.4.7-1.el5.i386.rpm\nacroread-plugin-9.4.7-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nacroread-9.4.7-1.el5.i386.rpm\nacroread-plugin-9.4.7-1.el5.i386.rpm\n\nx86_64:\nacroread-9.4.7-1.el5.i386.rpm\nacroread-plugin-9.4.7-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nacroread-9.4.7-1.el6.i686.rpm\nacroread-plugin-9.4.7-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.7-1.el6.i686.rpm\nacroread-plugin-9.4.7-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nacroread-9.4.7-1.el6.i686.rpm\nacroread-plugin-9.4.7-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.7-1.el6.i686.rpm\nacroread-plugin-9.4.7-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nacroread-9.4.7-1.el6.i686.rpm\nacroread-plugin-9.4.7-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.7-1.el6.i686.rpm\nacroread-plugin-9.4.7-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and \ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2011-2462.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-4369.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb11-30.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2012 Red Hat, Inc. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201201-19\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: January 30, 2012\n Bugs: #354211, #382969, #393481\n ID: 201201-19\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might allow remote attackers\nto execute arbitrary code or conduct various other attacks. Please\nreview the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.4.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-4091\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091\n[ 2 ] CVE-2011-0562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562\n[ 3 ] CVE-2011-0563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563\n[ 4 ] CVE-2011-0565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565\n[ 5 ] CVE-2011-0566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566\n[ 6 ] CVE-2011-0567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567\n[ 7 ] CVE-2011-0570\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570\n[ 8 ] CVE-2011-0585\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585\n[ 9 ] CVE-2011-0586\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586\n[ 10 ] CVE-2011-0587\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587\n[ 11 ] CVE-2011-0588\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588\n[ 12 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 13 ] CVE-2011-0590\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590\n[ 14 ] CVE-2011-0591\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591\n[ 15 ] CVE-2011-0592\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592\n[ 16 ] CVE-2011-0593\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593\n[ 17 ] CVE-2011-0594\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594\n[ 18 ] CVE-2011-0595\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595\n[ 19 ] CVE-2011-0596\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596\n[ 20 ] CVE-2011-0598\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598\n[ 21 ] CVE-2011-0599\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599\n[ 22 ] CVE-2011-0600\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600\n[ 23 ] CVE-2011-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602\n[ 24 ] CVE-2011-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603\n[ 25 ] CVE-2011-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604\n[ 26 ] CVE-2011-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605\n[ 27 ] CVE-2011-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606\n[ 28 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 29 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 30 ] CVE-2011-2135\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 31 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 32 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 33 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 34 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 35 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 36 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 37 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 38 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 39 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 40 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 41 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 42 ] CVE-2011-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431\n[ 43 ] CVE-2011-2432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432\n[ 44 ] CVE-2011-2433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433\n[ 45 ] CVE-2011-2434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434\n[ 46 ] CVE-2011-2435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435\n[ 47 ] CVE-2011-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436\n[ 48 ] CVE-2011-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437\n[ 49 ] CVE-2011-2438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438\n[ 50 ] CVE-2011-2439\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439\n[ 51 ] CVE-2011-2440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440\n[ 52 ] CVE-2011-2441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441\n[ 53 ] CVE-2011-2442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442\n[ 54 ] CVE-2011-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462\n[ 55 ] CVE-2011-4369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201201-19.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. \n\n\nI. Description\n\n Adobe Security Bulletin APSB11-30 and Adobe Security Advisory\n APSA11-04 describe a number of vulnerabilities affecting Adobe\n Reader and Acrobat. These vulnerabilities affect Reader and Acrobat\n 9.4.6 and earlier 9.x versions. These vulnerabilities also affect\n Reader X and Acrobat X 10.1.1 and earlier 10.x versions. \n\n An attacker could exploit these vulnerabilities by convincing a\n user to open a specially crafted PDF file. The Adobe Reader browser\n plug-in, which can automatically open PDF documents hosted on a\n website, is available for multiple web browsers and operating\n systems. \n\n Adobe Reader X and Adobe Acrobat X will be patched in the next\n quarterly update scheduled for January 10, 2012. \n\n\nII. Impact\n\n These vulnerabilities could allow a remote attacker to execute\n arbitrary code, write arbitrary files or folders to the file\n system, escalate local privileges, or cause a denial of service on\n an affected system as the result of a user opening a malicious PDF\n file. \n\n\nIII. Solution\n\n Update Reader\n\n Adobe has released updates to address this issue. Users are\n encouraged to read Adobe Security Bulletin APSB11-30 and update\n vulnerable versions of Adobe Reader and Acrobat. \n\n In addition to updating, please consider the following mitigations. \n\n Disable Flash in Adobe Reader and Acrobat\n\n Disabling Flash in Adobe Reader will mitigate attacks that rely on\n Flash content embedded in a PDF file. Disabling 3D \u0026 Multimedia\n support does not directly address the vulnerability, but it does\n provide additional mitigation and results in a more user-friendly\n error message instead of a crash. Disabling\n these plugins will reduce functionality and will not protect\n against Flash content that is hosted on websites. Depending on the\n update schedule for products other than Flash Player, consider\n leaving Flash and 3D \u0026 Multimedia support disabled unless they are\n absolutely required. \n\n Disable JavaScript in Adobe Reader and Acrobat\n\n Disabling JavaScript may prevent some exploits from resulting in\n code execution. Acrobat JavaScript can be disabled using the\n Preferences menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable\n Acrobat JavaScript). \n\n Adobe provides a framework to blacklist specific JavaScipt APIs. If\n JavaScript must be enabled, this framework may be useful when\n specific APIs are known to be vulnerable or used in attacks. \n\n Prevent Internet Explorer from automatically opening PDF files\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF files in the web browser\n\n Preventing PDF files from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF files from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. \n\n Remove or restrict access to 3difr.x3d\n\n By removing or restricting access to the 3difr.x3d file, Adobe\n Reader and Acrobat will fail to render U3D content, which helps to\n mitigate this vulnerability. PDF documents that use the PRC format\n for 3D content will continue to function on Windows and Linux\n platforms. \n\n To disable U3D support in Adobe Reader 9 on Microsoft Windows,\n delete or rename this file:\n\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\plug_ins3d\\3difr.x3d\"\n\n For Apple Mac OS X, delete or rename this directory:\n\n \"/Applications/Adobe Reader 9/Adobe\n Reader.app/Contents/Frameworks/Adobe3D.framework\"\n\n For GNU/Linux, delete or rename this file (locations may vary among\n distributions):\n\n \"/opt/Adobe/Reader9/Reader/intellinux/plug_ins3d/3difr.x3d\"\n\n File locations may be different for Adobe Acrobat or other Adobe\n products or versions. \n\n Do not access PDF files from untrusted sources\n\n Do not open unfamiliar or unexpected PDF files, particularly those\n hosted on websites or delivered as email attachments. Please see\n Cyber Security Tip ST04-010. \n\n\nIV. Please send\n email to \u003ccert@cert.org\u003e with \"TA11-350A Feedback VU#759307\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2011 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n December 16, 2011: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBTuuZnz/GkGVXE7GMAQIN8ggAjjQO8LOasl98uasGZW2J5SHfkKr675Mf\nymRzBagFqO9QuId2RvFG2b9nuq5zdqETsrcG1t668wtYLUhBaoLmFXPe/KsDQ9n+\n/p9PctVJFmJpV92S3kAHw+u4t1n/Aa/4IdK0oXNBDhkyXrp41F27LY+aQ8FWWuxZ\nlL4jXSUQ/gLgb6hOhLjRCsQtEhAcPbX/mPNxl6bACXZaOVZT88fz9M7JXryDiJWO\nuuFi3O2GT0Bd3fEsL57U/TSbq8SynadObMSj4/+Q1HmOHcD0L5gzd9/N4M3D1Emg\ny7aeUpgycY5eFefY3LVVkb7JkTUbEZHbuNHydFKIJDRlaXBAo+D0QQ==\n=rKM4\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-4369"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003414"
},
{
"db": "BID",
"id": "51092"
},
{
"db": "VULHUB",
"id": "VHN-52314"
},
{
"db": "PACKETSTORM",
"id": "108558"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "107960"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-4369",
"trust": 3.0
},
{
"db": "USCERT",
"id": "TA11-350A",
"trust": 2.0
},
{
"db": "BID",
"id": "51092",
"trust": 1.4
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003414",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201112-342",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "18361",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-26083",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-52314",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "108558",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109194",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#759307",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "107960",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-52314"
},
{
"db": "BID",
"id": "51092"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003414"
},
{
"db": "PACKETSTORM",
"id": "108558"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "107960"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-342"
},
{
"db": "NVD",
"id": "CVE-2011-4369"
}
]
},
"id": "VAR-201112-0089",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-52314"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:25:55.498000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-30",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-30.html"
},
{
"title": "APSB12-01",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-01.html"
},
{
"title": "cpsid_92703",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/927/cpsid_92703.html"
},
{
"title": "cpsid_92823",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/928/cpsid_92823.html"
},
{
"title": "APSB12-01",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb12-01.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20120112.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-003414"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-4369"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-30.html"
},
{
"trust": 1.9,
"url": "http://www.us-cert.gov/cas/techalerts/ta11-350a.html"
},
{
"trust": 1.4,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-01.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/51092"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14865"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2012-0011.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00019.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00020.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4369"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20111208-adobe.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta11-350a/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4369"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/18361"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/kb/docs/doc-11259"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-4369.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2462"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2012-0011.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-2462.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb11-30.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta11-350a.html\u003e"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/advisories/apsa11-04.html\u003e"
},
{
"trust": 0.1,
"url": "http://kb2.adobe.com/cps/504/cpsid_50431.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/759307\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-52314"
},
{
"db": "BID",
"id": "51092"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003414"
},
{
"db": "PACKETSTORM",
"id": "108558"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "107960"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-342"
},
{
"db": "NVD",
"id": "CVE-2011-4369"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-52314"
},
{
"db": "BID",
"id": "51092"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003414"
},
{
"db": "PACKETSTORM",
"id": "108558"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "PACKETSTORM",
"id": "107960"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-342"
},
{
"db": "NVD",
"id": "CVE-2011-4369"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-12-16T00:00:00",
"db": "VULHUB",
"id": "VHN-52314"
},
{
"date": "2011-12-16T00:00:00",
"db": "BID",
"id": "51092"
},
{
"date": "2011-12-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003414"
},
{
"date": "2012-01-11T07:30:45",
"db": "PACKETSTORM",
"id": "108558"
},
{
"date": "2012-01-31T00:07:37",
"db": "PACKETSTORM",
"id": "109194"
},
{
"date": "2011-12-17T00:27:48",
"db": "PACKETSTORM",
"id": "107960"
},
{
"date": "2011-12-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201112-342"
},
{
"date": "2011-12-16T19:55:00.987000",
"db": "NVD",
"id": "CVE-2011-4369"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-52314"
},
{
"date": "2013-06-20T09:39:00",
"db": "BID",
"id": "51092"
},
{
"date": "2012-01-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003414"
},
{
"date": "2011-12-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201112-342"
},
{
"date": "2017-09-19T01:34:25.527000",
"db": "NVD",
"id": "CVE-2011-4369"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-342"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat of PRC Vulnerability in arbitrary code execution in components",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-003414"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201112-342"
}
],
"trust": 0.6
}
}
var-201510-0372
Vulnerability from variot
The ANSendApprovalToAuthorEnabled method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the ANSendApprovalToAuthorEnabled method. By creating a specially crafted PDF with specific JavaScript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the ANSendApprovalToAuthorEnabled method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0372",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-488"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005269"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-225"
},
{
"db": "NVD",
"id": "CVE-2015-6712"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005269"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-488"
}
],
"trust": 0.7
},
"cve": "CVE-2015-6712",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6712",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.7,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-6712",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84673",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6712",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6712",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-6712",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-225",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-84673",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-488"
},
{
"db": "VULHUB",
"id": "VHN-84673"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005269"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-225"
},
{
"db": "NVD",
"id": "CVE-2015-6712"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The ANSendApprovalToAuthorEnabled method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the ANSendApprovalToAuthorEnabled method. By creating a specially crafted PDF with specific JavaScript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the ANSendApprovalToAuthorEnabled method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6712"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005269"
},
{
"db": "ZDI",
"id": "ZDI-15-488"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "VULHUB",
"id": "VHN-84673"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6712",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-488",
"trust": 2.4
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005269",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3063",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-225",
"trust": 0.7
},
{
"db": "BID",
"id": "77074",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84673",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-488"
},
{
"db": "VULHUB",
"id": "VHN-84673"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005269"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-225"
},
{
"db": "NVD",
"id": "CVE-2015-6712"
}
]
},
"id": "VAR-201510-0372",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84673"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:36.565000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product Privilege License and Access Control Vulnerability Fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58074"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-488"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005269"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-225"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84673"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005269"
},
{
"db": "NVD",
"id": "CVE-2015-6712"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-488"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6712"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6712"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-488"
},
{
"db": "VULHUB",
"id": "VHN-84673"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005269"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-225"
},
{
"db": "NVD",
"id": "CVE-2015-6712"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-488"
},
{
"db": "VULHUB",
"id": "VHN-84673"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005269"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-225"
},
{
"db": "NVD",
"id": "CVE-2015-6712"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-488"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84673"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005269"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-225"
},
{
"date": "2015-10-14T23:59:34.193000",
"db": "NVD",
"id": "CVE-2015-6712"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-488"
},
{
"date": "2020-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-84673"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005269"
},
{
"date": "2020-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-225"
},
{
"date": "2021-09-08T17:19:32.143000",
"db": "NVD",
"id": "CVE-2015-6712"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-225"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of ANSendApprovalToAuthorEnabled In the method JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005269"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-225"
}
],
"trust": 0.6
}
}
var-201102-0023
Vulnerability from variot
AcroRd32.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image that triggers an incorrect pointer calculation, leading to heap memory corruption, a different vulnerability than CVE-2011-0566 and CVE-2011-0603. Adobe Reader and Acrobat Any code that could be executed or service disruption (DoS) There is a vulnerability that becomes a condition. This vulnerability CVE-2011-0566 and CVE-2011-0603 Is a different vulnerability.Arbitrary code execution or service disruption via a crafted image by a third party (DoS) There is a possibility of being put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within AcroRd32.dll. Initially, a pointer passed to memset can be miscalculated and the resulting copy operation corrupts heap memory. Later, the application attempts to use the modified data which can be leveraged to execute arbitrary code under the context of the user invoking the Reader application. Adobe Reader and Acrobat versions prior to 9.4.2 and 10.0.1 are affected.
For more information: SA43207
SOLUTION: Updated packages are available via Red Hat Network.
The specific flaw exists within AcroRd32.dll.
-- Vendor Response: Adobe has issued an update to correct this vulnerability. More details can be found at:
http://www.adobe.com/support/security/bulletins/apsb11-03.html
-- Disclosure Timeline: 2010-06-30 - Vulnerability reported to vendor 2011-02-08 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by: * Abdullah Ada
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
Follow the ZDI on Twitter:
http://twitter.com/thezdi
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA43207
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43207/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
RELEASE DATE: 2011-02-09
DISCUSS ADVISORY: http://secunia.com/advisories/43207/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43207/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader / Acrobat, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks and compromise a user's system.
2) An unspecified error can be exploited to corrupt memory.
3) An unspecified error related to file permissions in Windows-based versions can be exploited to gain escalated privileges.
4) An unspecified error may allow code execution.
5) An unspecified error when parsing images can be exploited to corrupt memory.
6) An error in AcroRd32.dll when parsing certain images can be exploited to corrupt memory.
7) An unspecified error in the Macintosh-based versions may allow code execution.
9) An unspecified error may allow code execution.
10) A input validation error may allow code execution.
11) An input validation error can be exploited to conduct cross-site scripting attacks.
13) An unspecified error can be exploited to corrupt memory.
14) A boundary error when decoding U3D image data in an IFF file can be exploited to cause a buffer overflow.
15) A boundary error when decoding U3D image data in a RGBA file can be exploited to cause a buffer overflow.
16) A boundary error when decoding U3D image data in a BMP file can be exploited to cause a buffer overflow.
17) A boundary error when decoding U3D image data in a PSD file can be exploited to cause a buffer overflow.
18) An input validation error when parsing fonts may allow code execution.
19) A boundary error when decoding U3D image data in a FLI file can be exploited to cause a buffer overflow.
20) An error in 2d.dll when parsing height and width values of RLE_8 compressed BMP files can be exploited to cause a heap-based buffer overflow.
21) An integer overflow in ACE.dll when parsing certain ICC data can be exploited to cause a buffer overflow.
22) A boundary error in rt3d.dll when parsing bits per pixel and number of colors if 4/8-bit RLE compressed BMP files can be exploited to cause a heap-based buffer overflow.
23) An error in the U3D implementation when handling the Parent Node count can be exploited to cause a buffer overflow.
24) A boundary error when processing JPEG files embedded in a PDF file can be exploited to corrupt heap memory.
25) An unspecified error when parsing images may allow code execution.
26) An input validation error can be exploited to conduct cross-site scripting attacks.
27) An unspecified error in the Macintosh-based versions may allow code execution.
28) A boundary error in rt3d.dll when parsing certain files can be exploited to cause a stack-based buffer overflow.
29) An integer overflow in the U3D implementation when parsing a ILBM texture file can be exploited to cause a buffer overflow.
30) Some vulnerabilities are caused due to vulnerabilities in the bundled version of Adobe Flash Player.
For more information: SA43267
The vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1 and prior, and 10.0 and prior.
SOLUTION: Update to version 8.2.6, 9.4.2, or 10.0.1.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: 2) Bing Liu, Fortinet's FortiGuard Labs. 6) Abdullah Ada via ZDI. 8) Haifei Li, Fortinet's FortiGuard Labs. 14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. 21) Sebastian Apelt via ZDI. 23) el via ZDI. 14) Sean Larsson, iDefense Labs. 28) An anonymous person via ZDI.
The vendor also credits: 1) Mitja Kolsek, ACROS Security. 3) Matthew Pun. 4, 5, 18) Tavis Ormandy, Google Security Team. 7) James Quirk. 9) Brett Gervasoni, Sense of Security. 10) Joe Schatz. 11, 26) Billy Rios, Google Security Team. 12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. 13) CESG. 25) Will Dormann, CERT. 27) Marc Schoenefeld, Red Hat Security Response Team.
ORIGINAL ADVISORY: Adobe (APSB11-03) http://www.adobe.com/support/security/bulletins/apsb11-03.html http://www.adobe.com/support/security/bulletins/apsb11-02.html
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-065/ http://www.zerodayinitiative.com/advisories/ZDI-11-066/ http://www.zerodayinitiative.com/advisories/ZDI-11-067/ http://www.zerodayinitiative.com/advisories/ZDI-11-068/ http://www.zerodayinitiative.com/advisories/ZDI-11-069/ http://www.zerodayinitiative.com/advisories/ZDI-11-070/ http://www.zerodayinitiative.com/advisories/ZDI-11-071/ http://www.zerodayinitiative.com/advisories/ZDI-11-072/ http://www.zerodayinitiative.com/advisories/ZDI-11-073/ http://www.zerodayinitiative.com/advisories/ZDI-11-074/ http://www.zerodayinitiative.com/advisories/ZDI-11-075/ http://www.zerodayinitiative.com/advisories/ZDI-11-077/
FortiGuard Labs: http://www.fortiguard.com/advisory/FGA-2011-06.html
iDefense: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.7"
References
[ 1 ] CVE-2010-4091 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091 [ 2 ] CVE-2011-0562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562 [ 3 ] CVE-2011-0563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563 [ 4 ] CVE-2011-0565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565 [ 5 ] CVE-2011-0566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566 [ 6 ] CVE-2011-0567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567 [ 7 ] CVE-2011-0570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570 [ 8 ] CVE-2011-0585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585 [ 9 ] CVE-2011-0586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586 [ 10 ] CVE-2011-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587 [ 11 ] CVE-2011-0588 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588 [ 12 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 13 ] CVE-2011-0590 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590 [ 14 ] CVE-2011-0591 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591 [ 15 ] CVE-2011-0592 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592 [ 16 ] CVE-2011-0593 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593 [ 17 ] CVE-2011-0594 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594 [ 18 ] CVE-2011-0595 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595 [ 19 ] CVE-2011-0596 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596 [ 20 ] CVE-2011-0598 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598 [ 21 ] CVE-2011-0599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599 [ 22 ] CVE-2011-0600 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600 [ 23 ] CVE-2011-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602 [ 24 ] CVE-2011-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603 [ 25 ] CVE-2011-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604 [ 26 ] CVE-2011-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605 [ 27 ] CVE-2011-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606 [ 28 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 29 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 30 ] CVE-2011-2135 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 31 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 32 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 33 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 34 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 35 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 36 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 37 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 38 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 39 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 40 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 41 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 42 ] CVE-2011-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431 [ 43 ] CVE-2011-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432 [ 44 ] CVE-2011-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433 [ 45 ] CVE-2011-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434 [ 46 ] CVE-2011-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435 [ 47 ] CVE-2011-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436 [ 48 ] CVE-2011-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437 [ 49 ] CVE-2011-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438 [ 50 ] CVE-2011-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439 [ 51 ] CVE-2011-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440 [ 52 ] CVE-2011-2441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441 [ 53 ] CVE-2011-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442 [ 54 ] CVE-2011-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462 [ 55 ] CVE-2011-4369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201201-19.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0023",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.3"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat professional extended",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-065"
},
{
"db": "BID",
"id": "46199"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-153"
},
{
"db": "NVD",
"id": "CVE-2011-0567"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_server_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_workstation_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001194"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Abdullah Ada",
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-065"
},
{
"db": "BID",
"id": "46199"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-153"
}
],
"trust": 1.6
},
"cve": "CVE-2011-0567",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2011-0567",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2011-0567",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-48512",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-0567",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-0567",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2011-0567",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-153",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-48512",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-065"
},
{
"db": "VULHUB",
"id": "VHN-48512"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-153"
},
{
"db": "NVD",
"id": "CVE-2011-0567"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AcroRd32.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image that triggers an incorrect pointer calculation, leading to heap memory corruption, a different vulnerability than CVE-2011-0566 and CVE-2011-0603. Adobe Reader and Acrobat Any code that could be executed or service disruption (DoS) There is a vulnerability that becomes a condition. This vulnerability CVE-2011-0566 and CVE-2011-0603 Is a different vulnerability.Arbitrary code execution or service disruption via a crafted image by a third party (DoS) There is a possibility of being put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within AcroRd32.dll. Initially, a pointer passed to memset can be miscalculated and the resulting copy operation corrupts heap memory. Later, the application attempts to use the modified data which can be leveraged to execute arbitrary code under the context of the user invoking the Reader application. \nAdobe Reader and Acrobat versions prior to 9.4.2 and 10.0.1 are affected. \n\nFor more information:\nSA43207\n\nSOLUTION:\nUpdated packages are available via Red Hat Network. \n\nThe specific flaw exists within AcroRd32.dll. \n\n-- Vendor Response:\nAdobe has issued an update to correct this vulnerability. More\ndetails can be found at:\n\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\n\n-- Disclosure Timeline:\n2010-06-30 - Vulnerability reported to vendor\n2011-02-08 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n * Abdullah Ada\n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. TippingPoint does not re-sell the vulnerability details or any\nexploit code. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nFollow the ZDI on Twitter:\n\n http://twitter.com/thezdi\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA43207\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43207/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nRELEASE DATE:\n2011-02-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43207/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43207/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader /\nAcrobat, which can be exploited by malicious, local users to gain\nescalated privileges and by malicious people to conduct cross-site\nscripting attacks and compromise a user\u0027s system. \n\n2) An unspecified error can be exploited to corrupt memory. \n\n3) An unspecified error related to file permissions in Windows-based\nversions can be exploited to gain escalated privileges. \n\n4) An unspecified error may allow code execution. \n\n5) An unspecified error when parsing images can be exploited to\ncorrupt memory. \n\n6) An error in AcroRd32.dll when parsing certain images can be\nexploited to corrupt memory. \n\n7) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n9) An unspecified error may allow code execution. \n\n10) A input validation error may allow code execution. \n\n11) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n13) An unspecified error can be exploited to corrupt memory. \n\n14) A boundary error when decoding U3D image data in an IFF file can\nbe exploited to cause a buffer overflow. \n\n15) A boundary error when decoding U3D image data in a RGBA file can\nbe exploited to cause a buffer overflow. \n\n16) A boundary error when decoding U3D image data in a BMP file can\nbe exploited to cause a buffer overflow. \n\n17) A boundary error when decoding U3D image data in a PSD file can\nbe exploited to cause a buffer overflow. \n\n18) An input validation error when parsing fonts may allow code\nexecution. \n\n19) A boundary error when decoding U3D image data in a FLI file can\nbe exploited to cause a buffer overflow. \n\n20) An error in 2d.dll when parsing height and width values of RLE_8\ncompressed BMP files can be exploited to cause a heap-based buffer\noverflow. \n\n21) An integer overflow in ACE.dll when parsing certain ICC data can\nbe exploited to cause a buffer overflow. \n\n22) A boundary error in rt3d.dll when parsing bits per pixel and\nnumber of colors if 4/8-bit RLE compressed BMP files can be exploited\nto cause a heap-based buffer overflow. \n\n23) An error in the U3D implementation when handling the Parent Node\ncount can be exploited to cause a buffer overflow. \n\n24) A boundary error when processing JPEG files embedded in a PDF\nfile can be exploited to corrupt heap memory. \n\n25) An unspecified error when parsing images may allow code\nexecution. \n\n26) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n27) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n28) A boundary error in rt3d.dll when parsing certain files can be\nexploited to cause a stack-based buffer overflow. \n\n29) An integer overflow in the U3D implementation when parsing a ILBM\ntexture file can be exploited to cause a buffer overflow. \n\n30) Some vulnerabilities are caused due to vulnerabilities in the\nbundled version of Adobe Flash Player. \n\nFor more information:\nSA43267\n\nThe vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1\nand prior, and 10.0 and prior. \n\nSOLUTION:\nUpdate to version 8.2.6, 9.4.2, or 10.0.1. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\n2) Bing Liu, Fortinet\u0027s FortiGuard Labs. \n6) Abdullah Ada via ZDI. \n8) Haifei Li, Fortinet\u0027s FortiGuard Labs. \n14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. \n21) Sebastian Apelt via ZDI. \n23) el via ZDI. \n14) Sean Larsson, iDefense Labs. \n28) An anonymous person via ZDI. \n\nThe vendor also credits:\n1) Mitja Kolsek, ACROS Security. \n3) Matthew Pun. \n4, 5, 18) Tavis Ormandy, Google Security Team. \n7) James Quirk. \n9) Brett Gervasoni, Sense of Security. \n10) Joe Schatz. \n11, 26) Billy Rios, Google Security Team. \n12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. \n13) CESG. \n25) Will Dormann, CERT. \n27) Marc Schoenefeld, Red Hat Security Response Team. \n\nORIGINAL ADVISORY:\nAdobe (APSB11-03)\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-02.html\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-065/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-066/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-067/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-068/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-069/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-070/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-071/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-072/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-073/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-074/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-075/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-077/\n\nFortiGuard Labs:\nhttp://www.fortiguard.com/advisory/FGA-2011-06.html\n\niDefense:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. Please\nreview the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.4.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-4091\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091\n[ 2 ] CVE-2011-0562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562\n[ 3 ] CVE-2011-0563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563\n[ 4 ] CVE-2011-0565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565\n[ 5 ] CVE-2011-0566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566\n[ 6 ] CVE-2011-0567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567\n[ 7 ] CVE-2011-0570\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570\n[ 8 ] CVE-2011-0585\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585\n[ 9 ] CVE-2011-0586\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586\n[ 10 ] CVE-2011-0587\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587\n[ 11 ] CVE-2011-0588\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588\n[ 12 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 13 ] CVE-2011-0590\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590\n[ 14 ] CVE-2011-0591\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591\n[ 15 ] CVE-2011-0592\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592\n[ 16 ] CVE-2011-0593\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593\n[ 17 ] CVE-2011-0594\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594\n[ 18 ] CVE-2011-0595\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595\n[ 19 ] CVE-2011-0596\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596\n[ 20 ] CVE-2011-0598\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598\n[ 21 ] CVE-2011-0599\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599\n[ 22 ] CVE-2011-0600\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600\n[ 23 ] CVE-2011-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602\n[ 24 ] CVE-2011-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603\n[ 25 ] CVE-2011-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604\n[ 26 ] CVE-2011-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605\n[ 27 ] CVE-2011-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606\n[ 28 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 29 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 30 ] CVE-2011-2135\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 31 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 32 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 33 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 34 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 35 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 36 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 37 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 38 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 39 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 40 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 41 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 42 ] CVE-2011-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431\n[ 43 ] CVE-2011-2432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432\n[ 44 ] CVE-2011-2433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433\n[ 45 ] CVE-2011-2434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434\n[ 46 ] CVE-2011-2435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435\n[ 47 ] CVE-2011-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436\n[ 48 ] CVE-2011-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437\n[ 49 ] CVE-2011-2438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438\n[ 50 ] CVE-2011-2439\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439\n[ 51 ] CVE-2011-2440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440\n[ 52 ] CVE-2011-2441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441\n[ 53 ] CVE-2011-2442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442\n[ 54 ] CVE-2011-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462\n[ 55 ] CVE-2011-4369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201201-19.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0567"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001194"
},
{
"db": "ZDI",
"id": "ZDI-11-065"
},
{
"db": "BID",
"id": "46199"
},
{
"db": "VULHUB",
"id": "VHN-48512"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98273"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
}
],
"trust": 2.97
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-48512",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48512"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-0567",
"trust": 3.7
},
{
"db": "ZDI",
"id": "ZDI-11-065",
"trust": 2.3
},
{
"db": "BID",
"id": "46199",
"trust": 2.2
},
{
"db": "SECTRACK",
"id": "1025033",
"trust": 1.9
},
{
"db": "VUPEN",
"id": "ADV-2011-0337",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "43470",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2011-0492",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "43207",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001194",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-842",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201102-153",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "98273",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-48512",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99246",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-074",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-071",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-070",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-066",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-067",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-077",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-073",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-072",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-068",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-075",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-069",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98320",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109194",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-065"
},
{
"db": "VULHUB",
"id": "VHN-48512"
},
{
"db": "BID",
"id": "46199"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001194"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98273"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-153"
},
{
"db": "NVD",
"id": "CVE-2011-0567"
}
]
},
"id": "VAR-201102-0023",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48512"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:18:12.460000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-03",
"trust": 1.5,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"title": "cpsid_89065",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/890/cpsid_89065.html"
},
{
"title": "RHSA-2011:0301",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2011-0301.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-065"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001194"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48512"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001194"
},
{
"db": "NVD",
"id": "CVE-2011-0567"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/46199"
},
{
"trust": 1.9,
"url": "http://www.securitytracker.com/id?1025033"
},
{
"trust": 1.9,
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"trust": 1.5,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-065/"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12248"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2011-0301.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/43470"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2011/0492"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0567"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2011/at110004.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0567"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/43207"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/vim/section_179/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/#comments"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-0301.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43470"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://twitter.com/thezdi"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-065"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-066/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-068/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-072/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-073/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-069/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-075/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-070/"
},
{
"trust": 0.1,
"url": "http://www.fortiguard.com/advisory/fga-2011-06.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-077/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-067/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-071/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-074/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-065"
},
{
"db": "VULHUB",
"id": "VHN-48512"
},
{
"db": "BID",
"id": "46199"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001194"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98273"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-153"
},
{
"db": "NVD",
"id": "CVE-2011-0567"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-11-065"
},
{
"db": "VULHUB",
"id": "VHN-48512"
},
{
"db": "BID",
"id": "46199"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001194"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98273"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-153"
},
{
"db": "NVD",
"id": "CVE-2011-0567"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-08T00:00:00",
"db": "ZDI",
"id": "ZDI-11-065"
},
{
"date": "2011-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-48512"
},
{
"date": "2011-02-08T00:00:00",
"db": "BID",
"id": "46199"
},
{
"date": "2011-03-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001194"
},
{
"date": "2011-03-14T11:37:12",
"db": "PACKETSTORM",
"id": "99246"
},
{
"date": "2011-02-08T22:27:42",
"db": "PACKETSTORM",
"id": "98273"
},
{
"date": "2011-02-09T03:30:01",
"db": "PACKETSTORM",
"id": "98320"
},
{
"date": "2012-01-31T00:07:37",
"db": "PACKETSTORM",
"id": "109194"
},
{
"date": "2011-02-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-153"
},
{
"date": "2011-02-10T18:00:58.083000",
"db": "NVD",
"id": "CVE-2011-0567"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-08T00:00:00",
"db": "ZDI",
"id": "ZDI-11-065"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-48512"
},
{
"date": "2015-03-19T08:21:00",
"db": "BID",
"id": "46199"
},
{
"date": "2011-03-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001194"
},
{
"date": "2011-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-153"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2011-0567"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "98273"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-153"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001194"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-153"
}
],
"trust": 0.6
}
}
var-201510-0348
Vulnerability from variot
The addForegroundSprite function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via invalid arguments, a different vulnerability than CVE-2015-6697, CVE-2015-6700, CVE-2015-6701, CVE-2015-6702, CVE-2015-6703, and CVE-2015-6704. This vulnerability CVE-2015-6697 , CVE-2015-6700 , CVE-2015-6701 , CVE-2015-6702 , CVE-2015-6703 ,and CVE-2015-6704 Is a different vulnerability.An attacker could retrieve important information from process memory via an invalid argument. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the addForegroundSprite function. The issue lies in excess values being returned in the error message when improper arguments are given. Adobe Acrobat and Reader are prone to multiple information-disclosure vulnerabilities. An attacker can exploit these issues to gain access to sensitive information that may aid in further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A security vulnerability exists in the 'addForegroundSprite' function of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0348",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-477"
},
{
"db": "BID",
"id": "77067"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005256"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-212"
},
{
"db": "NVD",
"id": "CVE-2015-6699"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005256"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri and Jasiel Spelman of HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-477"
},
{
"db": "BID",
"id": "77067"
}
],
"trust": 1.0
},
"cve": "CVE-2015-6699",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6699",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-6699",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84660",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6699",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6699",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2015-6699",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-212",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-84660",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-477"
},
{
"db": "VULHUB",
"id": "VHN-84660"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005256"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-212"
},
{
"db": "NVD",
"id": "CVE-2015-6699"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The addForegroundSprite function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via invalid arguments, a different vulnerability than CVE-2015-6697, CVE-2015-6700, CVE-2015-6701, CVE-2015-6702, CVE-2015-6703, and CVE-2015-6704. This vulnerability CVE-2015-6697 , CVE-2015-6700 , CVE-2015-6701 , CVE-2015-6702 , CVE-2015-6703 ,and CVE-2015-6704 Is a different vulnerability.An attacker could retrieve important information from process memory via an invalid argument. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the addForegroundSprite function. The issue lies in excess values being returned in the error message when improper arguments are given. Adobe Acrobat and Reader are prone to multiple information-disclosure vulnerabilities. \nAn attacker can exploit these issues to gain access to sensitive information that may aid in further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A security vulnerability exists in the \u0027addForegroundSprite\u0027 function of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6699"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005256"
},
{
"db": "ZDI",
"id": "ZDI-15-477"
},
{
"db": "BID",
"id": "77067"
},
{
"db": "VULHUB",
"id": "VHN-84660"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6699",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-477",
"trust": 2.7
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005256",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3046",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-212",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-15-481",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-475",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-482",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-479",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-480",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-478",
"trust": 0.3
},
{
"db": "BID",
"id": "77067",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84660",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-477"
},
{
"db": "VULHUB",
"id": "VHN-84660"
},
{
"db": "BID",
"id": "77067"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005256"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-212"
},
{
"db": "NVD",
"id": "CVE-2015-6699"
}
]
},
"id": "VAR-201510-0348",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84660"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:37.227000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58061"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-477"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005256"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-212"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-772",
"trust": 1.1
},
{
"problemtype": "CWE-200",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84660"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005256"
},
{
"db": "NVD",
"id": "CVE-2015-6699"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-477"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6699"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6699"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-475/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-477/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-479/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-482/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-480/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-481/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-478/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-477"
},
{
"db": "VULHUB",
"id": "VHN-84660"
},
{
"db": "BID",
"id": "77067"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005256"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-212"
},
{
"db": "NVD",
"id": "CVE-2015-6699"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-477"
},
{
"db": "VULHUB",
"id": "VHN-84660"
},
{
"db": "BID",
"id": "77067"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005256"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-212"
},
{
"db": "NVD",
"id": "CVE-2015-6699"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-477"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84660"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77067"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005256"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-212"
},
{
"date": "2015-10-14T23:59:21.550000",
"db": "NVD",
"id": "CVE-2015-6699"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-477"
},
{
"date": "2020-05-18T00:00:00",
"db": "VULHUB",
"id": "VHN-84660"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77067"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005256"
},
{
"date": "2020-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-212"
},
{
"date": "2021-09-08T17:19:31.820000",
"db": "NVD",
"id": "CVE-2015-6699"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-212"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of addForegroundSprite Vulnerability in function that can retrieve important information from process memory",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005256"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-212"
}
],
"trust": 0.6
}
}
var-201601-0593
Vulnerability from variot
Untrusted search path vulnerability in Adobe Download Manager, as used in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X, allows local users to gain privileges via a crafted resource in an unspecified directory. Supplementary information : CWE Vulnerability types by CWE-426: Untrusted Search Path ( Unreliable search path ) Has been identified. http://cwe.mitre.org/data/definitions/426.htmlA local user could gain privileges through a crafted resource in an unspecified directory. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Adobe Download Manager is a set of tools that supports automatic downloading of installation programs from Adobe servers. This tool can help control the download process of Adobe Reader, Adobe Acrobat, trial software and other Adobe files, such as downloading without restarting from the beginning if the download is interrupted
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201601-0593",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.14 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classical 15.006.30119 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20056 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classical 15.006.30119 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20056 (windows/macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.14 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.6.30097"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "15.010.20056"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "download manager",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "15.006.30119"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.9.20077"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.14"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.6.30097"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.01"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "15.010.20056"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "15.006.30119"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.14"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.06"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.337"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.9.20077"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
}
],
"sources": [
{
"db": "BID",
"id": "80362"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001049"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-247"
},
{
"db": "NVD",
"id": "CVE-2016-0947"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001049"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vladimir Dubrovin, Eric Lawrence, and KeLiu of Tencent\u0027s Xuanwu LAB",
"sources": [
{
"db": "BID",
"id": "80362"
}
],
"trust": 0.3
},
"cve": "CVE-2016-0947",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2016-0947",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-88457",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2016-0947",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-0947",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-0947",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-247",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-88457",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88457"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001049"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-247"
},
{
"db": "NVD",
"id": "CVE-2016-0947"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Untrusted search path vulnerability in Adobe Download Manager, as used in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X, allows local users to gain privileges via a crafted resource in an unspecified directory. Supplementary information : CWE Vulnerability types by CWE-426: Untrusted Search Path ( Unreliable search path ) Has been identified. http://cwe.mitre.org/data/definitions/426.htmlA local user could gain privileges through a crafted resource in an unspecified directory. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Adobe Download Manager is a set of tools that supports automatic downloading of installation programs from Adobe servers. This tool can help control the download process of Adobe Reader, Adobe Acrobat, trial software and other Adobe files, such as downloading without restarting from the beginning if the download is interrupted",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0947"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001049"
},
{
"db": "BID",
"id": "80362"
},
{
"db": "VULHUB",
"id": "VHN-88457"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0947",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1034646",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001049",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201601-247",
"trust": 0.7
},
{
"db": "BID",
"id": "80362",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-88457",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88457"
},
{
"db": "BID",
"id": "80362"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001049"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-247"
},
{
"db": "NVD",
"id": "CVE-2016-0947"
}
]
},
"id": "VAR-201601-0593",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88457"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:32:57.960000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-02",
"trust": 0.8,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
},
{
"title": "APSB16-02",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb16-02.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160114.html"
},
{
"title": "Multiple Adobe Repair measures for product untrusted search path vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59594"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001049"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-247"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001049"
},
{
"db": "NVD",
"id": "CVE-2016-0947"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1034646"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0947"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160113-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160003.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0947"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17575"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "https://helpx.adobe.com/security/products/reader/apsb16-02.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88457"
},
{
"db": "BID",
"id": "80362"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001049"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-247"
},
{
"db": "NVD",
"id": "CVE-2016-0947"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-88457"
},
{
"db": "BID",
"id": "80362"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001049"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-247"
},
{
"db": "NVD",
"id": "CVE-2016-0947"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-14T00:00:00",
"db": "VULHUB",
"id": "VHN-88457"
},
{
"date": "2016-01-12T00:00:00",
"db": "BID",
"id": "80362"
},
{
"date": "2016-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001049"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-247"
},
{
"date": "2016-01-14T05:59:15.800000",
"db": "NVD",
"id": "CVE-2016-0947"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-07T00:00:00",
"db": "VULHUB",
"id": "VHN-88457"
},
{
"date": "2016-01-12T00:00:00",
"db": "BID",
"id": "80362"
},
{
"date": "2016-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001049"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-247"
},
{
"date": "2016-12-07T23:42:22.320000",
"db": "NVD",
"id": "CVE-2016-0947"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-247"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Used in Adobe Download Manager Vulnerable to gaining privileges",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001049"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-247"
}
],
"trust": 0.6
}
}
var-201510-0350
Vulnerability from variot
The ambientIlluminationColor property implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via a function call, a different vulnerability than CVE-2015-6697, CVE-2015-6699, CVE-2015-6700, CVE-2015-6702, CVE-2015-6703, and CVE-2015-6704. This vulnerability CVE-2015-6697 , CVE-2015-6699 , CVE-2015-6700 , CVE-2015-6702 , CVE-2015-6703 ,and CVE-2015-6704 Is a different vulnerability.An attacker could obtain important information from process memory via a function call. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the ambientIlluminationColor property. The issue lies in excess values being returned in the error message when the property is called as a function. Adobe Acrobat and Reader are prone to multiple information-disclosure vulnerabilities. An attacker can exploit these issues to gain access to sensitive information that may aid in further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A security vulnerability exists in the implementation of the ambientIlluminationColor property of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0350",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-479"
},
{
"db": "BID",
"id": "77067"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005258"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-214"
},
{
"db": "NVD",
"id": "CVE-2015-6701"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005258"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri and Jasiel Spelman of HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-479"
},
{
"db": "BID",
"id": "77067"
}
],
"trust": 1.0
},
"cve": "CVE-2015-6701",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6701",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-6701",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84662",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6701",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6701",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2015-6701",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-214",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-84662",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-479"
},
{
"db": "VULHUB",
"id": "VHN-84662"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005258"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-214"
},
{
"db": "NVD",
"id": "CVE-2015-6701"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The ambientIlluminationColor property implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via a function call, a different vulnerability than CVE-2015-6697, CVE-2015-6699, CVE-2015-6700, CVE-2015-6702, CVE-2015-6703, and CVE-2015-6704. This vulnerability CVE-2015-6697 , CVE-2015-6699 , CVE-2015-6700 , CVE-2015-6702 , CVE-2015-6703 ,and CVE-2015-6704 Is a different vulnerability.An attacker could obtain important information from process memory via a function call. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the ambientIlluminationColor property. The issue lies in excess values being returned in the error message when the property is called as a function. Adobe Acrobat and Reader are prone to multiple information-disclosure vulnerabilities. \nAn attacker can exploit these issues to gain access to sensitive information that may aid in further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A security vulnerability exists in the implementation of the ambientIlluminationColor property of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6701"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005258"
},
{
"db": "ZDI",
"id": "ZDI-15-479"
},
{
"db": "BID",
"id": "77067"
},
{
"db": "VULHUB",
"id": "VHN-84662"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6701",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-479",
"trust": 2.7
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005258",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3048",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-214",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-15-481",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-475",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-482",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-480",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-478",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-477",
"trust": 0.3
},
{
"db": "BID",
"id": "77067",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84662",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-479"
},
{
"db": "VULHUB",
"id": "VHN-84662"
},
{
"db": "BID",
"id": "77067"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005258"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-214"
},
{
"db": "NVD",
"id": "CVE-2015-6701"
}
]
},
"id": "VAR-201510-0350",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84662"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:37.071000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58063"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-479"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005258"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-214"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-772",
"trust": 1.1
},
{
"problemtype": "CWE-200",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84662"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005258"
},
{
"db": "NVD",
"id": "CVE-2015-6701"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-479"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6701"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6701"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-475/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-477/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-479/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-482/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-480/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-481/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-478/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-479"
},
{
"db": "VULHUB",
"id": "VHN-84662"
},
{
"db": "BID",
"id": "77067"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005258"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-214"
},
{
"db": "NVD",
"id": "CVE-2015-6701"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-479"
},
{
"db": "VULHUB",
"id": "VHN-84662"
},
{
"db": "BID",
"id": "77067"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005258"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-214"
},
{
"db": "NVD",
"id": "CVE-2015-6701"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-479"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84662"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77067"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005258"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-214"
},
{
"date": "2015-10-14T23:59:23.800000",
"db": "NVD",
"id": "CVE-2015-6701"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-479"
},
{
"date": "2020-05-18T00:00:00",
"db": "VULHUB",
"id": "VHN-84662"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77067"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005258"
},
{
"date": "2020-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-214"
},
{
"date": "2021-09-08T17:19:31.867000",
"db": "NVD",
"id": "CVE-2015-6701"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-214"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of ambientIlluminationColor Vulnerability in which important information is obtained from process memory in property implementation",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005258"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-214"
}
],
"trust": 0.6
}
}
var-201510-0352
Vulnerability from variot
The loadFlashMovie function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via invalid arguments, a different vulnerability than CVE-2015-6697, CVE-2015-6699, CVE-2015-6700, CVE-2015-6701, CVE-2015-6702, and CVE-2015-6704. This vulnerability CVE-2015-6697 , CVE-2015-6699 , CVE-2015-6700 , CVE-2015-6701 , CVE-2015-6702 ,and CVE-2015-6704 Is a different vulnerability.An attacker could retrieve important information from process memory via an invalid argument. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the loadFlashMovie function. The issue lies in excess values being returned in the error message when improper arguments are given. Adobe Acrobat and Reader are prone to multiple information-disclosure vulnerabilities. An attacker can exploit these issues to gain access to sensitive information that may aid in further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A security vulnerability exists in the 'loadFlashMovie' function of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0352",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-481"
},
{
"db": "BID",
"id": "77067"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005260"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-216"
},
{
"db": "NVD",
"id": "CVE-2015-6703"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005260"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri and Jasiel Spelman of HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-481"
},
{
"db": "BID",
"id": "77067"
}
],
"trust": 1.0
},
"cve": "CVE-2015-6703",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6703",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-6703",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84664",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6703",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6703",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2015-6703",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-216",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-84664",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-481"
},
{
"db": "VULHUB",
"id": "VHN-84664"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005260"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-216"
},
{
"db": "NVD",
"id": "CVE-2015-6703"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The loadFlashMovie function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via invalid arguments, a different vulnerability than CVE-2015-6697, CVE-2015-6699, CVE-2015-6700, CVE-2015-6701, CVE-2015-6702, and CVE-2015-6704. This vulnerability CVE-2015-6697 , CVE-2015-6699 , CVE-2015-6700 , CVE-2015-6701 , CVE-2015-6702 ,and CVE-2015-6704 Is a different vulnerability.An attacker could retrieve important information from process memory via an invalid argument. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the loadFlashMovie function. The issue lies in excess values being returned in the error message when improper arguments are given. Adobe Acrobat and Reader are prone to multiple information-disclosure vulnerabilities. \nAn attacker can exploit these issues to gain access to sensitive information that may aid in further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A security vulnerability exists in the \u0027loadFlashMovie\u0027 function of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6703"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005260"
},
{
"db": "ZDI",
"id": "ZDI-15-481"
},
{
"db": "BID",
"id": "77067"
},
{
"db": "VULHUB",
"id": "VHN-84664"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6703",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-481",
"trust": 2.7
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005260",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3050",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-216",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-15-475",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-482",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-479",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-480",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-478",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-477",
"trust": 0.3
},
{
"db": "BID",
"id": "77067",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84664",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-481"
},
{
"db": "VULHUB",
"id": "VHN-84664"
},
{
"db": "BID",
"id": "77067"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005260"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-216"
},
{
"db": "NVD",
"id": "CVE-2015-6703"
}
]
},
"id": "VAR-201510-0352",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84664"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:31.856000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58065"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-481"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005260"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-216"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-772",
"trust": 1.1
},
{
"problemtype": "CWE-200",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84664"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005260"
},
{
"db": "NVD",
"id": "CVE-2015-6703"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-481"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6703"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6703"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-475/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-477/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-479/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-482/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-480/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-481/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-478/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-481"
},
{
"db": "VULHUB",
"id": "VHN-84664"
},
{
"db": "BID",
"id": "77067"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005260"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-216"
},
{
"db": "NVD",
"id": "CVE-2015-6703"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-481"
},
{
"db": "VULHUB",
"id": "VHN-84664"
},
{
"db": "BID",
"id": "77067"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005260"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-216"
},
{
"db": "NVD",
"id": "CVE-2015-6703"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-481"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84664"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77067"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005260"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-216"
},
{
"date": "2015-10-14T23:59:25.693000",
"db": "NVD",
"id": "CVE-2015-6703"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-481"
},
{
"date": "2020-05-18T00:00:00",
"db": "VULHUB",
"id": "VHN-84664"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77067"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005260"
},
{
"date": "2020-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-216"
},
{
"date": "2021-09-08T17:19:31.913000",
"db": "NVD",
"id": "CVE-2015-6703"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-216"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of loadFlashMovie Vulnerability in function that can retrieve important information from process memory",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005260"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-216"
}
],
"trust": 0.6
}
}
var-201511-0276
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via a crafted CMAP table in a PDF document, a different vulnerability than CVE-2015-6685, CVE-2015-6686, CVE-2015-6693, CVE-2015-6694, CVE-2015-6695, and CVE-2015-7622. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the way CMAP tables are parsed. A specially crafted CMAP table embedded in a PDF file can force Adobe Acrobat Reader to read memory past the end of an allocated object. An attacker could leverage this vulnerability to execute arbitrary code under the context of the current process. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. Security flaws exist in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201511-0276",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-534"
},
{
"db": "BID",
"id": "77404"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005722"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-009"
},
{
"db": "NVD",
"id": "CVE-2015-7650"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005722"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "kdot",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-534"
},
{
"db": "BID",
"id": "77404"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-009"
}
],
"trust": 1.6
},
"cve": "CVE-2015-7650",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-7650",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.7,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-7650",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-85611",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-7650",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-7650",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-7650",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201511-009",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-85611",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-534"
},
{
"db": "VULHUB",
"id": "VHN-85611"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005722"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-009"
},
{
"db": "NVD",
"id": "CVE-2015-7650"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via a crafted CMAP table in a PDF document, a different vulnerability than CVE-2015-6685, CVE-2015-6686, CVE-2015-6693, CVE-2015-6694, CVE-2015-6695, and CVE-2015-7622. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the way CMAP tables are parsed. A specially crafted CMAP table embedded in a PDF file can force Adobe Acrobat Reader to read memory past the end of an allocated object. An attacker could leverage this vulnerability to execute arbitrary code under the context of the current process. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. Security flaws exist in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7650"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005722"
},
{
"db": "ZDI",
"id": "ZDI-15-534"
},
{
"db": "BID",
"id": "77404"
},
{
"db": "VULHUB",
"id": "VHN-85611"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-7650",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-534",
"trust": 2.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005722",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3334",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201511-009",
"trust": 0.7
},
{
"db": "BID",
"id": "77404",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-85611",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-534"
},
{
"db": "VULHUB",
"id": "VHN-85611"
},
{
"db": "BID",
"id": "77404"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005722"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-009"
},
{
"db": "NVD",
"id": "CVE-2015-7650"
}
]
},
"id": "VAR-201511-0276",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-85611"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T15:29:31.997000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product Buffer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58541"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-534"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005722"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-009"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85611"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005722"
},
{
"db": "NVD",
"id": "CVE-2015-7650"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-534"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7650"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7650"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-534/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-534"
},
{
"db": "VULHUB",
"id": "VHN-85611"
},
{
"db": "BID",
"id": "77404"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005722"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-009"
},
{
"db": "NVD",
"id": "CVE-2015-7650"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-534"
},
{
"db": "VULHUB",
"id": "VHN-85611"
},
{
"db": "BID",
"id": "77404"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005722"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-009"
},
{
"db": "NVD",
"id": "CVE-2015-7650"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-02T00:00:00",
"db": "ZDI",
"id": "ZDI-15-534"
},
{
"date": "2015-11-04T00:00:00",
"db": "VULHUB",
"id": "VHN-85611"
},
{
"date": "2015-11-02T00:00:00",
"db": "BID",
"id": "77404"
},
{
"date": "2015-11-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005722"
},
{
"date": "2015-11-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201511-009"
},
{
"date": "2015-11-04T03:59:17.517000",
"db": "NVD",
"id": "CVE-2015-7650"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-02T00:00:00",
"db": "ZDI",
"id": "ZDI-15-534"
},
{
"date": "2020-05-18T00:00:00",
"db": "VULHUB",
"id": "VHN-85611"
},
{
"date": "2015-11-02T00:00:00",
"db": "BID",
"id": "77404"
},
{
"date": "2015-11-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005722"
},
{
"date": "2020-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201511-009"
},
{
"date": "2021-09-08T17:19:32.767000",
"db": "NVD",
"id": "CVE-2015-7650"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201511-009"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005722"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201511-009"
}
],
"trust": 0.6
}
}
var-201510-0370
Vulnerability from variot
The CBBBRInit method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the CBBBRInit method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the CBBBRInit method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0370",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-487"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005267"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-223"
},
{
"db": "NVD",
"id": "CVE-2015-6710"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005267"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-487"
}
],
"trust": 0.7
},
"cve": "CVE-2015-6710",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6710",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.7,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-6710",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84671",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6710",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6710",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-6710",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-223",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-84671",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-487"
},
{
"db": "VULHUB",
"id": "VHN-84671"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005267"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-223"
},
{
"db": "NVD",
"id": "CVE-2015-6710"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The CBBBRInit method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the CBBBRInit method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the CBBBRInit method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6710"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005267"
},
{
"db": "ZDI",
"id": "ZDI-15-487"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "VULHUB",
"id": "VHN-84671"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6710",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-487",
"trust": 2.4
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005267",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3062",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-223",
"trust": 0.7
},
{
"db": "BID",
"id": "77074",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84671",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-487"
},
{
"db": "VULHUB",
"id": "VHN-84671"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005267"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-223"
},
{
"db": "NVD",
"id": "CVE-2015-6710"
}
]
},
"id": "VAR-201510-0370",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84671"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:31.895000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product Privilege License and Access Control Vulnerability Fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58072"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-487"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005267"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-223"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84671"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005267"
},
{
"db": "NVD",
"id": "CVE-2015-6710"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-487"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6710"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6710"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-487"
},
{
"db": "VULHUB",
"id": "VHN-84671"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005267"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-223"
},
{
"db": "NVD",
"id": "CVE-2015-6710"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-487"
},
{
"db": "VULHUB",
"id": "VHN-84671"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005267"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-223"
},
{
"db": "NVD",
"id": "CVE-2015-6710"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-487"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84671"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005267"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-223"
},
{
"date": "2015-10-14T23:59:32.303000",
"db": "NVD",
"id": "CVE-2015-6710"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-487"
},
{
"date": "2020-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-84671"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005267"
},
{
"date": "2020-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-223"
},
{
"date": "2021-09-08T17:19:32.100000",
"db": "NVD",
"id": "CVE-2015-6710"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-223"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of CBBBRInit In the method JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005267"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-223"
}
],
"trust": 0.6
}
}
var-201505-0299
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3066, CVE-2015-3067, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073, and CVE-2015-3074. This vulnerability CVE-2015-3060 , CVE-2015-3061 , CVE-2015-3062 , CVE-2015-3063 , CVE-2015-3064 , CVE-2015-3066 , CVE-2015-3067 , CVE-2015-3068 , CVE-2015-3069 , CVE-2015-3071 , CVE-2015-3072 , CVE-2015-3073 and CVE-2015-3074 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlBy the attacker, JavaScript API May limit the execution limit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the Matrix2D transform method. By creating a specially crafted PDF with specific JavaScript instructions, it is possible to bypass the JavaScript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Reader and Acrobat are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201505-0299",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-199"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002643"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-178"
},
{
"db": "NVD",
"id": "CVE-2015-3065"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002643"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-199"
}
],
"trust": 0.7
},
"cve": "CVE-2015-3065",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3065",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-3065",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-81026",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3065",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-3065",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-3065",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-178",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-81026",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-199"
},
{
"db": "VULHUB",
"id": "VHN-81026"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002643"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-178"
},
{
"db": "NVD",
"id": "CVE-2015-3065"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3066, CVE-2015-3067, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073, and CVE-2015-3074. This vulnerability CVE-2015-3060 , CVE-2015-3061 , CVE-2015-3062 , CVE-2015-3063 , CVE-2015-3064 , CVE-2015-3066 , CVE-2015-3067 , CVE-2015-3068 , CVE-2015-3069 , CVE-2015-3071 , CVE-2015-3072 , CVE-2015-3073 and CVE-2015-3074 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlBy the attacker, JavaScript API May limit the execution limit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the Matrix2D transform method. By creating a specially crafted PDF with specific JavaScript instructions, it is possible to bypass the JavaScript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Reader and Acrobat are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3065"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002643"
},
{
"db": "ZDI",
"id": "ZDI-15-199"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "VULHUB",
"id": "VHN-81026"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3065",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-199",
"trust": 1.8
},
{
"db": "BID",
"id": "74604",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1032284",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002643",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2689",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201505-178",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-81026",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-199"
},
{
"db": "VULHUB",
"id": "VHN-81026"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002643"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-178"
},
{
"db": "NVD",
"id": "CVE-2015-3065"
}
]
},
"id": "VAR-201505-0299",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81026"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:34:03.270000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-10",
"trust": 1.5,
"url": "http://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb15-10.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150514.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-199"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002643"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-284",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81026"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002643"
},
{
"db": "NVD",
"id": "CVE-2015-3065"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/74604"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-199"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032284"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3065"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150513-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3065"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=16279"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-199"
},
{
"db": "VULHUB",
"id": "VHN-81026"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002643"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-178"
},
{
"db": "NVD",
"id": "CVE-2015-3065"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-199"
},
{
"db": "VULHUB",
"id": "VHN-81026"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002643"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-178"
},
{
"db": "NVD",
"id": "CVE-2015-3065"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-199"
},
{
"date": "2015-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-81026"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74604"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002643"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-178"
},
{
"date": "2015-05-13T11:00:00.217000",
"db": "NVD",
"id": "CVE-2015-3065"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-199"
},
{
"date": "2017-01-05T00:00:00",
"db": "VULHUB",
"id": "VHN-81026"
},
{
"date": "2015-05-15T01:17:00",
"db": "BID",
"id": "74604"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002643"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-178"
},
{
"date": "2017-01-05T20:09:20.943000",
"db": "NVD",
"id": "CVE-2015-3065"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-178"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat In JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002643"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "74604"
}
],
"trust": 0.3
}
}
var-201004-0125
Vulnerability from variot
Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2010-0192 and CVE-2010-0193. This vulnerability CVE-2010-0192 and CVE-2010-0193 Is a different vulnerability.Service disruption by a third party (DoS) Could be put into a state or execute arbitrary code. Failed exploit attempts will result in a denial of service. The following products are affected: Adobe Reader 9.3.1 and prior for Windows, Macintosh, and UNIX Adobe Acrobat 9.3.1 and prior for Windows and Macintosh Adobe Reader 8.2.1 and prior for Windows and Macintosh Acrobat 8.2.1 and prior for Windows and Macintosh Note: This vulnerability was previously documented in BID 39329 (Adobe Acrobat and Reader April 2010 Multiple Remote Vulnerabilities) but has been given its own record to better document the issue. Adobe released an advisory addressing multiple issues in Reader and Acrobat.
I. These vulnerabilities affect Reader and Acrobat 9.3.1 and earlier 9.x versions, and 8.2.1 and earlier versions.
An attacker could exploit these vulnerabilities by convincing a user to open a specially crafted PDF file. The Adobe Reader browser plug-in is available for multiple web browsers and operating systems, which can automatically open PDF documents hosted on a website.
II.
III. For a fresh installation, first install Adobe Reader 9.3.0 or 8.2.0 and then use the automatic update feature or install the appropriate update referenced in APSB10-09. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Adobe provides a framework to blacklist specific JavaScipt APIs. If JavaScript must be enabled, this feature may be useful when specific APIs are known to be vulnerable or used in attacks.
Prevent Internet Explorer from automatically opening PDF documents
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7] "EditFlags"=hex:00,00,00,00
Disable the display of PDF documents in the web browser
Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF documents from automatically being opened in a web browser, do the following:
- Open the Edit menu.
- Choose the Preferences option.
- Choose the Internet section.
- Uncheck the "Display PDF in browser" checkbox.
Do not access PDF documents from untrusted sources
Do not open unfamiliar or unexpected PDF documents, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. Please send email to cert@cert.org with "TA10-103C Feedback VU#352598" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
April 13, 2010: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBS8TuRj6pPKYJORa3AQJfzggAj8p3s/TrJT16ceFtRzLR31QBgRq6GxYr h8WnsGlj2WR71XjH219XaWx9Mj3KBWVxbAsNPmK0tEir7KA+n4DwZCewTDYRqfYs 8N7G9MOI68Z87+7zBiZAo0j5/lQuxLWyTF9PqWbX8gCWLqJWW46cEZCqg7OGRbYt w8coxdMXU6tM3WGoWAIKwLRtpQUdubcITPTrE7RATyLJ1422B9dkTSeSCuHHZs5d eXSPYzTQ1EOwHpuA5/a/or2SjeRPLQcpxb/8WKelSqwW3hpK4zviEnPt4cYyeNqW BQY06OQMTKch/nmniuEDuiwe69m0gTw7Tw2Dm6xrg6BLBy3A6GAwkQ== =CQ6i -----END PGP SIGNATURE----- . Adobe Reader U3D CLODMeshDeclaration Shading Count Buffer Overflow
TSL ID: FSC20100413-01
- Specifically, the vulnerability is due to an integer overflow when processing the "Shading Count" field in the CLOD Mesh Declaration block, which may lead to a heap based buffer overflow and execution of arbitrary code. An unsuccessful attack can abnormally terminate the affected product. Workaround
Avoid opening untrusted PDF files, or use an alternative application to process PDF files. Disclosure Timeline
2010-02-19 Reported to vendor 2010-02-19 Initial vendor response 2010-04-13 Coordinated public disclosure
- Credits
Vulnerability Research Team, TELUS Security Labs
- References
CVE: CVE-2010-0196 TSL: FSC20100413-01 Vendor: apsb10-09
- About TELUS Security Labs
TELUS Security Labs, formerly Assurent Secure Technologies, is the leading provider of security research. Our research services include:
* Vulnerability Research
* Malware Research
* Signature Development
* Shellcode Exploit Development
* Application Protocols
* Product Security Testing
* Security Content Development (parsers, reports, alerts)
TELUS Security Labs provides a specialized portfolio of services to assist security product vendors with newly discovered commercial product vulnerabilities and malware attacks. Many of our services are provided on a subscription basis to reduce research costs for our customers. Over 50 of the world's leading security product vendors rely on TELUS Security Labs research.
http://telussecuritylabs.com/ . For further information please consult the CVE entries and the Adobe Security Bulletins referenced below.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.3.4"
References
[ 1 ] APSA10-01 http://www.adobe.com/support/security/advisories/apsa10-01.html [ 2 ] APSB10-02 http://www.adobe.com/support/security/bulletins/apsb10-02.html [ 3 ] APSB10-07 http://www.adobe.com/support/security/bulletins/apsb10-07.html [ 4 ] APSB10-09 http://www.adobe.com/support/security/bulletins/apsb10-09.html [ 5 ] APSB10-14 http://www.adobe.com/support/security/bulletins/apsb10-14.html [ 6 ] APSB10-16 http://www.adobe.com/support/security/bulletins/apsb10-16.html [ 7 ] CVE-2009-3953 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953 [ 8 ] CVE-2009-4324 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324 [ 9 ] CVE-2010-0186 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186 [ 10 ] CVE-2010-0188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188 [ 11 ] CVE-2010-0190 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190 [ 12 ] CVE-2010-0191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191 [ 13 ] CVE-2010-0192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192 [ 14 ] CVE-2010-0193 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193 [ 15 ] CVE-2010-0194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194 [ 16 ] CVE-2010-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195 [ 17 ] CVE-2010-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196 [ 18 ] CVE-2010-0197 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197 [ 19 ] CVE-2010-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198 [ 20 ] CVE-2010-0199 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199 [ 21 ] CVE-2010-0201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201 [ 22 ] CVE-2010-0202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202 [ 23 ] CVE-2010-0203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203 [ 24 ] CVE-2010-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204 [ 25 ] CVE-2010-1241 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241 [ 26 ] CVE-2010-1285 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285 [ 27 ] CVE-2010-1295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295 [ 28 ] CVE-2010-1297 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297 [ 29 ] CVE-2010-2168 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168 [ 30 ] CVE-2010-2201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201 [ 31 ] CVE-2010-2202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202 [ 32 ] CVE-2010-2203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203 [ 33 ] CVE-2010-2204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204 [ 34 ] CVE-2010-2205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205 [ 35 ] CVE-2010-2206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206 [ 36 ] CVE-2010-2207 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207 [ 37 ] CVE-2010-2208 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208 [ 38 ] CVE-2010-2209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209 [ 39 ] CVE-2010-2210 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210 [ 40 ] CVE-2010-2211 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211 [ 41 ] CVE-2010-2212 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201009-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201004-0125",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.4.z (server)"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0"
}
],
"sources": [
{
"db": "BID",
"id": "39521"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001352"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-249"
},
{
"db": "NVD",
"id": "CVE-2010-0196"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001352"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Billy Rios and Microsoft Vulnerability Research (MSVR), Aki Helin of Oulu University Secure Programming Group, Microsoft Vulnerability Research Program (MSVR), Bing Liu of Fortinet\u0027s FortiGuard Labs, an anonymous researcher reported through TippingPoint\u0026a",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-249"
}
],
"trust": 0.6
},
"cve": "CVE-2010-0196",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-0196",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-42801",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-0196",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2010-0196",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201004-249",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-42801",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42801"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001352"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-249"
},
{
"db": "NVD",
"id": "CVE-2010-0196"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2010-0192 and CVE-2010-0193. This vulnerability CVE-2010-0192 and CVE-2010-0193 Is a different vulnerability.Service disruption by a third party (DoS) Could be put into a state or execute arbitrary code. Failed exploit attempts will result in a denial of service. \nThe following products are affected:\nAdobe Reader 9.3.1 and prior for Windows, Macintosh, and UNIX\nAdobe Acrobat 9.3.1 and prior for Windows and Macintosh\nAdobe Reader 8.2.1 and prior for Windows and Macintosh\nAcrobat 8.2.1 and prior for Windows and Macintosh\nNote: This vulnerability was previously documented in BID 39329 (Adobe Acrobat and Reader April 2010 Multiple Remote Vulnerabilities) but has been given its own record to better document the issue. Adobe released an advisory addressing multiple issues in Reader and Acrobat. \n\n\nI. These\n vulnerabilities affect Reader and Acrobat 9.3.1 and earlier 9.x\n versions, and 8.2.1 and earlier versions. \n\n An attacker could exploit these vulnerabilities by convincing a\n user to open a specially crafted PDF file. The Adobe Reader browser\n plug-in is available for multiple web browsers and operating\n systems, which can automatically open PDF documents hosted on a\n website. \n\n\nII. \n\n\nIII. For a fresh installation, first install\n Adobe Reader 9.3.0 or 8.2.0 and then use the automatic update\n feature or install the appropriate update referenced in APSB10-09. Acrobat JavaScript can be disabled using the\n Preferences menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable\n Acrobat JavaScript). \n\n Adobe provides a framework to blacklist specific JavaScipt APIs. If\n JavaScript must be enabled, this feature may be useful when\n specific APIs are known to be vulnerable or used in attacks. \n\n Prevent Internet Explorer from automatically opening PDF documents\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF documents in the web browser\n\n Preventing PDF documents from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF documents from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. \n\n Do not access PDF documents from untrusted sources\n\n Do not open unfamiliar or unexpected PDF documents, particularly\n those hosted on websites or delivered as email attachments. Please\n see Cyber Security Tip ST04-010. \n\n\nIV. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-103C Feedback VU#352598\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n April 13, 2010: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBS8TuRj6pPKYJORa3AQJfzggAj8p3s/TrJT16ceFtRzLR31QBgRq6GxYr\nh8WnsGlj2WR71XjH219XaWx9Mj3KBWVxbAsNPmK0tEir7KA+n4DwZCewTDYRqfYs\n8N7G9MOI68Z87+7zBiZAo0j5/lQuxLWyTF9PqWbX8gCWLqJWW46cEZCqg7OGRbYt\nw8coxdMXU6tM3WGoWAIKwLRtpQUdubcITPTrE7RATyLJ1422B9dkTSeSCuHHZs5d\neXSPYzTQ1EOwHpuA5/a/or2SjeRPLQcpxb/8WKelSqwW3hpK4zviEnPt4cYyeNqW\nBQY06OQMTKch/nmniuEDuiwe69m0gTw7Tw2Dm6xrg6BLBy3A6GAwkQ==\n=CQ6i\n-----END PGP SIGNATURE-----\n. Adobe Reader U3D CLODMeshDeclaration Shading Count Buffer Overflow\n\nTSL ID: FSC20100413-01\n\n1. Specifically, the vulnerability is due to an integer overflow when processing the \"Shading Count\" field in the CLOD Mesh Declaration block, which may lead to a heap based buffer overflow and execution of arbitrary code. An unsuccessful attack can abnormally terminate the affected product. Workaround\n\n Avoid opening untrusted PDF files, or use an alternative application to process PDF files. Disclosure Timeline\n\n 2010-02-19 Reported to vendor\n 2010-02-19 Initial vendor response\n 2010-04-13 Coordinated public disclosure\n\n8. Credits\n\n Vulnerability Research Team, TELUS Security Labs\n\n9. References\n\n CVE: CVE-2010-0196\n TSL: FSC20100413-01\n Vendor: apsb10-09\n\n10. About TELUS Security Labs\n\n TELUS Security Labs, formerly Assurent Secure Technologies, is the leading provider of security research. Our research services include:\n\n * Vulnerability Research\n * Malware Research\n * Signature Development\n * Shellcode Exploit Development\n * Application Protocols\n * Product Security Testing\n * Security Content Development (parsers, reports, alerts)\n\n TELUS Security Labs provides a specialized portfolio of services to assist security product vendors with newly \ndiscovered commercial product vulnerabilities and malware attacks. Many of our services are provided on a subscription basis to reduce research costs for our customers. Over 50 of the world\u0027s leading security product vendors rely on TELUS Security Labs research. \n\n http://telussecuritylabs.com/\n. For further\ninformation please consult the CVE entries and the Adobe Security\nBulletins referenced below. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.3.4\"\n\nReferences\n==========\n\n [ 1 ] APSA10-01\n http://www.adobe.com/support/security/advisories/apsa10-01.html\n [ 2 ] APSB10-02\n http://www.adobe.com/support/security/bulletins/apsb10-02.html\n [ 3 ] APSB10-07\n http://www.adobe.com/support/security/bulletins/apsb10-07.html\n [ 4 ] APSB10-09\n http://www.adobe.com/support/security/bulletins/apsb10-09.html\n [ 5 ] APSB10-14\n http://www.adobe.com/support/security/bulletins/apsb10-14.html\n [ 6 ] APSB10-16\n http://www.adobe.com/support/security/bulletins/apsb10-16.html\n [ 7 ] CVE-2009-3953\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953\n [ 8 ] CVE-2009-4324\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324\n [ 9 ] CVE-2010-0186\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186\n [ 10 ] CVE-2010-0188\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188\n [ 11 ] CVE-2010-0190\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190\n [ 12 ] CVE-2010-0191\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191\n [ 13 ] CVE-2010-0192\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192\n [ 14 ] CVE-2010-0193\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193\n [ 15 ] CVE-2010-0194\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194\n [ 16 ] CVE-2010-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195\n [ 17 ] CVE-2010-0196\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196\n [ 18 ] CVE-2010-0197\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197\n [ 19 ] CVE-2010-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198\n [ 20 ] CVE-2010-0199\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199\n [ 21 ] CVE-2010-0201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201\n [ 22 ] CVE-2010-0202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202\n [ 23 ] CVE-2010-0203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203\n [ 24 ] CVE-2010-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204\n [ 25 ] CVE-2010-1241\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241\n [ 26 ] CVE-2010-1285\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285\n [ 27 ] CVE-2010-1295\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295\n [ 28 ] CVE-2010-1297\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297\n [ 29 ] CVE-2010-2168\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168\n [ 30 ] CVE-2010-2201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201\n [ 31 ] CVE-2010-2202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202\n [ 32 ] CVE-2010-2203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203\n [ 33 ] CVE-2010-2204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204\n [ 34 ] CVE-2010-2205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205\n [ 35 ] CVE-2010-2206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206\n [ 36 ] CVE-2010-2207\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207\n [ 37 ] CVE-2010-2208\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208\n [ 38 ] CVE-2010-2209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209\n [ 39 ] CVE-2010-2210\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210\n [ 40 ] CVE-2010-2211\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211\n [ 41 ] CVE-2010-2212\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201009-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-0196"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001352"
},
{
"db": "BID",
"id": "39521"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "VULHUB",
"id": "VHN-42801"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "88434"
},
{
"db": "PACKETSTORM",
"id": "93607"
}
],
"trust": 2.52
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-42801",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42801"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-0196",
"trust": 3.0
},
{
"db": "USCERT",
"id": "TA10-103C",
"trust": 2.6
},
{
"db": "VUPEN",
"id": "ADV-2010-0873",
"trust": 2.5
},
{
"db": "BID",
"id": "39329",
"trust": 2.0
},
{
"db": "BID",
"id": "39521",
"trust": 1.2
},
{
"db": "USCERT",
"id": "SA10-103C",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001352",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201004-249",
"trust": 0.7
},
{
"db": "CERT/CC",
"id": "TA10-103C",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "88434",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-42801",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88345",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "93607",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42801"
},
{
"db": "BID",
"id": "39521"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001352"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "88434"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-249"
},
{
"db": "NVD",
"id": "CVE-2010-0196"
}
]
},
"id": "VAR-201004-0125",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-42801"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:14:23.422000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-09",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"title": "APSB10-09",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-09.html"
},
{
"title": "RHSA-2010:0349",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0349.html"
},
{
"title": "TA10-103C",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-103c.html"
},
{
"title": "Adobe Reader 9.3.2 update (Intel) - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=4092"
},
{
"title": "Adobe Reader 8.1.7",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=4096"
},
{
"title": "Adobe Acrobat 9.3.2 Pro update - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=4100"
},
{
"title": "Adobe Reader 9.3.2 update - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=4091"
},
{
"title": "Adobe Reader 8.1.7",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=4095"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001352"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-249"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-0196"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-103c.html"
},
{
"trust": 2.5,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2010/0873"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/39329"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7064"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0196"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100009.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-103c/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-13/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0196"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/39521"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-103c.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/index.html#topics"
},
{
"trust": 0.6,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://seclists.org/fulldisclosure/2010/apr/200"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-103c.html\u003e"
},
{
"trust": 0.1,
"url": "http://kb2.adobe.com/cps/504/cpsid_50431.html\u003e"
},
{
"trust": 0.1,
"url": "http://blogs.adobe.com/adobereader/2010/04/upcoming_adobe_reader_and_acro.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://get.adobe.com/reader/"
},
{
"trust": 0.1,
"url": "http://telussecuritylabs.com/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2203"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2209"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0188"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0199"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201009-05.xml"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2205"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2211"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1285"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0199"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0190"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2210"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0188"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0198"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-07.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1297"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1241"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1295"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2208"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0190"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0198"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2207"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2168"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2201"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-16.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0186"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2212"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42801"
},
{
"db": "BID",
"id": "39521"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001352"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "88434"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-249"
},
{
"db": "NVD",
"id": "CVE-2010-0196"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-42801"
},
{
"db": "BID",
"id": "39521"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001352"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "88434"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-249"
},
{
"db": "NVD",
"id": "CVE-2010-0196"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-14T00:00:00",
"db": "VULHUB",
"id": "VHN-42801"
},
{
"date": "2010-04-13T00:00:00",
"db": "BID",
"id": "39521"
},
{
"date": "2010-04-08T00:00:00",
"db": "BID",
"id": "39329"
},
{
"date": "2010-04-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001352"
},
{
"date": "2010-04-14T07:04:22",
"db": "PACKETSTORM",
"id": "88345"
},
{
"date": "2010-04-16T02:10:18",
"db": "PACKETSTORM",
"id": "88434"
},
{
"date": "2010-09-08T05:23:46",
"db": "PACKETSTORM",
"id": "93607"
},
{
"date": "2010-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-249"
},
{
"date": "2010-04-14T16:00:00.850000",
"db": "NVD",
"id": "CVE-2010-0196"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-42801"
},
{
"date": "2015-03-19T09:35:00",
"db": "BID",
"id": "39521"
},
{
"date": "2010-04-16T15:53:00",
"db": "BID",
"id": "39329"
},
{
"date": "2010-04-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001352"
},
{
"date": "2010-04-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-249"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2010-0196"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "39521"
},
{
"db": "BID",
"id": "39329"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001352"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "39521"
},
{
"db": "BID",
"id": "39329"
}
],
"trust": 0.6
}
}
var-201412-0508
Vulnerability from variot
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8454 and CVE-2014-9165. This vulnerability CVE-2014-8454 and CVE-2014-9165 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. Adobe Reader and Acrobat are prone to a remote code-execution vulnerability. Failed exploit attempts likely result in denial-of-service conditions. The affected products are: Adobe Reader 11.x versions prior to 11.0.10 Adobe Reader 10.x versions prior to 10.1.13 Adobe Acrobat 11.x versions prior to 11.0.10 Adobe Acrobat 10.x versions prior to 10.1.13. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201412-0508",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.02"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.01"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.03"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.07"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.04"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.06"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.13)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.13)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.10)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.10)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "71571"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005930"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-230"
},
{
"db": "NVD",
"id": "CVE-2014-8455"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005930"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mateusz Jurczyk of Google Project Zero and Gynvael Coldwind of Google Security Team.",
"sources": [
{
"db": "BID",
"id": "71571"
}
],
"trust": 0.3
},
"cve": "CVE-2014-8455",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-8455",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-76400",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-8455",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-8455",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201412-230",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-76400",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76400"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005930"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-230"
},
{
"db": "NVD",
"id": "CVE-2014-8455"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8454 and CVE-2014-9165. This vulnerability CVE-2014-8454 and CVE-2014-9165 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. Adobe Reader and Acrobat are prone to a remote code-execution vulnerability. Failed exploit attempts likely result in denial-of-service conditions. \nThe affected products are:\nAdobe Reader 11.x versions prior to 11.0.10\nAdobe Reader 10.x versions prior to 10.1.13\nAdobe Acrobat 11.x versions prior to 11.0.10\nAdobe Acrobat 10.x versions prior to 10.1.13. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8455"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005930"
},
{
"db": "BID",
"id": "71571"
},
{
"db": "VULHUB",
"id": "VHN-76400"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-8455",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005930",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201412-230",
"trust": 0.7
},
{
"db": "BID",
"id": "71571",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-76400",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76400"
},
{
"db": "BID",
"id": "71571"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005930"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-230"
},
{
"db": "NVD",
"id": "CVE-2014-8455"
}
]
},
"id": "VAR-201412-0508",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-76400"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:57:42.623000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb14-28.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005930"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005930"
},
{
"db": "NVD",
"id": "CVE-2014-8455"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8455"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20141210-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140053.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8455"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=15071"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/reader/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76400"
},
{
"db": "BID",
"id": "71571"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005930"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-230"
},
{
"db": "NVD",
"id": "CVE-2014-8455"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-76400"
},
{
"db": "BID",
"id": "71571"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005930"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-230"
},
{
"db": "NVD",
"id": "CVE-2014-8455"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-10T00:00:00",
"db": "VULHUB",
"id": "VHN-76400"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71571"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005930"
},
{
"date": "2014-12-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-230"
},
{
"date": "2014-12-10T21:59:26.493000",
"db": "NVD",
"id": "CVE-2014-8455"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-76400"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71571"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005930"
},
{
"date": "2014-12-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-230"
},
{
"date": "2014-12-12T01:32:33.927000",
"db": "NVD",
"id": "CVE-2014-8455"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-230"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005930"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "71571"
}
],
"trust": 0.3
}
}
var-201512-0436
Vulnerability from variot
Heap-based buffer overflow in AGM.dll in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via a multiple-layer PDF document, a different vulnerability than CVE-2015-6696 and CVE-2015-6698. This vulnerability CVE-2015-6696 and CVE-2015-6698 Is a different vulnerability.By attackers, multiple layers PDF Arbitrary code may be executed through the documentation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within AGM.dll. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. 15 and earlier versions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201512-0436",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-637"
},
{
"db": "BID",
"id": "79208"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006484"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-458"
},
{
"db": "NVD",
"id": "CVE-2015-8458"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006484"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Fritz Sands of the Zero Day Initiative.",
"sources": [
{
"db": "BID",
"id": "79208"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-458"
}
],
"trust": 0.9
},
"cve": "CVE-2015-8458",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-8458",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 2.5,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-86419",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-8458",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-8458",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2015-8458",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201512-458",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-86419",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-637"
},
{
"db": "VULHUB",
"id": "VHN-86419"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006484"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-458"
},
{
"db": "NVD",
"id": "CVE-2015-8458"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in AGM.dll in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via a multiple-layer PDF document, a different vulnerability than CVE-2015-6696 and CVE-2015-6698. This vulnerability CVE-2015-6696 and CVE-2015-6698 Is a different vulnerability.By attackers, multiple layers PDF Arbitrary code may be executed through the documentation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within AGM.dll. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. 15 and earlier versions",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-8458"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006484"
},
{
"db": "ZDI",
"id": "ZDI-15-637"
},
{
"db": "BID",
"id": "79208"
},
{
"db": "VULHUB",
"id": "VHN-86419"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-8458",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-637",
"trust": 2.7
},
{
"db": "BID",
"id": "79208",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006484",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3019",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201512-458",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-86419",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-637"
},
{
"db": "VULHUB",
"id": "VHN-86419"
},
{
"db": "BID",
"id": "79208"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006484"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-458"
},
{
"db": "NVD",
"id": "CVE-2015-8458"
}
]
},
"id": "VAR-201512-0436",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-86419"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T14:27:32.883000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product-based patch-based buffer overflow vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59245"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-637"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006484"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-458"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-86419"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006484"
},
{
"db": "NVD",
"id": "CVE-2015-8458"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/79208"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-637"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8458"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-8458"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-637/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-637"
},
{
"db": "VULHUB",
"id": "VHN-86419"
},
{
"db": "BID",
"id": "79208"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006484"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-458"
},
{
"db": "NVD",
"id": "CVE-2015-8458"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-637"
},
{
"db": "VULHUB",
"id": "VHN-86419"
},
{
"db": "BID",
"id": "79208"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006484"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-458"
},
{
"db": "NVD",
"id": "CVE-2015-8458"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-12-14T00:00:00",
"db": "ZDI",
"id": "ZDI-15-637"
},
{
"date": "2015-12-21T00:00:00",
"db": "VULHUB",
"id": "VHN-86419"
},
{
"date": "2015-12-14T00:00:00",
"db": "BID",
"id": "79208"
},
{
"date": "2015-12-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006484"
},
{
"date": "2015-12-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-458"
},
{
"date": "2015-12-21T11:59:13.080000",
"db": "NVD",
"id": "CVE-2015-8458"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-12-14T00:00:00",
"db": "ZDI",
"id": "ZDI-15-637"
},
{
"date": "2020-05-19T00:00:00",
"db": "VULHUB",
"id": "VHN-86419"
},
{
"date": "2015-12-14T00:00:00",
"db": "BID",
"id": "79208"
},
{
"date": "2015-12-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006484"
},
{
"date": "2020-05-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-458"
},
{
"date": "2021-09-08T17:19:32.793000",
"db": "NVD",
"id": "CVE-2015-8458"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201512-458"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of AGM.dll Heap-based buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006484"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201512-458"
}
],
"trust": 0.6
}
}
var-201510-0402
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows mishandle junctions in the Synchronizer directory, which allows attackers to delete arbitrary files via Adobe Collaboration Sync, a related issue to CVE-2015-2428. This vulnerability CVE-2015-3095 , CVE-2015-5087 , CVE-2015-5094 , CVE-2015-5100 , CVE-2015-5102 , CVE-2015-5103 ,and CVE-2015-5104 Is a different vulnerability.By the attacker, Adobe Collaboration Sync Any file may be deleted through. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of junction points. An attacker running code in the context of a sandboxed Adobe Reader process can set up a junction point in the Synchronizer folder and then run Adobe Collaboration Sync which will delete the contents of the folder. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0402",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows)"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "5.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-465"
},
{
"db": "BID",
"id": "77090"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005287"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-262"
},
{
"db": "NVD",
"id": "CVE-2015-7829"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005287"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri and Jasiel Spelman of HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-465"
},
{
"db": "BID",
"id": "77090"
}
],
"trust": 1.0
},
"cve": "CVE-2015-7829",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.4,
"id": "CVE-2015-7829",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 1.0,
"vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 3.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2015-7829",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 1.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.4,
"id": "CVE-2015-7829",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "LOW",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.4,
"id": "VHN-85790",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-7829",
"trust": 1.0,
"value": "LOW"
},
{
"author": "NVD",
"id": "CVE-2015-7829",
"trust": 0.8,
"value": "Low"
},
{
"author": "ZDI",
"id": "CVE-2015-7829",
"trust": 0.7,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-262",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-85790",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-465"
},
{
"db": "VULHUB",
"id": "VHN-85790"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005287"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-262"
},
{
"db": "NVD",
"id": "CVE-2015-7829"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows mishandle junctions in the Synchronizer directory, which allows attackers to delete arbitrary files via Adobe Collaboration Sync, a related issue to CVE-2015-2428. This vulnerability CVE-2015-3095 , CVE-2015-5087 , CVE-2015-5094 , CVE-2015-5100 , CVE-2015-5102 , CVE-2015-5103 ,and CVE-2015-5104 Is a different vulnerability.By the attacker, Adobe Collaboration Sync Any file may be deleted through. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of junction points. An attacker running code in the context of a sandboxed Adobe Reader process can set up a junction point in the Synchronizer folder and then run Adobe Collaboration Sync which will delete the contents of the folder. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7829"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005287"
},
{
"db": "ZDI",
"id": "ZDI-15-465"
},
{
"db": "BID",
"id": "77090"
},
{
"db": "VULHUB",
"id": "VHN-85790"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-7829",
"trust": 3.2
},
{
"db": "ZDI",
"id": "ZDI-15-465",
"trust": 2.7
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005287",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2892",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-262",
"trust": 0.6
},
{
"db": "BID",
"id": "77090",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-85790",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-465"
},
{
"db": "VULHUB",
"id": "VHN-85790"
},
{
"db": "BID",
"id": "77090"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005287"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-262"
},
{
"db": "NVD",
"id": "CVE-2015-7829"
}
]
},
"id": "VAR-201510-0402",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-85790"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:32.615000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58111"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-465"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005287"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-262"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.1
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85790"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005287"
},
{
"db": "NVD",
"id": "CVE-2015-7829"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-465"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7829"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7829"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-465/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-465"
},
{
"db": "VULHUB",
"id": "VHN-85790"
},
{
"db": "BID",
"id": "77090"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005287"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-262"
},
{
"db": "NVD",
"id": "CVE-2015-7829"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-465"
},
{
"db": "VULHUB",
"id": "VHN-85790"
},
{
"db": "BID",
"id": "77090"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005287"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-262"
},
{
"db": "NVD",
"id": "CVE-2015-7829"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-465"
},
{
"date": "2015-10-15T00:00:00",
"db": "VULHUB",
"id": "VHN-85790"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77090"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005287"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-262"
},
{
"date": "2015-10-15T00:00:13.720000",
"db": "NVD",
"id": "CVE-2015-7829"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-465"
},
{
"date": "2020-05-19T00:00:00",
"db": "VULHUB",
"id": "VHN-85790"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77090"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005287"
},
{
"date": "2020-05-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-262"
},
{
"date": "2021-09-08T17:19:32.723000",
"db": "NVD",
"id": "CVE-2015-7829"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "77090"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-262"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows Run on Adobe Reader and Acrobat Vulnerable to arbitrary file deletion",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005287"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-262"
}
],
"trust": 0.6
}
}
var-201208-0212
Vulnerability from variot
Multiple unspecified vulnerabilities in Adobe Reader through 10.1.4 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, related to "sixteen more crashes affecting Windows, OS X, or both systems.". Adobe Acrobat and Reader are prone to multiple unspecified remote code-execution vulnerabilities. Successful attacks will result in arbitrary code execution in the context of the user running the affected application; failed attacks may cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201308-03
http://security.gentoo.org/
Severity: High Title: Adobe Reader: Multiple vulnerabilities Date: August 22, 2013 Bugs: #431732, #451058, #469960 ID: 201308-03
Synopsis
Multiple vulnerabilities have been found in Adobe Reader, including potential remote execution of arbitrary code and local privilege escalation.
Background
Adobe Reader is a closed-source PDF reader. Please review the CVE identifiers referenced below for details. A local attacker could gain privileges via unspecified vectors.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.5.5"
References
[ 1 ] CVE-2012-1525 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525 [ 2 ] CVE-2012-1530 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530 [ 3 ] CVE-2012-2049 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049 [ 4 ] CVE-2012-2050 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050 [ 5 ] CVE-2012-2051 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051 [ 6 ] CVE-2012-4147 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147 [ 7 ] CVE-2012-4148 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748 [ 8 ] CVE-2012-4149 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149 [ 9 ] CVE-2012-4150 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150 [ 10 ] CVE-2012-4151 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151 [ 11 ] CVE-2012-4152 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152 [ 12 ] CVE-2012-4153 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153 [ 13 ] CVE-2012-4154 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154 [ 14 ] CVE-2012-4155 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155 [ 15 ] CVE-2012-4156 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156 [ 16 ] CVE-2012-4157 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157 [ 17 ] CVE-2012-4158 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158 [ 18 ] CVE-2012-4159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159 [ 19 ] CVE-2012-4160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160 [ 20 ] CVE-2012-4363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363 [ 21 ] CVE-2013-0601 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601 [ 22 ] CVE-2013-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602 [ 23 ] CVE-2013-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603 [ 24 ] CVE-2013-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604 [ 25 ] CVE-2013-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605 [ 26 ] CVE-2013-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606 [ 27 ] CVE-2013-0607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607 [ 28 ] CVE-2013-0608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608 [ 29 ] CVE-2013-0609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609 [ 30 ] CVE-2013-0610 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610 [ 31 ] CVE-2013-0611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611 [ 32 ] CVE-2013-0612 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612 [ 33 ] CVE-2013-0613 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613 [ 34 ] CVE-2013-0614 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614 [ 35 ] CVE-2013-0615 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615 [ 36 ] CVE-2013-0616 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616 [ 37 ] CVE-2013-0617 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617 [ 38 ] CVE-2013-0618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618 [ 39 ] CVE-2013-0619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619 [ 40 ] CVE-2013-0620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620 [ 41 ] CVE-2013-0621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621 [ 42 ] CVE-2013-0622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622 [ 43 ] CVE-2013-0623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623 [ 44 ] CVE-2013-0624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624 [ 45 ] CVE-2013-0626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626 [ 46 ] CVE-2013-0627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627 [ 47 ] CVE-2013-0640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640 [ 48 ] CVE-2013-0641 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641 [ 49 ] CVE-2013-2549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549 [ 50 ] CVE-2013-2550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550 [ 51 ] CVE-2013-2718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718 [ 52 ] CVE-2013-2719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719 [ 53 ] CVE-2013-2720 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720 [ 54 ] CVE-2013-2721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721 [ 55 ] CVE-2013-2722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722 [ 56 ] CVE-2013-2723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723 [ 57 ] CVE-2013-2724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724 [ 58 ] CVE-2013-2725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725 [ 59 ] CVE-2013-2726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726 [ 60 ] CVE-2013-2727 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727 [ 61 ] CVE-2013-2729 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729 [ 62 ] CVE-2013-2730 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730 [ 63 ] CVE-2013-2731 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731 [ 64 ] CVE-2013-2732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732 [ 65 ] CVE-2013-2733 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733 [ 66 ] CVE-2013-2734 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734 [ 67 ] CVE-2013-2735 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735 [ 68 ] CVE-2013-2736 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736 [ 69 ] CVE-2013-2737 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737 [ 70 ] CVE-2013-3337 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337 [ 71 ] CVE-2013-3338 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338 [ 72 ] CVE-2013-3339 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339 [ 73 ] CVE-2013-3340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340 [ 74 ] CVE-2013-3341 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341 [ 75 ] CVE-2013-3342 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201308-03.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201208-0212",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "4.0.5a"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "4.0.5c"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "3.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "3.02"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "3.01"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.7"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "55055"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003790"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-362"
},
{
"db": "NVD",
"id": "CVE-2012-4363"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003790"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mateusz ???j00ru??? Jurczyk and Gynvael Coldwind",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-305"
}
],
"trust": 0.6
},
"cve": "CVE-2012-4363",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2012-4363",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-57644",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-4363",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2012-4363",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201208-362",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-57644",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2012-4363",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57644"
},
{
"db": "VULMON",
"id": "CVE-2012-4363"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003790"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-362"
},
{
"db": "NVD",
"id": "CVE-2012-4363"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple unspecified vulnerabilities in Adobe Reader through 10.1.4 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, related to \"sixteen more crashes affecting Windows, OS X, or both systems.\". Adobe Acrobat and Reader are prone to multiple unspecified remote code-execution vulnerabilities. \nSuccessful attacks will result in arbitrary code execution in the context of the user running the affected application; failed attacks may cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201308-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Adobe Reader: Multiple vulnerabilities\n Date: August 22, 2013\n Bugs: #431732, #451058, #469960\n ID: 201308-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Adobe Reader, including\npotential remote execution of arbitrary code and local privilege\nescalation. \n\nBackground\n==========\n\nAdobe Reader is a closed-source PDF reader. Please\nreview the CVE identifiers referenced below for details. A local attacker could gain privileges via\nunspecified vectors. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.5.5\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-1525\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525\n[ 2 ] CVE-2012-1530\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530\n[ 3 ] CVE-2012-2049\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049\n[ 4 ] CVE-2012-2050\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050\n[ 5 ] CVE-2012-2051\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051\n[ 6 ] CVE-2012-4147\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147\n[ 7 ] CVE-2012-4148\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748\n[ 8 ] CVE-2012-4149\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149\n[ 9 ] CVE-2012-4150\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150\n[ 10 ] CVE-2012-4151\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151\n[ 11 ] CVE-2012-4152\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152\n[ 12 ] CVE-2012-4153\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153\n[ 13 ] CVE-2012-4154\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154\n[ 14 ] CVE-2012-4155\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155\n[ 15 ] CVE-2012-4156\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156\n[ 16 ] CVE-2012-4157\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157\n[ 17 ] CVE-2012-4158\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158\n[ 18 ] CVE-2012-4159\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159\n[ 19 ] CVE-2012-4160\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160\n[ 20 ] CVE-2012-4363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363\n[ 21 ] CVE-2013-0601\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601\n[ 22 ] CVE-2013-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602\n[ 23 ] CVE-2013-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603\n[ 24 ] CVE-2013-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604\n[ 25 ] CVE-2013-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605\n[ 26 ] CVE-2013-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606\n[ 27 ] CVE-2013-0607\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607\n[ 28 ] CVE-2013-0608\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608\n[ 29 ] CVE-2013-0609\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609\n[ 30 ] CVE-2013-0610\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610\n[ 31 ] CVE-2013-0611\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611\n[ 32 ] CVE-2013-0612\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612\n[ 33 ] CVE-2013-0613\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613\n[ 34 ] CVE-2013-0614\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614\n[ 35 ] CVE-2013-0615\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615\n[ 36 ] CVE-2013-0616\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616\n[ 37 ] CVE-2013-0617\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617\n[ 38 ] CVE-2013-0618\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618\n[ 39 ] CVE-2013-0619\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619\n[ 40 ] CVE-2013-0620\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620\n[ 41 ] CVE-2013-0621\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621\n[ 42 ] CVE-2013-0622\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622\n[ 43 ] CVE-2013-0623\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623\n[ 44 ] CVE-2013-0624\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624\n[ 45 ] CVE-2013-0626\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626\n[ 46 ] CVE-2013-0627\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627\n[ 47 ] CVE-2013-0640\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640\n[ 48 ] CVE-2013-0641\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641\n[ 49 ] CVE-2013-2549\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549\n[ 50 ] CVE-2013-2550\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550\n[ 51 ] CVE-2013-2718\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718\n[ 52 ] CVE-2013-2719\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719\n[ 53 ] CVE-2013-2720\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720\n[ 54 ] CVE-2013-2721\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721\n[ 55 ] CVE-2013-2722\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722\n[ 56 ] CVE-2013-2723\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723\n[ 57 ] CVE-2013-2724\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724\n[ 58 ] CVE-2013-2725\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725\n[ 59 ] CVE-2013-2726\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726\n[ 60 ] CVE-2013-2727\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727\n[ 61 ] CVE-2013-2729\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729\n[ 62 ] CVE-2013-2730\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730\n[ 63 ] CVE-2013-2731\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731\n[ 64 ] CVE-2013-2732\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732\n[ 65 ] CVE-2013-2733\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733\n[ 66 ] CVE-2013-2734\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734\n[ 67 ] CVE-2013-2735\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735\n[ 68 ] CVE-2013-2736\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736\n[ 69 ] CVE-2013-2737\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737\n[ 70 ] CVE-2013-3337\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337\n[ 71 ] CVE-2013-3338\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338\n[ 72 ] CVE-2013-3339\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339\n[ 73 ] CVE-2013-3340\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340\n[ 74 ] CVE-2013-3341\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341\n[ 75 ] CVE-2013-3342\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201308-03.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4363"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003790"
},
{
"db": "BID",
"id": "55055"
},
{
"db": "VULHUB",
"id": "VHN-57644"
},
{
"db": "VULMON",
"id": "CVE-2012-4363"
},
{
"db": "PACKETSTORM",
"id": "122930"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-4363",
"trust": 3.0
},
{
"db": "BID",
"id": "55055",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003790",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201208-362",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201208-305",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-57644",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2012-4363",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "122930",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57644"
},
{
"db": "VULMON",
"id": "CVE-2012-4363"
},
{
"db": "BID",
"id": "55055"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003790"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-305"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-362"
},
{
"db": "NVD",
"id": "CVE-2012-4363"
}
]
},
"id": "VAR-201208-0212",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-57644"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:18:06.471000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.adobe.com/"
},
{
"title": "GLSA 201308-03",
"trust": 0.8,
"url": "http://www.gentoo.org/security/en/glsa/glsa-201308-03.xml"
},
{
"title": "Multiple Cryptographic Issues vulnerabilities in Ruby",
"trust": 0.8,
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_cryptographic_issues_vulnerabilities_in"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/0xCyberY/CVE-T4PDF "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-4363"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003790"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4363"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://gynvael.coldwind.pl/?id=483"
},
{
"trust": 2.6,
"url": "http://j00ru.vexillium.org/?p=1175"
},
{
"trust": 1.8,
"url": "http://vexillium.org/dl.php?ar_callstack.txt"
},
{
"trust": 1.3,
"url": "http://security.gentoo.org/glsa/glsa-201308-03.xml"
},
{
"trust": 1.2,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78587"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4363"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4363"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/55055"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/0xcybery/cve-t4pdf"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3338"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4147"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4155"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4152"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2729"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2718"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0611"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2719"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2722"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4147"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4152"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0620"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2725"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2721"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1525"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4153"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0607"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0617"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4151"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0615"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0601"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1525"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2735"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2726"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2737"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2549"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4154"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2727"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0608"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4157"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1530"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2734"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4157"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4153"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4150"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3342"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0641"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0610"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2731"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0623"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2049"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2733"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2736"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3337"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2050"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2720"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0614"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1530"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2730"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0616"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4151"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0619"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4150"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4154"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3341"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2550"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0640"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4155"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2049"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2732"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2724"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0612"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0613"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2723"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2050"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0621"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0601"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57644"
},
{
"db": "VULMON",
"id": "CVE-2012-4363"
},
{
"db": "BID",
"id": "55055"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003790"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-305"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-362"
},
{
"db": "NVD",
"id": "CVE-2012-4363"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-57644"
},
{
"db": "VULMON",
"id": "CVE-2012-4363"
},
{
"db": "BID",
"id": "55055"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003790"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-305"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-362"
},
{
"db": "NVD",
"id": "CVE-2012-4363"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-21T00:00:00",
"db": "VULHUB",
"id": "VHN-57644"
},
{
"date": "2012-08-21T00:00:00",
"db": "VULMON",
"id": "CVE-2012-4363"
},
{
"date": "2012-08-16T00:00:00",
"db": "BID",
"id": "55055"
},
{
"date": "2012-08-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003790"
},
{
"date": "2013-08-23T06:29:02",
"db": "PACKETSTORM",
"id": "122930"
},
{
"date": "2012-08-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-305"
},
{
"date": "2012-08-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-362"
},
{
"date": "2012-08-21T10:46:10.843000",
"db": "NVD",
"id": "CVE-2012-4363"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-57644"
},
{
"date": "2017-08-29T00:00:00",
"db": "VULMON",
"id": "CVE-2012-4363"
},
{
"date": "2013-08-26T08:09:00",
"db": "BID",
"id": "55055"
},
{
"date": "2014-01-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003790"
},
{
"date": "2012-08-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-305"
},
{
"date": "2012-09-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-362"
},
{
"date": "2017-08-29T01:32:16.680000",
"db": "NVD",
"id": "CVE-2012-4363"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-305"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-362"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader Service disruption in ( Application crash ) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003790"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-362"
}
],
"trust": 0.6
}
}
var-201006-1157
Vulnerability from variot
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2207, CVE-2010-2209, CVE-2010-2210, CVE-2010-2211, and CVE-2010-2212. Adobe Reader and Acrobat Any code that could be executed or service disruption (DoS) There is a vulnerability that becomes a condition. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists when the application parses a PDF file containing a malformed CLOD Progressive Mesh Continuation Resolution Update. Specific values can cause a memory corruption during floating point operations which can be subsequently leveraged to achieve arbitrary code execution under the privileges of the current user. Adobe Reader and Acrobat versions prior to and including 9.3.2 and 8.2.2 are affected. NOTE: This issue was previously covered in BID 41130 (Adobe Acrobat and Reader Prior to 9.3.3 Multiple Remote Vulnerabilities) but has been given its own record to better document it.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.3.4 >= 9.3.4
Description
Multiple vulnerabilities were discovered in Adobe Reader. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.3.4"
References
[ 1 ] APSA10-01 http://www.adobe.com/support/security/advisories/apsa10-01.html [ 2 ] APSB10-02 http://www.adobe.com/support/security/bulletins/apsb10-02.html [ 3 ] APSB10-07 http://www.adobe.com/support/security/bulletins/apsb10-07.html [ 4 ] APSB10-09 http://www.adobe.com/support/security/bulletins/apsb10-09.html [ 5 ] APSB10-14 http://www.adobe.com/support/security/bulletins/apsb10-14.html [ 6 ] APSB10-16 http://www.adobe.com/support/security/bulletins/apsb10-16.html [ 7 ] CVE-2009-3953 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953 [ 8 ] CVE-2009-4324 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324 [ 9 ] CVE-2010-0186 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186 [ 10 ] CVE-2010-0188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188 [ 11 ] CVE-2010-0190 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190 [ 12 ] CVE-2010-0191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191 [ 13 ] CVE-2010-0192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192 [ 14 ] CVE-2010-0193 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193 [ 15 ] CVE-2010-0194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194 [ 16 ] CVE-2010-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195 [ 17 ] CVE-2010-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196 [ 18 ] CVE-2010-0197 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197 [ 19 ] CVE-2010-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198 [ 20 ] CVE-2010-0199 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199 [ 21 ] CVE-2010-0201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201 [ 22 ] CVE-2010-0202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202 [ 23 ] CVE-2010-0203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203 [ 24 ] CVE-2010-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204 [ 25 ] CVE-2010-1241 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241 [ 26 ] CVE-2010-1285 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285 [ 27 ] CVE-2010-1295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295 [ 28 ] CVE-2010-1297 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297 [ 29 ] CVE-2010-2168 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168 [ 30 ] CVE-2010-2201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201 [ 31 ] CVE-2010-2202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202 [ 32 ] CVE-2010-2203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203 [ 33 ] CVE-2010-2204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204 [ 34 ] CVE-2010-2205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205 [ 35 ] CVE-2010-2206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206 [ 36 ] CVE-2010-2207 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207 [ 37 ] CVE-2010-2208 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208 [ 38 ] CVE-2010-2209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209 [ 39 ] CVE-2010-2210 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210 [ 40 ] CVE-2010-2211 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211 [ 41 ] CVE-2010-2212 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201009-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. ----------------------------------------------------------------------
Secunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management
Free webinars
http://secunia.com/vulnerability_scanning/corporate/webinars/
TITLE: Adobe Flash Player Unspecified Code Execution Vulnerability
SECUNIA ADVISORY ID: SA40026
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/40026/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=40026
RELEASE DATE: 2010-06-05
DISCUSS ADVISORY: http://secunia.com/advisories/40026/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/40026/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=40026
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an unspecified error. No more information is currently available.
The vulnerability is reported in version 10.0.45.2 and prior 10.0.x and 9.0.x versions for Windows, Macintosh, Linux, and Solaris.
NOTE: The vulnerability is reportedly being actively exploited.
SOLUTION: Reportedly, the latest version 10.1 Release Candidate is not affected.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day.
ORIGINAL ADVISORY: Adobe: http://www.adobe.com/support/security/advisories/apsa10-01.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA10-159A
Adobe Flash, Reader, and Acrobat Vulnerability
Original release date: June 08, 2010 Last revised: -- Source: US-CERT
Systems Affected
* Adobe Flash Player 10.0.45.2 and earlier 10.x versions
* Adobe Flash Player 9.0.262 and earlier 9.x versions
* Adobe Reader 9.3.2 and earlier 9.x versions
* Adobe Acrobat 9.3.2 and earlier 9.x versions
Other Adobe products that support Flash may also be vulnerable. This
vulnerability affects Flash Player, Reader, Acrobat, and possibly other products that support Flash.
I. It may also affect other products that independently support Flash, such as Photoshop, Photoshop Lightroom, Freehand MX, and Fireworks.
An attacker could exploit this vulnerability by convincing a user to open specially crafted Flash content. Flash content is commonly hosted on a web page, but it can also be embedded in PDF and other documents or provided as a stand-alone file.
II.
III. Solution
Update
Adobe Security Advisory APSA10-01 suggests updating to the release candidate of Flash Player 10.1.
Disable Flash in your web browser
Uninstall Flash or restrict which sites are allowed to run Flash. To the extent possible, only run trusted Flash content on trusted domains. For more information, see Securing Your Web Browser.
Disable Flash in Adobe Reader and Acrobat
Disabling Flash in Adobe Reader will mitigate attacks that rely on Flash content embedded in a PDF file. Disabling 3D & Multimedia support does not directly address the vulnerability, but it does provide additional mitigation and results in a more user-friendly error message instead of a crash. To disable Flash and 3D & Multimedia support in Adobe Reader 9, delete, rename, or remove access to these files:
Microsoft Windows
"%ProgramFiles%\Adobe\Reader 9.0\Reader\authplay.dll"
"%ProgramFiles%\Adobe\Reader 9.0\Reader\rt3d.dll"
Apple Mac OS X
"/Applications/Adobe Reader 9/Adobe
Reader.app/Contents/Frameworks/AuthPlayLib.bundle"
"/Applications/Adobe Reader 9/Adobe
Reader.app/Contents/Frameworks/Adobe3D.framework"
GNU/Linux (locations may vary among distributions)
"/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so"
"/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so"
File locations may be different for Adobe Acrobat or other Adobe products that include Flash and 3D & Multimedia support. Disabling these plugins will reduce functionality and will not protect against Flash content hosted on websites. Depending on the update schedule for products other than Flash Player, consider leaving Flash and 3D & Multimedia support disabled unless they are absolutely required.
Prevent Internet Explorer from automatically opening PDF documents
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7]
"EditFlags"=hex:00,00,00,00
Disable the display of PDF documents in the web browser
Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF documents from automatically being opened in a web browser, do the following:
1.
2. Open the Edit menu.
3. Choose the Preferences option.
4. Choose the Internet section.
5. Uncheck the "Display PDF in browser" checkbox.
Disable JavaScript in Adobe Reader and Acrobat
Disabling JavaScript provides some additional protection against attacks. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Enable DEP in Microsoft Windows
Consider enabling Data Execution Prevention (DEP) in supported versions of Windows. DEP should not be treated as a complete workaround, but it can mitigate the execution of attacker-supplied code in some cases. Microsoft has published detailed technical information about DEP in Security Research & Defense blog posts "Understanding DEP as a mitigation technology" part 1 and part 2. Use of DEP should be considered in conjunction with the application of patches or other mitigations described in this document.
Do not access PDF documents from untrusted sources
Do not open unfamiliar or unexpected PDF documents, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. References
-
Security Advisory for Flash Player, Adobe Reader and Acrobat - http://www.adobe.com/support/security/advisories/apsa10-01.html
-
Adobe Labs - Flash Player 10 pre-release - http://labs.adobe.com/technologies/flashplayer10/
-
US-CERT Vulnerability Note VU#486225 - http://www.kb.cert.org/vuls/id/486225
-
Securing Your Web Browser - http://www.us-cert.gov/reading_room/securing_browser/
-
Understanding DEP as a mitigation technology part 1 - http://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx
-
Understanding DEP as a mitigation technology part 2 - http://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA10-159A.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA10-159A Feedback VU#486225" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
June 08, 2010: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBTA65yT6pPKYJORa3AQLS9wf/fh+7IwRtBvoPgn8pYeOsVheLkbVLWC3W miWUnY1acuPTwZzG5JcAldRHksFkx1j0mMEvp4PhtiTr51JFPi4XgDfrG4cEcVaw nuAqEV+hLAWZkMex/jWxBV+85tZqKN0kiUr3bq5DPsdkhjV7c2MFfS8BSxLXLuPm OFAXPT+XFldq6MJhYUOtWT1CIz6PNPfo68KmZaUThjdqkkBW3HQu90OSRf2c6M/u V6KBQf7QuhpPqYUqAZU6ZUNEfL/7g2BwvuPjUMlgE5N+Z8EYnhyhu0qDtZeLUcXA 2gH31VEr79DUHJqpb9jk61bi5Dm4gjHeLHoTAwu0IrduZzXvWncfIg== =ZPZM -----END PGP SIGNATURE----- .
-- Vendor Response: Adobe has issued an update to correct this vulnerability. More details can be found at:
http://www.adobe.com/support/security/bulletins/apsb10-15.html
-- Disclosure Timeline: 2010-03-31 - Vulnerability reported to vendor 2010-06-30 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by: * Anonymous
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
Follow the ZDI on Twitter:
http://twitter.com/thezdi
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201006-1157",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.4.z (server)"
},
{
"model": "acrobatreader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "ZDI",
"id": "ZDI-10-116"
},
{
"db": "BID",
"id": "41234"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001708"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-480"
},
{
"db": "NVD",
"id": "CVE-2010-2202"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001708"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An anonymous researcher through TippingPoint\u0027s Zero Day Initiative",
"sources": [
{
"db": "BID",
"id": "41234"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-480"
}
],
"trust": 0.9
},
"cve": "CVE-2010-2202",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-2202",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CARNEGIE MELLON",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 9.0,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 7.0,
"exploitability": "PROOF-OF-CONCEPT",
"exploitabilityScore": 8.6,
"id": "VU#486225",
"impactScore": 9.5,
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "OFFICIAL FIX",
"reportConfidence": "CONFIRMED",
"severity": "HIGH",
"targetDistribution": "NOT DEFINED",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2010-2202",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-44807",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-2202",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#486225",
"trust": 0.8,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2010-2202",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2010-2202",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201006-480",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-44807",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2010-2202",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "ZDI",
"id": "ZDI-10-116"
},
{
"db": "VULHUB",
"id": "VHN-44807"
},
{
"db": "VULMON",
"id": "CVE-2010-2202"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001708"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-480"
},
{
"db": "NVD",
"id": "CVE-2010-2202"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2207, CVE-2010-2209, CVE-2010-2210, CVE-2010-2211, and CVE-2010-2212. Adobe Reader and Acrobat Any code that could be executed or service disruption (DoS) There is a vulnerability that becomes a condition. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists when the application parses a PDF file containing a malformed CLOD Progressive Mesh Continuation Resolution Update. Specific values can cause a memory corruption during floating point operations which can be subsequently leveraged to achieve arbitrary code execution under the privileges of the current user. \nAdobe Reader and Acrobat versions prior to and including 9.3.2 and 8.2.2 are affected. \nNOTE: This issue was previously covered in BID 41130 (Adobe Acrobat and Reader Prior to 9.3.3 Multiple Remote Vulnerabilities) but has been given its own record to better document it. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/acroread \u003c 9.3.4 \u003e= 9.3.4\n\nDescription\n===========\n\nMultiple vulnerabilities were discovered in Adobe Reader. For further\ninformation please consult the CVE entries and the Adobe Security\nBulletins referenced below. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.3.4\"\n\nReferences\n==========\n\n [ 1 ] APSA10-01\n http://www.adobe.com/support/security/advisories/apsa10-01.html\n [ 2 ] APSB10-02\n http://www.adobe.com/support/security/bulletins/apsb10-02.html\n [ 3 ] APSB10-07\n http://www.adobe.com/support/security/bulletins/apsb10-07.html\n [ 4 ] APSB10-09\n http://www.adobe.com/support/security/bulletins/apsb10-09.html\n [ 5 ] APSB10-14\n http://www.adobe.com/support/security/bulletins/apsb10-14.html\n [ 6 ] APSB10-16\n http://www.adobe.com/support/security/bulletins/apsb10-16.html\n [ 7 ] CVE-2009-3953\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953\n [ 8 ] CVE-2009-4324\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324\n [ 9 ] CVE-2010-0186\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186\n [ 10 ] CVE-2010-0188\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188\n [ 11 ] CVE-2010-0190\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190\n [ 12 ] CVE-2010-0191\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191\n [ 13 ] CVE-2010-0192\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192\n [ 14 ] CVE-2010-0193\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193\n [ 15 ] CVE-2010-0194\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194\n [ 16 ] CVE-2010-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195\n [ 17 ] CVE-2010-0196\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196\n [ 18 ] CVE-2010-0197\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197\n [ 19 ] CVE-2010-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198\n [ 20 ] CVE-2010-0199\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199\n [ 21 ] CVE-2010-0201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201\n [ 22 ] CVE-2010-0202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202\n [ 23 ] CVE-2010-0203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203\n [ 24 ] CVE-2010-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204\n [ 25 ] CVE-2010-1241\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241\n [ 26 ] CVE-2010-1285\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285\n [ 27 ] CVE-2010-1295\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295\n [ 28 ] CVE-2010-1297\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297\n [ 29 ] CVE-2010-2168\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168\n [ 30 ] CVE-2010-2201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201\n [ 31 ] CVE-2010-2202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202\n [ 32 ] CVE-2010-2203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203\n [ 33 ] CVE-2010-2204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204\n [ 34 ] CVE-2010-2205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205\n [ 35 ] CVE-2010-2206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206\n [ 36 ] CVE-2010-2207\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207\n [ 37 ] CVE-2010-2208\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208\n [ 38 ] CVE-2010-2209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209\n [ 39 ] CVE-2010-2210\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210\n [ 40 ] CVE-2010-2211\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211\n [ 41 ] CVE-2010-2212\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201009-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. ----------------------------------------------------------------------\n\n\nSecunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management\n\nFree webinars\n\nhttp://secunia.com/vulnerability_scanning/corporate/webinars/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player Unspecified Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA40026\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/40026/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026\n\nRELEASE DATE:\n2010-06-05\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/40026/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/40026/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in Adobe Flash Player, which can be\nexploited by malicious people to compromise a user\u0027s system. \n\nThe vulnerability is caused due to an unspecified error. No more\ninformation is currently available. \n\nThe vulnerability is reported in version 10.0.45.2 and prior 10.0.x\nand 9.0.x versions for Windows, Macintosh, Linux, and Solaris. \n\nNOTE: The vulnerability is reportedly being actively exploited. \n\nSOLUTION:\nReportedly, the latest version 10.1 Release Candidate is not\naffected. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\nReported as a 0-day. \n\nORIGINAL ADVISORY:\nAdobe:\nhttp://www.adobe.com/support/security/advisories/apsa10-01.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n National Cyber Alert System\n\n Technical Cyber Security Alert TA10-159A\n\n\nAdobe Flash, Reader, and Acrobat Vulnerability\n\n Original release date: June 08, 2010\n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n * Adobe Flash Player 10.0.45.2 and earlier 10.x versions\n * Adobe Flash Player 9.0.262 and earlier 9.x versions\n * Adobe Reader 9.3.2 and earlier 9.x versions\n * Adobe Acrobat 9.3.2 and earlier 9.x versions\n\n Other Adobe products that support Flash may also be vulnerable. This\n vulnerability affects Flash Player, Reader, Acrobat, and possibly\n other products that support Flash. \n\n\nI. It may\n also affect other products that independently support Flash, such\n as Photoshop, Photoshop Lightroom, Freehand MX, and Fireworks. \n\n An attacker could exploit this vulnerability by convincing a user\n to open specially crafted Flash content. Flash content is commonly\n hosted on a web page, but it can also be embedded in PDF and other\n documents or provided as a stand-alone file. \n\n\nII. \n\n\nIII. Solution\n\n Update\n\n Adobe Security Advisory APSA10-01 suggests updating to the release\n candidate of Flash Player 10.1. \n\n Disable Flash in your web browser\n\n Uninstall Flash or restrict which sites are allowed to run Flash. \n To the extent possible, only run trusted Flash content on trusted\n domains. For more information, see Securing Your Web Browser. \n\n Disable Flash in Adobe Reader and Acrobat\n\n Disabling Flash in Adobe Reader will mitigate attacks that rely on\n Flash content embedded in a PDF file. Disabling 3D \u0026 Multimedia\n support does not directly address the vulnerability, but it does\n provide additional mitigation and results in a more user-friendly\n error message instead of a crash. To disable Flash and 3D \u0026\n Multimedia support in Adobe Reader 9, delete, rename, or remove\n access to these files:\n\n Microsoft Windows\n\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\authplay.dll\"\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\rt3d.dll\"\n\n Apple Mac OS X\n\n \"/Applications/Adobe Reader 9/Adobe\n Reader.app/Contents/Frameworks/AuthPlayLib.bundle\"\n \"/Applications/Adobe Reader 9/Adobe\n Reader.app/Contents/Frameworks/Adobe3D.framework\"\n\n\n GNU/Linux (locations may vary among distributions)\n\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so\"\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so\"\n\n File locations may be different for Adobe Acrobat or other Adobe\n products that include Flash and 3D \u0026 Multimedia support. Disabling\n these plugins will reduce functionality and will not protect\n against Flash content hosted on websites. Depending on the update\n schedule for products other than Flash Player, consider leaving\n Flash and 3D \u0026 Multimedia support disabled unless they are\n absolutely required. \n\n Prevent Internet Explorer from automatically opening PDF documents\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF documents in the web browser\n\n Preventing PDF documents from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF documents from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. \n\n Disable JavaScript in Adobe Reader and Acrobat\n\n Disabling JavaScript provides some additional protection against\n attacks. Acrobat JavaScript can be disabled using the Preferences\n menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable Acrobat\n JavaScript). \n\n Enable DEP in Microsoft Windows\n\n Consider enabling Data Execution Prevention (DEP) in supported\n versions of Windows. DEP should not be treated as a complete\n workaround, but it can mitigate the execution of attacker-supplied\n code in some cases. Microsoft has published detailed technical\n information about DEP in Security Research \u0026 Defense blog posts\n \"Understanding DEP as a mitigation technology\" part 1 and part 2. \n Use of DEP should be considered in conjunction with the application\n of patches or other mitigations described in this document. \n\n Do not access PDF documents from untrusted sources\n\n Do not open unfamiliar or unexpected PDF documents, particularly\n those hosted on websites or delivered as email attachments. Please\n see Cyber Security Tip ST04-010. \n\n\nIV. References\n\n * Security Advisory for Flash Player, Adobe Reader and Acrobat -\n \u003chttp://www.adobe.com/support/security/advisories/apsa10-01.html\u003e\n\n * Adobe Labs - Flash Player 10 pre-release -\n \u003chttp://labs.adobe.com/technologies/flashplayer10/\u003e\n\n * US-CERT Vulnerability Note VU#486225 -\n \u003chttp://www.kb.cert.org/vuls/id/486225\u003e\n\n * Securing Your Web Browser -\n \u003chttp://www.us-cert.gov/reading_room/securing_browser/\u003e\n\n * Understanding DEP as a mitigation technology part 1 -\n \u003chttp://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx\u003e\n\n * Understanding DEP as a mitigation technology part 2 -\n \u003chttp://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx\u003e\n\n ____________________________________________________________________\n\n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA10-159A.html\u003e\n ____________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-159A Feedback VU#486225\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n June 08, 2010: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBTA65yT6pPKYJORa3AQLS9wf/fh+7IwRtBvoPgn8pYeOsVheLkbVLWC3W\nmiWUnY1acuPTwZzG5JcAldRHksFkx1j0mMEvp4PhtiTr51JFPi4XgDfrG4cEcVaw\nnuAqEV+hLAWZkMex/jWxBV+85tZqKN0kiUr3bq5DPsdkhjV7c2MFfS8BSxLXLuPm\nOFAXPT+XFldq6MJhYUOtWT1CIz6PNPfo68KmZaUThjdqkkBW3HQu90OSRf2c6M/u\nV6KBQf7QuhpPqYUqAZU6ZUNEfL/7g2BwvuPjUMlgE5N+Z8EYnhyhu0qDtZeLUcXA\n2gH31VEr79DUHJqpb9jk61bi5Dm4gjHeLHoTAwu0IrduZzXvWncfIg==\n=ZPZM\n-----END PGP SIGNATURE-----\n. \n\n-- Vendor Response:\nAdobe has issued an update to correct this vulnerability. More\ndetails can be found at:\n\nhttp://www.adobe.com/support/security/bulletins/apsb10-15.html\n\n-- Disclosure Timeline:\n2010-03-31 - Vulnerability reported to vendor\n2010-06-30 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n * Anonymous\n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nFollow the ZDI on Twitter:\n\n http://twitter.com/thezdi",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-2202"
},
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001708"
},
{
"db": "ZDI",
"id": "ZDI-10-116"
},
{
"db": "BID",
"id": "41234"
},
{
"db": "VULHUB",
"id": "VHN-44807"
},
{
"db": "VULMON",
"id": "CVE-2010-2202"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "91349"
}
],
"trust": 3.78
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.kb.cert.org/vuls/id/486225",
"trust": 0.8,
"type": "poc"
},
{
"reference": "https://www.scap.org.cn/vuln/vhn-44807",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44807"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-2202",
"trust": 3.8
},
{
"db": "BID",
"id": "41234",
"trust": 2.3
},
{
"db": "VUPEN",
"id": "ADV-2010-1636",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1024159",
"trust": 1.2
},
{
"db": "ZDI",
"id": "ZDI-10-116",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "40026",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#486225",
"trust": 0.9
},
{
"db": "USCERT",
"id": "TA10-159A",
"trust": 0.9
},
{
"db": "USCERT",
"id": "SA10-162A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "TA10-162A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA10-159A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001708",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-721",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201006-480",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "91349",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-44807",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2010-2202",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "93607",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90322",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90516",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "ZDI",
"id": "ZDI-10-116"
},
{
"db": "VULHUB",
"id": "VHN-44807"
},
{
"db": "VULMON",
"id": "CVE-2010-2202"
},
{
"db": "BID",
"id": "41234"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001708"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "91349"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-480"
},
{
"db": "NVD",
"id": "CVE-2010-2202"
}
]
},
"id": "VAR-201006-1157",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-44807"
}
],
"trust": 0.01
},
"last_update_date": "2024-09-09T20:08:40.538000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-15",
"trust": 1.5,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"
},
{
"title": "APSB10-15",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-15.html"
},
{
"title": "RHSA-2010:0503",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0503.html"
},
{
"title": "TA10-159A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-159a.html"
},
{
"title": "TA10-162A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-162a.html"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/0xCyberY/CVE-T4PDF "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-10-116"
},
{
"db": "VULMON",
"id": "CVE-2010-2202"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001708"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44807"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001708"
},
{
"db": "NVD",
"id": "CVE-2010-2202"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"
},
{
"trust": 2.1,
"url": "http://www.securityfocus.com/bid/41234"
},
{
"trust": 2.0,
"url": "http://www.vupen.com/english/advisories/2010/1636"
},
{
"trust": 1.8,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7336"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id?1024159"
},
{
"trust": 0.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2202"
},
{
"trust": 0.8,
"url": "http://www.adobe.com/devnet/actionscript/articles/avm2overview.pdf"
},
{
"trust": 0.8,
"url": "http://labs.adobe.com/technologies/flashplayer10/"
},
{
"trust": 0.8,
"url": "http://blog.zynamics.com/2010/06/09/analyzing-the-currently-exploited-0-day-for-adobe-reader-and-adobe-flash/"
},
{
"trust": 0.8,
"url": "http://www.symantec.com/connect/blogs/analysis-zero-day-exploit-adobe-flash-and-reader"
},
{
"trust": 0.8,
"url": "http://community.websense.com/blogs/securitylabs/archive/2010/06/09/having-fun-with-adobe-0-day-exploits.aspx"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/40026"
},
{
"trust": 0.8,
"url": "http://www.f-secure.com/weblog/archives/00001962.html"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20100611-adobe.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100015.txt"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100017.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-159a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-162a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-16"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2202"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-159a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-162a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-159a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-162a.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-10-116/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/0xcybery/cve-t4pdf"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2203"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2209"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0188"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0199"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201009-05.xml"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2205"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2211"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1285"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0199"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0190"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2210"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0188"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0198"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-07.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1297"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1241"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1295"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2208"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0190"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0198"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2207"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2168"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2201"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-16.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0186"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2212"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40026/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/webinars/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40026/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/486225\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-159a.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx\u003e"
},
{
"trust": 0.1,
"url": "http://labs.adobe.com/technologies/flashplayer10/\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/reading_room/securing_browser/\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx\u003e"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-10-116"
},
{
"trust": 0.1,
"url": "http://twitter.com/thezdi"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2202"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "ZDI",
"id": "ZDI-10-116"
},
{
"db": "VULHUB",
"id": "VHN-44807"
},
{
"db": "VULMON",
"id": "CVE-2010-2202"
},
{
"db": "BID",
"id": "41234"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001708"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "91349"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-480"
},
{
"db": "NVD",
"id": "CVE-2010-2202"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "ZDI",
"id": "ZDI-10-116"
},
{
"db": "VULHUB",
"id": "VHN-44807"
},
{
"db": "VULMON",
"id": "CVE-2010-2202"
},
{
"db": "BID",
"id": "41234"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001708"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "91349"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-480"
},
{
"db": "NVD",
"id": "CVE-2010-2202"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-06-07T00:00:00",
"db": "CERT/CC",
"id": "VU#486225"
},
{
"date": "2010-06-30T00:00:00",
"db": "ZDI",
"id": "ZDI-10-116"
},
{
"date": "2010-06-30T00:00:00",
"db": "VULHUB",
"id": "VHN-44807"
},
{
"date": "2010-06-30T00:00:00",
"db": "VULMON",
"id": "CVE-2010-2202"
},
{
"date": "2010-06-29T00:00:00",
"db": "BID",
"id": "41234"
},
{
"date": "2010-07-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001708"
},
{
"date": "2010-09-08T05:23:46",
"db": "PACKETSTORM",
"id": "93607"
},
{
"date": "2010-06-07T11:14:28",
"db": "PACKETSTORM",
"id": "90322"
},
{
"date": "2010-06-12T04:47:27",
"db": "PACKETSTORM",
"id": "90516"
},
{
"date": "2010-07-01T05:08:33",
"db": "PACKETSTORM",
"id": "91349"
},
{
"date": "2010-06-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-480"
},
{
"date": "2010-06-30T18:30:01.550000",
"db": "NVD",
"id": "CVE-2010-2202"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-03-28T00:00:00",
"db": "CERT/CC",
"id": "VU#486225"
},
{
"date": "2010-06-30T00:00:00",
"db": "ZDI",
"id": "ZDI-10-116"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-44807"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2010-2202"
},
{
"date": "2010-09-07T21:52:00",
"db": "BID",
"id": "41234"
},
{
"date": "2010-07-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001708"
},
{
"date": "2010-07-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-480"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2010-2202"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "91349"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-480"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Acrobat and Reader CLOD Remote Memory Corruption Vulnerability",
"sources": [
{
"db": "BID",
"id": "41234"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-480"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201006-480"
}
],
"trust": 0.6
}
}
var-201505-0309
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3073, and CVE-2015-3074. This vulnerability CVE-2015-3060 , CVE-2015-3061 , CVE-2015-3062 , CVE-2015-3063 , CVE-2015-3064 , CVE-2015-3065 , CVE-2015-3066 , CVE-2015-3067 , CVE-2015-3068 , CVE-2015-3069 , CVE-2015-3071 , CVE-2015-3073 and CVE-2015-3074 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlBy the attacker, JavaScript API May limit the execution limit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within ADBCAnnotEnumerator. By creating a specially crafted PDF with specific JavaScript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Reader and Acrobat are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201505-0309",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-196"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002650"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-185"
},
{
"db": "NVD",
"id": "CVE-2015-3072"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002650"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-196"
}
],
"trust": 0.7
},
"cve": "CVE-2015-3072",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3072",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-3072",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-81033",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3072",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-3072",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-3072",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-185",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-81033",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-196"
},
{
"db": "VULHUB",
"id": "VHN-81033"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002650"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-185"
},
{
"db": "NVD",
"id": "CVE-2015-3072"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3073, and CVE-2015-3074. This vulnerability CVE-2015-3060 , CVE-2015-3061 , CVE-2015-3062 , CVE-2015-3063 , CVE-2015-3064 , CVE-2015-3065 , CVE-2015-3066 , CVE-2015-3067 , CVE-2015-3068 , CVE-2015-3069 , CVE-2015-3071 , CVE-2015-3073 and CVE-2015-3074 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlBy the attacker, JavaScript API May limit the execution limit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within ADBCAnnotEnumerator. By creating a specially crafted PDF with specific JavaScript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Reader and Acrobat are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3072"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002650"
},
{
"db": "ZDI",
"id": "ZDI-15-196"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "VULHUB",
"id": "VHN-81033"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3072",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-196",
"trust": 1.8
},
{
"db": "BID",
"id": "74604",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1032284",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002650",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2664",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201505-185",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-81033",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-196"
},
{
"db": "VULHUB",
"id": "VHN-81033"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002650"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-185"
},
{
"db": "NVD",
"id": "CVE-2015-3072"
}
]
},
"id": "VAR-201505-0309",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81033"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:34:02.705000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-10",
"trust": 1.5,
"url": "http://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb15-10.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150514.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-196"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002650"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-284",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81033"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002650"
},
{
"db": "NVD",
"id": "CVE-2015-3072"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/74604"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-196"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032284"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3072"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150513-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3072"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=16279"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-196"
},
{
"db": "VULHUB",
"id": "VHN-81033"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002650"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-185"
},
{
"db": "NVD",
"id": "CVE-2015-3072"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-196"
},
{
"db": "VULHUB",
"id": "VHN-81033"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002650"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-185"
},
{
"db": "NVD",
"id": "CVE-2015-3072"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-196"
},
{
"date": "2015-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-81033"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74604"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002650"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-185"
},
{
"date": "2015-05-13T11:00:06.327000",
"db": "NVD",
"id": "CVE-2015-3072"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-196"
},
{
"date": "2017-01-05T00:00:00",
"db": "VULHUB",
"id": "VHN-81033"
},
{
"date": "2015-05-15T01:17:00",
"db": "BID",
"id": "74604"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002650"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-185"
},
{
"date": "2017-01-05T20:14:38.580000",
"db": "NVD",
"id": "CVE-2015-3072"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-185"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat In JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002650"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "74604"
}
],
"trust": 0.3
}
}
var-201103-0073
Vulnerability from variot
Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content, as demonstrated by a .swf file embedded in an Excel spreadsheet, and as exploited in the wild in March 2011. Adobe Flash contains an arbitrary code execution vulnerability. Adobe Flash contains a memory corruption vulnerability that may lead to arbitrary code execution. Attacks leveraging this vulnerability have been confirmed.Crafted Flash Viewing a document with embedded content may lead to arbitrary code execution. Failed exploit attempts will likely result in denial-of-service conditions. The product enables viewing of applications, content and video across screens and browsers. Both Adobe Reader and Acrobat are products of the American company Adobe. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/
TITLE: Adobe Flash Player Unspecified Code Execution Vulnerability
SECUNIA ADVISORY ID: SA43751
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43751/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43751
RELEASE DATE: 2011-03-16
DISCUSS ADVISORY: http://secunia.com/advisories/43751/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43751/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43751
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an unspecified error. Further information is currently not available.
The vulnerability is reported in versions 10.2.152.33 and prior for Windows, Macintosh, Linux, and Solaris, versions 10.2.154.18 and prior for Chrome, and versions 10.1.106.16 and prior for Android.
NOTE: The vulnerability is reportedly being actively exploited.
SOLUTION: Adobe plans to release a fixed version during the week of March 21, 2011.
PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day.
ORIGINAL ADVISORY: http://www.adobe.com/support/security/advisories/apsa11-01.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
.
For more information: SA43751
SOLUTION: Do not browse untrusted sites. ----------------------------------------------------------------------
Meet Secunia @ Microsoft Management Summit (MMS) in Las Vegas, USA (21-25 March). This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
For more information: SA43751
SOLUTION: Updated packages are available via Red Hat Network.
SOLUTION: Delete, rename, or remove access to authplay.dll to prevent running SWF content in PDF files.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers and Adobe Security Advisories and Bulletins referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-10.3.183.10"
References
[ 1 ] APSA11-01 http://www.adobe.com/support/security/advisories/apsa11-01.html [ 2 ] APSA11-02 http://www.adobe.com/support/security/advisories/apsa11-02.html [ 3 ] APSB11-02 http://www.adobe.com/support/security/bulletins/apsb11-02.html [ 4 ] APSB11-12 http://www.adobe.com/support/security/bulletins/apsb11-12.html [ 5 ] APSB11-13 http://www.adobe.com/support/security/bulletins/apsb11-13.html [ 6 ] APSB11-21 https://www.adobe.com/support/security/bulletins/apsb11-21.html [ 7 ] APSB11-26 https://www.adobe.com/support/security/bulletins/apsb11-26.html [ 8 ] CVE-2011-0558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0558 [ 9 ] CVE-2011-0559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0559 [ 10 ] CVE-2011-0560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0560 [ 11 ] CVE-2011-0561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0561 [ 12 ] CVE-2011-0571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0571 [ 13 ] CVE-2011-0572 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0572 [ 14 ] CVE-2011-0573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0573 [ 15 ] CVE-2011-0574 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0574 [ 16 ] CVE-2011-0575 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0575 [ 17 ] CVE-2011-0577 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0577 [ 18 ] CVE-2011-0578 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0578 [ 19 ] CVE-2011-0579 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0579 [ 20 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 21 ] CVE-2011-0607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0607 [ 22 ] CVE-2011-0608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0608 [ 23 ] CVE-2011-0609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0609 [ 24 ] CVE-2011-0611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0611 [ 25 ] CVE-2011-0618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0618 [ 26 ] CVE-2011-0619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0619 [ 27 ] CVE-2011-0620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0620 [ 28 ] CVE-2011-0621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0621 [ 29 ] CVE-2011-0622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0622 [ 30 ] CVE-2011-0623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0623 [ 31 ] CVE-2011-0624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0624 [ 32 ] CVE-2011-0625 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0625 [ 33 ] CVE-2011-0626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0626 [ 34 ] CVE-2011-0627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0627 [ 35 ] CVE-2011-0628 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0628 [ 36 ] CVE-2011-2107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2107 [ 37 ] CVE-2011-2110 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2110 [ 38 ] CVE-2011-2125 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 39 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 40 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 41 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 42 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 43 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 44 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 45 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 46 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 47 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 48 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 49 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 50 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 51 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 52 ] CVE-2011-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2426 [ 53 ] CVE-2011-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2427 [ 54 ] CVE-2011-2428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2428 [ 55 ] CVE-2011-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2429 [ 56 ] CVE-2011-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2430 [ 57 ] CVE-2011-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2444
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201110-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201103-0073",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.106.16"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "11.3"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "11.2"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.2.154.13"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "air",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "2.5.1"
},
{
"model": "linux enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "chrome",
"scope": "lt",
"trust": 1.0,
"vendor": "google",
"version": "10.0.648.134"
},
{
"model": "linux enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "11.4"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adobe",
"version": null
},
{
"model": "oracle solaris",
"scope": null,
"trust": 0.8,
"vendor": "\u30aa\u30e9\u30af\u30eb",
"version": null
},
{
"model": "adobe acrobat",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c9\u30d3",
"version": null
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": "5 (server)"
},
{
"model": "rhel desktop supplementary",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"model": "red hat enterprise linux workstation supplementary",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"model": "adobe reader",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c9\u30d3",
"version": null
},
{
"model": "red hat enterprise linux server supplementary",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"model": "adobe flash player",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c9\u30d3",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "opensolaris build snv 134",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.12.35"
},
{
"model": "opensolaris build snv 41",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 104",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 83",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.152.21"
},
{
"model": "opensolaris build snv 106",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 131",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 56",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 95",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 38",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "opensolaris build snv 126",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "opensolaris build snv 125",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "opensolaris build snv 133",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 54",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 129",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 93",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 151",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.95.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.95.2"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.25"
},
{
"model": "opensolaris build snv 35",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.152.33"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "opensolaris build snv 134a",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.51.66"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.13"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "opensolaris build snv 76",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 130",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 121",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "opensolaris build snv 84",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.0.2.12610"
},
{
"model": "opensolaris build snv 101a",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "opensolaris build snv 105",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 99",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 111a",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "opensolaris build snv 87",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 88",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris express",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "10"
},
{
"model": "air",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2.6"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.0.4"
},
{
"model": "opensolaris build snv 98",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.1"
},
{
"model": "opensolaris build snv 117",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 58",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "opensolaris build snv 111",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "acrobat professional extended",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "opensolaris build snv 113",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "opensolaris build snv 100",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "opensolaris build snv 124",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 118",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "opensolaris build snv 123",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "opensolaris build snv 59",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 49",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.154.18"
},
{
"model": "opensolaris build snv 57",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.32.18"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.3"
},
{
"model": "opensolaris build snv 86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 22",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 114",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "opensolaris build snv 112",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 81",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.12.36"
},
{
"model": "opensolaris build snv 119",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 128",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 103",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.01"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3218"
},
{
"model": "opensolaris build snv 85",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 19",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.1"
},
{
"model": "opensolaris build snv 107",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.53.64"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "opensolaris build snv 45",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.3.9130"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.3.9120"
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 96",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 110",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 71",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "opensolaris build snv 78",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "opensolaris build snv 108",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "opensolaris build snv 28",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "opensolaris snv 151a",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 13",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.22.87"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "opensolaris build snv 132",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.85.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "opensolaris build snv 91",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.82.76"
},
{
"model": "opensolaris build snv 36",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 89",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "opensolaris build snv 47",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 39",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 48",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.452"
},
{
"model": "opensolaris build snv 64",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 137",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.0.3"
},
{
"model": "opensolaris build snv 94",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "opensolaris build snv 37",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.0"
},
{
"model": "opensolaris build snv 101",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.15.3"
},
{
"model": "opensolaris build snv 122",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 115",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 90",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "opensolaris build snv 68",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 109",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10"
},
{
"model": "opensolaris build snv 74",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "opensolaris build snv 67",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 120",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "opensolaris build snv 51",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.105.6"
},
{
"model": "opensolaris build snv 50",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "opensolaris build snv 136",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.42.34"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.156.12"
},
{
"model": "opensolaris build snv 102",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "opensolaris build snv 02",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "flash player release candida",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "opensolaris build snv 77",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 61",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 111b",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.92.10"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "opensolaris build snv 116",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.106.16"
},
{
"model": "opensolaris build snv 127",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.2.153.1"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "opensolaris build snv 80",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 82",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 135",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.102.65"
},
{
"model": "opensolaris build snv 01",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 92",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 29",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.102.64"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#192052"
},
{
"db": "BID",
"id": "46860"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001385"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-206"
},
{
"db": "NVD",
"id": "CVE-2011-0609"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "99347"
},
{
"db": "PACKETSTORM",
"id": "99340"
},
{
"db": "PACKETSTORM",
"id": "99659"
},
{
"db": "PACKETSTORM",
"id": "99357"
}
],
"trust": 0.4
},
"cve": "CVE-2011-0609",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2011-0609",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-48554",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2011-0609",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2011-0609",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-0609",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#192052",
"trust": 0.8,
"value": "32.81"
},
{
"author": "NVD",
"id": "CVE-2011-0609",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201103-206",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-48554",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2011-0609",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#192052"
},
{
"db": "VULHUB",
"id": "VHN-48554"
},
{
"db": "VULMON",
"id": "CVE-2011-0609"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001385"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-206"
},
{
"db": "NVD",
"id": "CVE-2011-0609"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content, as demonstrated by a .swf file embedded in an Excel spreadsheet, and as exploited in the wild in March 2011. Adobe Flash contains an arbitrary code execution vulnerability. Adobe Flash contains a memory corruption vulnerability that may lead to arbitrary code execution. Attacks leveraging this vulnerability have been confirmed.Crafted Flash Viewing a document with embedded content may lead to arbitrary code execution. Failed exploit attempts will likely result in denial-of-service conditions. The product enables viewing of applications, content and video across screens and browsers. Both Adobe Reader and Acrobat are products of the American company Adobe. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player Unspecified Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA43751\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43751/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43751\n\nRELEASE DATE:\n2011-03-16\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43751/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43751/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43751\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in Adobe Flash Player, which can be\nexploited by malicious people to compromise a user\u0027s system. \n\nThe vulnerability is caused due to an unspecified error. Further\ninformation is currently not available. \n\nThe vulnerability is reported in versions 10.2.152.33 and prior for\nWindows, Macintosh, Linux, and Solaris, versions 10.2.154.18 and\nprior for Chrome, and versions 10.1.106.16 and prior for Android. \n\nNOTE: The vulnerability is reportedly being actively exploited. \n\nSOLUTION:\nAdobe plans to release a fixed version during the week of March 21,\n2011. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported as a 0-day. \n\nORIGINAL ADVISORY:\nhttp://www.adobe.com/support/security/advisories/apsa11-01.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\nFor more information:\nSA43751\n\nSOLUTION:\nDo not browse untrusted sites. ----------------------------------------------------------------------\n\n\nMeet Secunia @ Microsoft Management Summit (MMS) in Las Vegas, USA (21-25 March). This fixes a\nvulnerability, which can be exploited by malicious people to\ncompromise a user\u0027s system. \n\nFor more information:\nSA43751\n\nSOLUTION:\nUpdated packages are available via Red Hat Network. \n\nSOLUTION:\nDelete, rename, or remove access to authplay.dll to prevent running\nSWF content in PDF files. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers and Adobe Security Advisories and\nBulletins referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-10.3.183.10\"\n\nReferences\n==========\n\n[ 1 ] APSA11-01\n http://www.adobe.com/support/security/advisories/apsa11-01.html\n[ 2 ] APSA11-02\n http://www.adobe.com/support/security/advisories/apsa11-02.html\n[ 3 ] APSB11-02\n http://www.adobe.com/support/security/bulletins/apsb11-02.html\n[ 4 ] APSB11-12\n http://www.adobe.com/support/security/bulletins/apsb11-12.html\n[ 5 ] APSB11-13\n http://www.adobe.com/support/security/bulletins/apsb11-13.html\n[ 6 ] APSB11-21\n https://www.adobe.com/support/security/bulletins/apsb11-21.html\n[ 7 ] APSB11-26\n https://www.adobe.com/support/security/bulletins/apsb11-26.html\n[ 8 ] CVE-2011-0558\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0558\n[ 9 ] CVE-2011-0559\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0559\n[ 10 ] CVE-2011-0560\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0560\n[ 11 ] CVE-2011-0561\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0561\n[ 12 ] CVE-2011-0571\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0571\n[ 13 ] CVE-2011-0572\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0572\n[ 14 ] CVE-2011-0573\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0573\n[ 15 ] CVE-2011-0574\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0574\n[ 16 ] CVE-2011-0575\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0575\n[ 17 ] CVE-2011-0577\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0577\n[ 18 ] CVE-2011-0578\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0578\n[ 19 ] CVE-2011-0579\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0579\n[ 20 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 21 ] CVE-2011-0607\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0607\n[ 22 ] CVE-2011-0608\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0608\n[ 23 ] CVE-2011-0609\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0609\n[ 24 ] CVE-2011-0611\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0611\n[ 25 ] CVE-2011-0618\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0618\n[ 26 ] CVE-2011-0619\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0619\n[ 27 ] CVE-2011-0620\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0620\n[ 28 ] CVE-2011-0621\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0621\n[ 29 ] CVE-2011-0622\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0622\n[ 30 ] CVE-2011-0623\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0623\n[ 31 ] CVE-2011-0624\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0624\n[ 32 ] CVE-2011-0625\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0625\n[ 33 ] CVE-2011-0626\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0626\n[ 34 ] CVE-2011-0627\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0627\n[ 35 ] CVE-2011-0628\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0628\n[ 36 ] CVE-2011-2107\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2107\n[ 37 ] CVE-2011-2110\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2110\n[ 38 ] CVE-2011-2125\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 39 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 40 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 41 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 42 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 43 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 44 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 45 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 46 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 47 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 48 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 49 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 50 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 51 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 52 ] CVE-2011-2426\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2426\n[ 53 ] CVE-2011-2427\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2427\n[ 54 ] CVE-2011-2428\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2428\n[ 55 ] CVE-2011-2429\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2429\n[ 56 ] CVE-2011-2430\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2430\n[ 57 ] CVE-2011-2444\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2444\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201110-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2011 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0609"
},
{
"db": "CERT/CC",
"id": "VU#192052"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001385"
},
{
"db": "BID",
"id": "46860"
},
{
"db": "VULHUB",
"id": "VHN-48554"
},
{
"db": "VULMON",
"id": "CVE-2011-0609"
},
{
"db": "PACKETSTORM",
"id": "99347"
},
{
"db": "PACKETSTORM",
"id": "99340"
},
{
"db": "PACKETSTORM",
"id": "99659"
},
{
"db": "PACKETSTORM",
"id": "99357"
},
{
"db": "PACKETSTORM",
"id": "105802"
}
],
"trust": 3.24
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-48554",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=17027",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48554"
},
{
"db": "VULMON",
"id": "CVE-2011-0609"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-0609",
"trust": 4.6
},
{
"db": "BID",
"id": "46860",
"trust": 2.9
},
{
"db": "CERT/CC",
"id": "VU#192052",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "43856",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "43751",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "43772",
"trust": 2.1
},
{
"db": "SECTRACK",
"id": "1025210",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1025211",
"trust": 2.0
},
{
"db": "VUPEN",
"id": "ADV-2011-0732",
"trust": 2.0
},
{
"db": "VUPEN",
"id": "ADV-2011-0656",
"trust": 2.0
},
{
"db": "VUPEN",
"id": "ADV-2011-0655",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "43757",
"trust": 1.3
},
{
"db": "SECTRACK",
"id": "1025238",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2011-0688",
"trust": 1.2
},
{
"db": "SREASON",
"id": "8152",
"trust": 1.2
},
{
"db": "XF",
"id": "66078",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001385",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201103-206",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "16586",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "17027",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "99639",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-71506",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-48554",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2011-0609",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99347",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99340",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99659",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99357",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "105802",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#192052"
},
{
"db": "VULHUB",
"id": "VHN-48554"
},
{
"db": "VULMON",
"id": "CVE-2011-0609"
},
{
"db": "BID",
"id": "46860"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001385"
},
{
"db": "PACKETSTORM",
"id": "99347"
},
{
"db": "PACKETSTORM",
"id": "99340"
},
{
"db": "PACKETSTORM",
"id": "99659"
},
{
"db": "PACKETSTORM",
"id": "99357"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-206"
},
{
"db": "NVD",
"id": "CVE-2011-0609"
}
]
},
"id": "VAR-201103-0073",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48554"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:50:00.010000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "RHSA-2011",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/advisories/apsa11-01.html"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2011/03/14/adobe_flash_reader_emergency_patch/"
},
{
"title": "Known Exploited Vulnerabilities Detector",
"trust": 0.1,
"url": "https://github.com/Ostorlab/KEV "
},
{
"title": "Securelist",
"trust": 0.1,
"url": "https://securelist.com/investigation-report-for-the-september-2014-equation-malware-detection-incident-in-the-us/83210/"
},
{
"title": "Securelist",
"trust": 0.1,
"url": "https://securelist.com/kaspersky-security-bulletin-malware-evolution-2011/36494/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/apec-host-committee-spear-phished-china-112211/75923/"
},
{
"title": "Securelist",
"trust": 0.1,
"url": "https://securelist.com/monthly-malware-statistics-march-2011/36352/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/emc-buys-security-firm-netwitness-040411/75101/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/rsa-securid-attack-was-phishing-excel-spreadsheet-040111/75099/"
},
{
"title": "Securelist",
"trust": 0.1,
"url": "https://securelist.com/adobe-fix-for-cve-2011-0609/29772/"
},
{
"title": "Securelist",
"trust": 0.1,
"url": "https://securelist.com/new-adobe-zero-day-under-attack/29765/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/adobe-warns-attacks-critical-flash-player-bug-031411/75026/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2011-0609"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001385"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001385"
},
{
"db": "NVD",
"id": "CVE-2011-0609"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "http://www.adobe.com/support/security/advisories/apsa11-01.html"
},
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/46860"
},
{
"trust": 2.3,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-06.html"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/192052"
},
{
"trust": 2.1,
"url": "http://blogs.adobe.com/asset/2011/03/background-on-apsa11-01-patch-schedule.html"
},
{
"trust": 2.0,
"url": "http://www.securitytracker.com/id?1025210"
},
{
"trust": 2.0,
"url": "http://www.securitytracker.com/id?1025211"
},
{
"trust": 2.0,
"url": "http://secunia.com/advisories/43751"
},
{
"trust": 2.0,
"url": "http://secunia.com/advisories/43772"
},
{
"trust": 2.0,
"url": "http://secunia.com/advisories/43856"
},
{
"trust": 2.0,
"url": "http://www.vupen.com/english/advisories/2011/0655"
},
{
"trust": 2.0,
"url": "http://www.vupen.com/english/advisories/2011/0656"
},
{
"trust": 2.0,
"url": "http://www.vupen.com/english/advisories/2011/0732"
},
{
"trust": 1.2,
"url": "http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates_15.html"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14147"
},
{
"trust": 1.2,
"url": "http://www.redhat.com/support/errata/rhsa-2011-0372.html"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id?1025238"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/43757"
},
{
"trust": 1.2,
"url": "http://securityreason.com/securityalert/8152"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2011/0688"
},
{
"trust": 1.2,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66078"
},
{
"trust": 1.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-05.html"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/b/mmpc/archive/2011/03/17/a-technical-analysis-on-the-cve-2011-0609-adobe-flash-player-vulnerability.aspx"
},
{
"trust": 0.8,
"url": "http://bugix-security.blogspot.com/2011/03/cve-2011-0609-adobe-flash-player.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu192052"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0609"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2011/at110007.txt"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.8,
"url": "https://cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20110322-adobe.html"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/66078"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/16586"
},
{
"trust": 0.4,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.4,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.3,
"url": "http://blogs.oracle.com/sunsecurity/entry/cve_2011_0609_vulnerability_in"
},
{
"trust": 0.3,
"url": "http://blogs.technet.com/b/srd/archive/2011/03/17/blocking-exploit-attempts-of-the-recent-flash-0-day.aspx"
},
{
"trust": 0.3,
"url": "http://secunia.com/products/corporate/vim/section_179/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://packetstormsecurity.com/files/99639/adobe-flash-player-avm-bytecode-verification.html"
},
{
"trust": 0.1,
"url": "https://threatpost.com/adobe-warns-attacks-critical-flash-player-bug-031411/75026/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/17027/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43751/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43751/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43751"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43757/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43757/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43757"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43856"
},
{
"trust": 0.1,
"url": "http://secunia.com/company/events/mms_2011/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43856/#comments"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-0372.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43856/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43772/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43772/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43772"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0579"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0574"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0625"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0575"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0558"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0572"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2444"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0623"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0560"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0620"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0621"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0560"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2107"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2429"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2110"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0628"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0574"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0573"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0575"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0571"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0559"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb11-21.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2426"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0620"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0579"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-13.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0578"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0611"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-12.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0573"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0561"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0572"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0619"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0561"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0558"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0578"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0623"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0621"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0577"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0627"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2428"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa11-02.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0619"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb11-26.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0628"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0607"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2430"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2427"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201110-11.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0559"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0625"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0571"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0611"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0577"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#192052"
},
{
"db": "VULHUB",
"id": "VHN-48554"
},
{
"db": "VULMON",
"id": "CVE-2011-0609"
},
{
"db": "BID",
"id": "46860"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001385"
},
{
"db": "PACKETSTORM",
"id": "99347"
},
{
"db": "PACKETSTORM",
"id": "99340"
},
{
"db": "PACKETSTORM",
"id": "99659"
},
{
"db": "PACKETSTORM",
"id": "99357"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-206"
},
{
"db": "NVD",
"id": "CVE-2011-0609"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#192052"
},
{
"db": "VULHUB",
"id": "VHN-48554"
},
{
"db": "VULMON",
"id": "CVE-2011-0609"
},
{
"db": "BID",
"id": "46860"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001385"
},
{
"db": "PACKETSTORM",
"id": "99347"
},
{
"db": "PACKETSTORM",
"id": "99340"
},
{
"db": "PACKETSTORM",
"id": "99659"
},
{
"db": "PACKETSTORM",
"id": "99357"
},
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-206"
},
{
"db": "NVD",
"id": "CVE-2011-0609"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-03-15T00:00:00",
"db": "CERT/CC",
"id": "VU#192052"
},
{
"date": "2011-03-15T00:00:00",
"db": "VULHUB",
"id": "VHN-48554"
},
{
"date": "2011-03-15T00:00:00",
"db": "VULMON",
"id": "CVE-2011-0609"
},
{
"date": "2011-03-14T00:00:00",
"db": "BID",
"id": "46860"
},
{
"date": "2011-04-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001385"
},
{
"date": "2011-03-15T06:15:43",
"db": "PACKETSTORM",
"id": "99347"
},
{
"date": "2011-03-15T06:15:24",
"db": "PACKETSTORM",
"id": "99340"
},
{
"date": "2011-03-23T03:40:25",
"db": "PACKETSTORM",
"id": "99659"
},
{
"date": "2011-03-15T08:23:10",
"db": "PACKETSTORM",
"id": "99357"
},
{
"date": "2011-10-14T06:16:06",
"db": "PACKETSTORM",
"id": "105802"
},
{
"date": "2011-03-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201103-206"
},
{
"date": "2011-03-15T17:55:03.827000",
"db": "NVD",
"id": "CVE-2011-0609"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-03-22T00:00:00",
"db": "CERT/CC",
"id": "VU#192052"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-48554"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2011-0609"
},
{
"date": "2013-06-20T09:41:00",
"db": "BID",
"id": "46860"
},
{
"date": "2024-07-05T01:29:00",
"db": "JVNDB",
"id": "JVNDB-2011-001385"
},
{
"date": "2011-07-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201103-206"
},
{
"date": "2024-06-28T14:20:56.560000",
"db": "NVD",
"id": "CVE-2011-0609"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "105802"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-206"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player contains unspecified code execution vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#192052"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201103-206"
}
],
"trust": 0.6
}
}
var-201309-0156
Vulnerability from variot
Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3352 and CVE-2013-3354. Adobe Acrobat and Reader are prone to an unspecified memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Note: This issue is previously discussed in BID 62293 (Adobe Acrobat and Reader APSB13-22 Multiple Remote Code Execution Vulnerabilities), but has been moved to its own record for better documentation. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201309-0156",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 2.2,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 2.2,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 2.2,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.04)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.8)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.04)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.8)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "x10.1.8"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "x10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "x11.0.3"
},
{
"model": "reader xi",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat xi",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
}
],
"sources": [
{
"db": "BID",
"id": "62435"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004080"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-150"
},
{
"db": "NVD",
"id": "CVE-2013-3355"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004080"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mateusz Jurczyk and Gynvael Coldwind of the Google Security Team",
"sources": [
{
"db": "BID",
"id": "62435"
}
],
"trust": 0.3
},
"cve": "CVE-2013-3355",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2013-3355",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-63357",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-3355",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2013-3355",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201309-150",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-63357",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63357"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004080"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-150"
},
{
"db": "NVD",
"id": "CVE-2013-3355"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3352 and CVE-2013-3354. Adobe Acrobat and Reader are prone to an unspecified memory-corruption vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. \nNote: This issue is previously discussed in BID 62293 (Adobe Acrobat and Reader APSB13-22 Multiple Remote Code Execution Vulnerabilities), but has been moved to its own record for better documentation. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3355"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004080"
},
{
"db": "BID",
"id": "62435"
},
{
"db": "VULHUB",
"id": "VHN-63357"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-3355",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004080",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201309-150",
"trust": 0.7
},
{
"db": "BID",
"id": "62435",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-63357",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63357"
},
{
"db": "BID",
"id": "62435"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004080"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-150"
},
{
"db": "NVD",
"id": "CVE-2013-3355"
}
]
},
"id": "VAR-201309-0156",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-63357"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T14:21:16.759000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB13-22",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-22.html"
},
{
"title": "APSB13-22 (cq09051858)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/acrobat/kb/cq09051858.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20130912.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004080"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63357"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004080"
},
{
"db": "NVD",
"id": "CVE-2013-3355"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-22.html"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a18826"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3355"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20130911-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2013/at130039.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3355"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=12255"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63357"
},
{
"db": "BID",
"id": "62435"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004080"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-150"
},
{
"db": "NVD",
"id": "CVE-2013-3355"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-63357"
},
{
"db": "BID",
"id": "62435"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004080"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-150"
},
{
"db": "NVD",
"id": "CVE-2013-3355"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-09-12T00:00:00",
"db": "VULHUB",
"id": "VHN-63357"
},
{
"date": "2013-09-10T00:00:00",
"db": "BID",
"id": "62435"
},
{
"date": "2013-09-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004080"
},
{
"date": "2013-09-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201309-150"
},
{
"date": "2013-09-12T13:28:24.513000",
"db": "NVD",
"id": "CVE-2013-3355"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-63357"
},
{
"date": "2013-09-10T00:00:00",
"db": "BID",
"id": "62435"
},
{
"date": "2013-09-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004080"
},
{
"date": "2013-09-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201309-150"
},
{
"date": "2017-09-19T01:36:40.640000",
"db": "NVD",
"id": "CVE-2013-3355"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201309-150"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004080"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201309-150"
}
],
"trust": 0.6
}
}
var-201004-0128
Vulnerability from variot
Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0198, CVE-2010-0202, and CVE-2010-0203. Adobe Reader and Acrobat Contains a buffer overflow vulnerability. This vulnerability CVE-2010-0198 , CVE-2010-0202 and CVE-2010-0203 Is a different vulnerability.An attacker could execute arbitrary code. Attackers can exploit these issues to steal cookie-based authentication credentials, cause a denial-of-service, or execute arbitrary code in the context of the user running an affected application.
I. These vulnerabilities affect Reader and Acrobat 9.3.1 and earlier 9.x versions, and 8.2.1 and earlier versions.
An attacker could exploit these vulnerabilities by convincing a user to open a specially crafted PDF file. The Adobe Reader browser plug-in is available for multiple web browsers and operating systems, which can automatically open PDF documents hosted on a website.
II.
III. For a fresh installation, first install Adobe Reader 9.3.0 or 8.2.0 and then use the automatic update feature or install the appropriate update referenced in APSB10-09. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Adobe provides a framework to blacklist specific JavaScipt APIs. If JavaScript must be enabled, this feature may be useful when specific APIs are known to be vulnerable or used in attacks.
Prevent Internet Explorer from automatically opening PDF documents
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7] "EditFlags"=hex:00,00,00,00
Disable the display of PDF documents in the web browser
Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF documents from automatically being opened in a web browser, do the following:
- Open the Edit menu.
- Choose the Preferences option.
- Choose the Internet section.
- Uncheck the "Display PDF in browser" checkbox.
Do not access PDF documents from untrusted sources
Do not open unfamiliar or unexpected PDF documents, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. Please send email to cert@cert.org with "TA10-103C Feedback VU#352598" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
April 13, 2010: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBS8TuRj6pPKYJORa3AQJfzggAj8p3s/TrJT16ceFtRzLR31QBgRq6GxYr h8WnsGlj2WR71XjH219XaWx9Mj3KBWVxbAsNPmK0tEir7KA+n4DwZCewTDYRqfYs 8N7G9MOI68Z87+7zBiZAo0j5/lQuxLWyTF9PqWbX8gCWLqJWW46cEZCqg7OGRbYt w8coxdMXU6tM3WGoWAIKwLRtpQUdubcITPTrE7RATyLJ1422B9dkTSeSCuHHZs5d eXSPYzTQ1EOwHpuA5/a/or2SjeRPLQcpxb/8WKelSqwW3hpK4zviEnPt4cYyeNqW BQY06OQMTKch/nmniuEDuiwe69m0gTw7Tw2Dm6xrg6BLBy3A6GAwkQ== =CQ6i -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201009-05
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: September 07, 2010 Bugs: #297385, #306429, #313343, #322857 ID: 201009-05
Synopsis
Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code or other attacks. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.3.4"
References
[ 1 ] APSA10-01 http://www.adobe.com/support/security/advisories/apsa10-01.html [ 2 ] APSB10-02 http://www.adobe.com/support/security/bulletins/apsb10-02.html [ 3 ] APSB10-07 http://www.adobe.com/support/security/bulletins/apsb10-07.html [ 4 ] APSB10-09 http://www.adobe.com/support/security/bulletins/apsb10-09.html [ 5 ] APSB10-14 http://www.adobe.com/support/security/bulletins/apsb10-14.html [ 6 ] APSB10-16 http://www.adobe.com/support/security/bulletins/apsb10-16.html [ 7 ] CVE-2009-3953 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953 [ 8 ] CVE-2009-4324 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324 [ 9 ] CVE-2010-0186 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186 [ 10 ] CVE-2010-0188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188 [ 11 ] CVE-2010-0190 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190 [ 12 ] CVE-2010-0191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191 [ 13 ] CVE-2010-0192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192 [ 14 ] CVE-2010-0193 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193 [ 15 ] CVE-2010-0194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194 [ 16 ] CVE-2010-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195 [ 17 ] CVE-2010-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196 [ 18 ] CVE-2010-0197 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197 [ 19 ] CVE-2010-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198 [ 20 ] CVE-2010-0199 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199 [ 21 ] CVE-2010-0201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201 [ 22 ] CVE-2010-0202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202 [ 23 ] CVE-2010-0203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203 [ 24 ] CVE-2010-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204 [ 25 ] CVE-2010-1241 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241 [ 26 ] CVE-2010-1285 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285 [ 27 ] CVE-2010-1295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295 [ 28 ] CVE-2010-1297 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297 [ 29 ] CVE-2010-2168 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168 [ 30 ] CVE-2010-2201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201 [ 31 ] CVE-2010-2202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202 [ 32 ] CVE-2010-2203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203 [ 33 ] CVE-2010-2204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204 [ 34 ] CVE-2010-2205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205 [ 35 ] CVE-2010-2206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206 [ 36 ] CVE-2010-2207 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207 [ 37 ] CVE-2010-2208 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208 [ 38 ] CVE-2010-2209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209 [ 39 ] CVE-2010-2210 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210 [ 40 ] CVE-2010-2211 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211 [ 41 ] CVE-2010-2212 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201009-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. They are used to create, view, search, digitally sign, verify, print, and collaborate on Adobe PDF files."
II. Binary Analysis & Proof-of-concept
In-depth binary analysis of the vulnerability and a code execution exploit with DEP bypass have been released by VUPEN through the VUPEN Binary Analysis & Exploits Service :
http://www.vupen.com/exploits/
V.
VI. CREDIT
The vulnerability was discovered by Nicolas Joly of VUPEN Security
VII. ABOUT VUPEN Security
VUPEN is a leading IT security research company providing vulnerability management and security intelligence solutions which enable enterprises and institutions to eliminate vulnerabilities before they can be exploited, ensure security policy compliance and meaningfully measure and manage risks.
Governmental and federal agencies, and global enterprises in the financial services, insurance, manufacturing and technology industries rely on VUPEN to improve their security, prioritize resources, cut time and costs, and stay ahead of the latest threats.
- VUPEN Vulnerability Notification Service:
http://www.vupen.com/english/services/
- VUPEN Binary Analysis & Exploits Service :
http://www.vupen.com/exploits/
VIII. REFERENCES
http://www.vupen.com/english/advisories/2010/0873 http://www.adobe.com/support/security/bulletins/apsb10-09.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199
IX. DISCLOSURE TIMELINE
2010-03-16 - Vendor notified 2010-03-16 - Vendor response 2010-04-07 - Status update received 2010-04-13 - Coordinated public Disclosure
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201004-0128",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 2.2,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 2.2,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 2.2,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.4.z (server)"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0"
}
],
"sources": [
{
"db": "BID",
"id": "39511"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001355"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-252"
},
{
"db": "NVD",
"id": "CVE-2010-0199"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001355"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Billy Rios and Microsoft Vulnerability Research (MSVR), Aki Helin of Oulu University Secure Programming Group, Microsoft Vulnerability Research Program (MSVR), Bing Liu of Fortinet\u0027s FortiGuard Labs, an anonymous researcher reported through TippingPoint\u0026a",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-252"
}
],
"trust": 0.6
},
"cve": "CVE-2010-0199",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-0199",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-42804",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-0199",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2010-0199",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201004-252",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-42804",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42804"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001355"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-252"
},
{
"db": "NVD",
"id": "CVE-2010-0199"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0198, CVE-2010-0202, and CVE-2010-0203. Adobe Reader and Acrobat Contains a buffer overflow vulnerability. This vulnerability CVE-2010-0198 , CVE-2010-0202 and CVE-2010-0203 Is a different vulnerability.An attacker could execute arbitrary code. \nAttackers can exploit these issues to steal cookie-based authentication credentials, cause a denial-of-service, or execute arbitrary code in the context of the user running an affected application. \n\n\nI. These\n vulnerabilities affect Reader and Acrobat 9.3.1 and earlier 9.x\n versions, and 8.2.1 and earlier versions. \n\n An attacker could exploit these vulnerabilities by convincing a\n user to open a specially crafted PDF file. The Adobe Reader browser\n plug-in is available for multiple web browsers and operating\n systems, which can automatically open PDF documents hosted on a\n website. \n\n\nII. \n\n\nIII. For a fresh installation, first install\n Adobe Reader 9.3.0 or 8.2.0 and then use the automatic update\n feature or install the appropriate update referenced in APSB10-09. Acrobat JavaScript can be disabled using the\n Preferences menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable\n Acrobat JavaScript). \n\n Adobe provides a framework to blacklist specific JavaScipt APIs. If\n JavaScript must be enabled, this feature may be useful when\n specific APIs are known to be vulnerable or used in attacks. \n\n Prevent Internet Explorer from automatically opening PDF documents\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF documents in the web browser\n\n Preventing PDF documents from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF documents from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. \n\n Do not access PDF documents from untrusted sources\n\n Do not open unfamiliar or unexpected PDF documents, particularly\n those hosted on websites or delivered as email attachments. Please\n see Cyber Security Tip ST04-010. \n\n\nIV. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-103C Feedback VU#352598\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n April 13, 2010: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBS8TuRj6pPKYJORa3AQJfzggAj8p3s/TrJT16ceFtRzLR31QBgRq6GxYr\nh8WnsGlj2WR71XjH219XaWx9Mj3KBWVxbAsNPmK0tEir7KA+n4DwZCewTDYRqfYs\n8N7G9MOI68Z87+7zBiZAo0j5/lQuxLWyTF9PqWbX8gCWLqJWW46cEZCqg7OGRbYt\nw8coxdMXU6tM3WGoWAIKwLRtpQUdubcITPTrE7RATyLJ1422B9dkTSeSCuHHZs5d\neXSPYzTQ1EOwHpuA5/a/or2SjeRPLQcpxb/8WKelSqwW3hpK4zviEnPt4cYyeNqW\nBQY06OQMTKch/nmniuEDuiwe69m0gTw7Tw2Dm6xrg6BLBy3A6GAwkQ==\n=CQ6i\n-----END PGP SIGNATURE-----\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201009-05\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: September 07, 2010\n Bugs: #297385, #306429, #313343, #322857\n ID: 201009-05\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might result in the execution\nof arbitrary code or other attacks. For further\ninformation please consult the CVE entries and the Adobe Security\nBulletins referenced below. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.3.4\"\n\nReferences\n==========\n\n [ 1 ] APSA10-01\n http://www.adobe.com/support/security/advisories/apsa10-01.html\n [ 2 ] APSB10-02\n http://www.adobe.com/support/security/bulletins/apsb10-02.html\n [ 3 ] APSB10-07\n http://www.adobe.com/support/security/bulletins/apsb10-07.html\n [ 4 ] APSB10-09\n http://www.adobe.com/support/security/bulletins/apsb10-09.html\n [ 5 ] APSB10-14\n http://www.adobe.com/support/security/bulletins/apsb10-14.html\n [ 6 ] APSB10-16\n http://www.adobe.com/support/security/bulletins/apsb10-16.html\n [ 7 ] CVE-2009-3953\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953\n [ 8 ] CVE-2009-4324\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324\n [ 9 ] CVE-2010-0186\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186\n [ 10 ] CVE-2010-0188\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188\n [ 11 ] CVE-2010-0190\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190\n [ 12 ] CVE-2010-0191\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191\n [ 13 ] CVE-2010-0192\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192\n [ 14 ] CVE-2010-0193\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193\n [ 15 ] CVE-2010-0194\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194\n [ 16 ] CVE-2010-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195\n [ 17 ] CVE-2010-0196\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196\n [ 18 ] CVE-2010-0197\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197\n [ 19 ] CVE-2010-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198\n [ 20 ] CVE-2010-0199\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199\n [ 21 ] CVE-2010-0201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201\n [ 22 ] CVE-2010-0202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202\n [ 23 ] CVE-2010-0203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203\n [ 24 ] CVE-2010-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204\n [ 25 ] CVE-2010-1241\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241\n [ 26 ] CVE-2010-1285\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285\n [ 27 ] CVE-2010-1295\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295\n [ 28 ] CVE-2010-1297\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297\n [ 29 ] CVE-2010-2168\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168\n [ 30 ] CVE-2010-2201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201\n [ 31 ] CVE-2010-2202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202\n [ 32 ] CVE-2010-2203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203\n [ 33 ] CVE-2010-2204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204\n [ 34 ] CVE-2010-2205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205\n [ 35 ] CVE-2010-2206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206\n [ 36 ] CVE-2010-2207\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207\n [ 37 ] CVE-2010-2208\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208\n [ 38 ] CVE-2010-2209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209\n [ 39 ] CVE-2010-2210\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210\n [ 40 ] CVE-2010-2211\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211\n [ 41 ] CVE-2010-2212\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201009-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. They are used to create, view, search, digitally\nsign, verify, print, and collaborate on Adobe PDF files.\"\n\n\nII. Binary Analysis \u0026 Proof-of-concept\n---------------------------------------\n\nIn-depth binary analysis of the vulnerability and a code execution\nexploit with DEP bypass have been released by VUPEN through the\nVUPEN Binary Analysis \u0026 Exploits Service :\n\nhttp://www.vupen.com/exploits/\n\n\nV. \n\n\nVI. CREDIT\n--------------\n\nThe vulnerability was discovered by Nicolas Joly of VUPEN Security\n\n\nVII. ABOUT VUPEN Security\n--------------------------------\n\nVUPEN is a leading IT security research company providing vulnerability\nmanagement and security intelligence solutions which enable enterprises\nand institutions to eliminate vulnerabilities before they can be exploited,\nensure security policy compliance and meaningfully measure and manage risks. \n\nGovernmental and federal agencies, and global enterprises in the financial\nservices, insurance, manufacturing and technology industries rely on VUPEN\nto improve their security, prioritize resources, cut time and costs, and\nstay ahead of the latest threats. \n\n* VUPEN Vulnerability Notification Service:\n\nhttp://www.vupen.com/english/services/\n\n* VUPEN Binary Analysis \u0026 Exploits Service :\n\nhttp://www.vupen.com/exploits/\n\n\nVIII. REFERENCES\n----------------------\n\nhttp://www.vupen.com/english/advisories/2010/0873\nhttp://www.adobe.com/support/security/bulletins/apsb10-09.html\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199\n\n\nIX. DISCLOSURE TIMELINE\n----------------------------------- \n\n2010-03-16 - Vendor notified\n2010-03-16 - Vendor response\n2010-04-07 - Status update received\n2010-04-13 - Coordinated public Disclosure\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-0199"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001355"
},
{
"db": "BID",
"id": "39511"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "VULHUB",
"id": "VHN-42804"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "88447"
}
],
"trust": 2.52
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-42804",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42804"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-0199",
"trust": 3.0
},
{
"db": "VUPEN",
"id": "ADV-2010-0873",
"trust": 2.6
},
{
"db": "USCERT",
"id": "TA10-103C",
"trust": 2.6
},
{
"db": "BID",
"id": "39329",
"trust": 2.0
},
{
"db": "BID",
"id": "39511",
"trust": 1.2
},
{
"db": "USCERT",
"id": "SA10-103C",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001355",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201004-252",
"trust": 0.7
},
{
"db": "CERT/CC",
"id": "TA10-103C",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "88447",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-42804",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88345",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "93607",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42804"
},
{
"db": "BID",
"id": "39511"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001355"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "88447"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-252"
},
{
"db": "NVD",
"id": "CVE-2010-0199"
}
]
},
"id": "VAR-201004-0128",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-42804"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:16:51.751000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-09",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"title": "APSB10-09",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-09.html"
},
{
"title": "RHSA-2010:0349",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0349.html"
},
{
"title": "TA10-103C",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-103c.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001355"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42804"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001355"
},
{
"db": "NVD",
"id": "CVE-2010-0199"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.vupen.com/english/advisories/2010/0873"
},
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-103c.html"
},
{
"trust": 2.5,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/39329"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a6900"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0199"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100009.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-103c/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-13/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0199"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/39511"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-103c.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/index.html#topics"
},
{
"trust": 0.6,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "/archive/1/510753"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0199"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-103c.html\u003e"
},
{
"trust": 0.1,
"url": "http://kb2.adobe.com/cps/504/cpsid_50431.html\u003e"
},
{
"trust": 0.1,
"url": "http://blogs.adobe.com/adobereader/2010/04/upcoming_adobe_reader_and_acro.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2203"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2209"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0188"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0194"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201009-05.xml"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2205"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2211"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1285"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0190"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2210"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0188"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0198"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-07.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1297"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1241"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1295"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2208"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0190"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0198"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2207"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2168"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2201"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-16.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0186"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2212"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/research.php"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/services/"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/exploits/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42804"
},
{
"db": "BID",
"id": "39511"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001355"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "88447"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-252"
},
{
"db": "NVD",
"id": "CVE-2010-0199"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-42804"
},
{
"db": "BID",
"id": "39511"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001355"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "88447"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-252"
},
{
"db": "NVD",
"id": "CVE-2010-0199"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-14T00:00:00",
"db": "VULHUB",
"id": "VHN-42804"
},
{
"date": "2010-04-13T00:00:00",
"db": "BID",
"id": "39511"
},
{
"date": "2010-04-08T00:00:00",
"db": "BID",
"id": "39329"
},
{
"date": "2010-04-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001355"
},
{
"date": "2010-04-14T07:04:22",
"db": "PACKETSTORM",
"id": "88345"
},
{
"date": "2010-09-08T05:23:46",
"db": "PACKETSTORM",
"id": "93607"
},
{
"date": "2010-04-16T02:29:23",
"db": "PACKETSTORM",
"id": "88447"
},
{
"date": "2010-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-252"
},
{
"date": "2010-04-14T16:00:00.960000",
"db": "NVD",
"id": "CVE-2010-0199"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-42804"
},
{
"date": "2015-03-19T08:14:00",
"db": "BID",
"id": "39511"
},
{
"date": "2010-04-16T15:53:00",
"db": "BID",
"id": "39329"
},
{
"date": "2010-04-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001355"
},
{
"date": "2010-04-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-252"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2010-0199"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "39511"
},
{
"db": "BID",
"id": "39329"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001355"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-252"
}
],
"trust": 0.6
}
}
var-201006-1129
Vulnerability from variot
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code via a PDF file with crafted Flash content, involving the newfunction (0x44) operator and an "invalid pointer vulnerability" that triggers memory corruption, a different vulnerability than CVE-2010-1285 and CVE-2010-2201. Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. Adobe Reader and Acrobat versions prior to and including 9.3.2 and 8.2.2 are affected. NOTE: This issue was previously covered in BID 41130 (Adobe Acrobat and Reader Prior to 9.3.3 Multiple Remote Vulnerabilities) but has been given its own record to better document it. They are used to create, view, search, digitally sign, verify, print, and collaborate on Adobe PDF files."
II. Binary Analysis & Proof-of-concept
In-depth binary analysis of the vulnerability and a code execution exploit are available through the VUPEN Binary Analysis & Exploits Service :
http://www.vupen.com/english/services/ba-index.php
V.
VI. CREDIT
This vulnerability was discovered by Nicolas Joly of VUPEN Security
VII. ABOUT VUPEN Security
VUPEN is a leading IT security research company providing vulnerability management and security intelligence solutions which enable enterprises and institutions to eliminate vulnerabilities before they can be exploited, ensure security policy compliance and meaningfully measure and manage risks.
Governmental and federal agencies, and global enterprises in the financial services, insurance, manufacturing and technology industries rely on VUPEN to improve their security, prioritize resources, cut time and costs, and stay ahead of the latest threats.
-
VUPEN Vulnerability Notification Service (VNS) : http://www.vupen.com/english/services/vns-index.php
-
VUPEN Binary Analysis & Exploits Service (BAE) : http://www.vupen.com/english/services/ba-index.php
-
VUPEN Threat Protection Program for Govs (TPP) : http://www.vupen.com/english/services/tpp-index.php
-
VUPEN Web Application Security Scanner (WASS) : http://www.vupen.com/english/services/wass-index.php
VIII. REFERENCES
http://www.vupen.com/english/advisories/2010/1636 http://www.adobe.com/support/security/bulletins/apsb10-15.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168
IX. DISCLOSURE TIMELINE
2010-03-08 - Vendor notified 2010-03-08 - Vendor response 2010-06-20 - Status update received 2010-06-29 - Coordinated public Disclosure . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201009-05
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: September 07, 2010 Bugs: #297385, #306429, #313343, #322857 ID: 201009-05
Synopsis
Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code or other attacks. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.3.4"
References
[ 1 ] APSA10-01 http://www.adobe.com/support/security/advisories/apsa10-01.html [ 2 ] APSB10-02 http://www.adobe.com/support/security/bulletins/apsb10-02.html [ 3 ] APSB10-07 http://www.adobe.com/support/security/bulletins/apsb10-07.html [ 4 ] APSB10-09 http://www.adobe.com/support/security/bulletins/apsb10-09.html [ 5 ] APSB10-14 http://www.adobe.com/support/security/bulletins/apsb10-14.html [ 6 ] APSB10-16 http://www.adobe.com/support/security/bulletins/apsb10-16.html [ 7 ] CVE-2009-3953 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953 [ 8 ] CVE-2009-4324 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324 [ 9 ] CVE-2010-0186 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186 [ 10 ] CVE-2010-0188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188 [ 11 ] CVE-2010-0190 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190 [ 12 ] CVE-2010-0191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191 [ 13 ] CVE-2010-0192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192 [ 14 ] CVE-2010-0193 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193 [ 15 ] CVE-2010-0194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194 [ 16 ] CVE-2010-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195 [ 17 ] CVE-2010-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196 [ 18 ] CVE-2010-0197 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197 [ 19 ] CVE-2010-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198 [ 20 ] CVE-2010-0199 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199 [ 21 ] CVE-2010-0201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201 [ 22 ] CVE-2010-0202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202 [ 23 ] CVE-2010-0203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203 [ 24 ] CVE-2010-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204 [ 25 ] CVE-2010-1241 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241 [ 26 ] CVE-2010-1285 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285 [ 27 ] CVE-2010-1295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295 [ 28 ] CVE-2010-1297 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297 [ 29 ] CVE-2010-2168 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168 [ 30 ] CVE-2010-2201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201 [ 31 ] CVE-2010-2202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202 [ 32 ] CVE-2010-2203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203 [ 33 ] CVE-2010-2204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204 [ 34 ] CVE-2010-2205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205 [ 35 ] CVE-2010-2206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206 [ 36 ] CVE-2010-2207 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207 [ 37 ] CVE-2010-2208 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208 [ 38 ] CVE-2010-2209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209 [ 39 ] CVE-2010-2210 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210 [ 40 ] CVE-2010-2211 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211 [ 41 ] CVE-2010-2212 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201009-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. ----------------------------------------------------------------------
Secunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management
Free webinars
http://secunia.com/vulnerability_scanning/corporate/webinars/
TITLE: Adobe Flash Player Unspecified Code Execution Vulnerability
SECUNIA ADVISORY ID: SA40026
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/40026/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=40026
RELEASE DATE: 2010-06-05
DISCUSS ADVISORY: http://secunia.com/advisories/40026/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/40026/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=40026
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an unspecified error. No more information is currently available.
The vulnerability is reported in version 10.0.45.2 and prior 10.0.x and 9.0.x versions for Windows, Macintosh, Linux, and Solaris.
NOTE: The vulnerability is reportedly being actively exploited.
SOLUTION: Reportedly, the latest version 10.1 Release Candidate is not affected.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day.
ORIGINAL ADVISORY: Adobe: http://www.adobe.com/support/security/advisories/apsa10-01.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA10-159A
Adobe Flash, Reader, and Acrobat Vulnerability
Original release date: June 08, 2010 Last revised: -- Source: US-CERT
Systems Affected
* Adobe Flash Player 10.0.45.2 and earlier 10.x versions
* Adobe Flash Player 9.0.262 and earlier 9.x versions
* Adobe Reader 9.3.2 and earlier 9.x versions
* Adobe Acrobat 9.3.2 and earlier 9.x versions
Other Adobe products that support Flash may also be vulnerable. This
vulnerability affects Flash Player, Reader, Acrobat, and possibly other products that support Flash.
I. It may also affect other products that independently support Flash, such as Photoshop, Photoshop Lightroom, Freehand MX, and Fireworks.
II.
III. Solution
Update
Adobe Security Advisory APSA10-01 suggests updating to the release candidate of Flash Player 10.1.
Disable Flash in your web browser
Uninstall Flash or restrict which sites are allowed to run Flash. To the extent possible, only run trusted Flash content on trusted domains. For more information, see Securing Your Web Browser.
Disable Flash in Adobe Reader and Acrobat
Disabling Flash in Adobe Reader will mitigate attacks that rely on Flash content embedded in a PDF file. Disabling 3D & Multimedia support does not directly address the vulnerability, but it does provide additional mitigation and results in a more user-friendly error message instead of a crash. To disable Flash and 3D & Multimedia support in Adobe Reader 9, delete, rename, or remove access to these files:
Microsoft Windows
"%ProgramFiles%\Adobe\Reader 9.0\Reader\authplay.dll"
"%ProgramFiles%\Adobe\Reader 9.0\Reader\rt3d.dll"
Apple Mac OS X
"/Applications/Adobe Reader 9/Adobe
Reader.app/Contents/Frameworks/AuthPlayLib.bundle"
"/Applications/Adobe Reader 9/Adobe
Reader.app/Contents/Frameworks/Adobe3D.framework"
GNU/Linux (locations may vary among distributions)
"/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so"
"/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so"
File locations may be different for Adobe Acrobat or other Adobe products that include Flash and 3D & Multimedia support. Disabling these plugins will reduce functionality and will not protect against Flash content hosted on websites. Depending on the update schedule for products other than Flash Player, consider leaving Flash and 3D & Multimedia support disabled unless they are absolutely required.
Prevent Internet Explorer from automatically opening PDF documents
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7]
"EditFlags"=hex:00,00,00,00
Disable the display of PDF documents in the web browser
Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF documents from automatically being opened in a web browser, do the following:
1.
2. Open the Edit menu.
3. Choose the Preferences option.
4. Choose the Internet section.
5. Uncheck the "Display PDF in browser" checkbox.
Disable JavaScript in Adobe Reader and Acrobat
Disabling JavaScript provides some additional protection against attacks. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Enable DEP in Microsoft Windows
Consider enabling Data Execution Prevention (DEP) in supported versions of Windows. DEP should not be treated as a complete workaround, but it can mitigate the execution of attacker-supplied code in some cases. Microsoft has published detailed technical information about DEP in Security Research & Defense blog posts "Understanding DEP as a mitigation technology" part 1 and part 2. Use of DEP should be considered in conjunction with the application of patches or other mitigations described in this document.
Do not access PDF documents from untrusted sources
Do not open unfamiliar or unexpected PDF documents, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. References
-
Security Advisory for Flash Player, Adobe Reader and Acrobat - http://www.adobe.com/support/security/advisories/apsa10-01.html
-
Adobe Labs - Flash Player 10 pre-release - http://labs.adobe.com/technologies/flashplayer10/
-
US-CERT Vulnerability Note VU#486225 - http://www.kb.cert.org/vuls/id/486225
-
Securing Your Web Browser - http://www.us-cert.gov/reading_room/securing_browser/
-
Understanding DEP as a mitigation technology part 1 - http://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx
-
Understanding DEP as a mitigation technology part 2 - http://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA10-159A.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA10-159A Feedback VU#486225" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
June 08, 2010: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBTA65yT6pPKYJORa3AQLS9wf/fh+7IwRtBvoPgn8pYeOsVheLkbVLWC3W miWUnY1acuPTwZzG5JcAldRHksFkx1j0mMEvp4PhtiTr51JFPi4XgDfrG4cEcVaw nuAqEV+hLAWZkMex/jWxBV+85tZqKN0kiUr3bq5DPsdkhjV7c2MFfS8BSxLXLuPm OFAXPT+XFldq6MJhYUOtWT1CIz6PNPfo68KmZaUThjdqkkBW3HQu90OSRf2c6M/u V6KBQf7QuhpPqYUqAZU6ZUNEfL/7g2BwvuPjUMlgE5N+Z8EYnhyhu0qDtZeLUcXA 2gH31VEr79DUHJqpb9jk61bi5Dm4gjHeLHoTAwu0IrduZzXvWncfIg== =ZPZM -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201006-1129",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.4.z (server)"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "BID",
"id": "41236"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001706"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-478"
},
{
"db": "NVD",
"id": "CVE-2010-2168"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001706"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nicolas Joly of VUPEN Vulnerability Research Team",
"sources": [
{
"db": "BID",
"id": "41236"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-478"
}
],
"trust": 0.9
},
"cve": "CVE-2010-2168",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-2168",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CARNEGIE MELLON",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 9.0,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 7.0,
"exploitability": "PROOF-OF-CONCEPT",
"exploitabilityScore": 8.6,
"id": "VU#486225",
"impactScore": 9.5,
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "OFFICIAL FIX",
"reportConfidence": "CONFIRMED",
"severity": "HIGH",
"targetDistribution": "NOT DEFINED",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-44773",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-2168",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#486225",
"trust": 0.8,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2010-2168",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201006-478",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-44773",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2010-2168",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44773"
},
{
"db": "VULMON",
"id": "CVE-2010-2168"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001706"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-478"
},
{
"db": "NVD",
"id": "CVE-2010-2168"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code via a PDF file with crafted Flash content, involving the newfunction (0x44) operator and an \"invalid pointer vulnerability\" that triggers memory corruption, a different vulnerability than CVE-2010-1285 and CVE-2010-2201. Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. \nAdobe Reader and Acrobat versions prior to and including 9.3.2 and 8.2.2 are affected. \nNOTE: This issue was previously covered in BID 41130 (Adobe Acrobat and Reader Prior to 9.3.3 Multiple Remote Vulnerabilities) but has been given its own record to better document it. They are used to create, view, search, digitally\nsign, verify, print, and collaborate on Adobe PDF files.\"\n\n\nII. Binary Analysis \u0026 Proof-of-concept\n---------------------------------------\n\nIn-depth binary analysis of the vulnerability and a code execution exploit\nare available through the VUPEN Binary Analysis \u0026 Exploits Service :\n\nhttp://www.vupen.com/english/services/ba-index.php\n\n\nV. \n\n\nVI. CREDIT\n--------------\n\nThis vulnerability was discovered by Nicolas Joly of VUPEN Security\n\n\nVII. ABOUT VUPEN Security\n---------------------------\n\nVUPEN is a leading IT security research company providing vulnerability\nmanagement and security intelligence solutions which enable enterprises\nand institutions to eliminate vulnerabilities before they can be exploited,\nensure security policy compliance and meaningfully measure and manage risks. \n\nGovernmental and federal agencies, and global enterprises in the financial\nservices, insurance, manufacturing and technology industries rely on VUPEN\nto improve their security, prioritize resources, cut time and costs, and\nstay ahead of the latest threats. \n\n* VUPEN Vulnerability Notification Service (VNS) :\nhttp://www.vupen.com/english/services/vns-index.php\n\n* VUPEN Binary Analysis \u0026 Exploits Service (BAE) :\nhttp://www.vupen.com/english/services/ba-index.php\n\n* VUPEN Threat Protection Program for Govs (TPP) :\nhttp://www.vupen.com/english/services/tpp-index.php\n\n* VUPEN Web Application Security Scanner (WASS) :\nhttp://www.vupen.com/english/services/wass-index.php\n\n\nVIII. REFERENCES\n----------------------\n\nhttp://www.vupen.com/english/advisories/2010/1636\nhttp://www.adobe.com/support/security/bulletins/apsb10-15.html\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168\n\n\nIX. DISCLOSURE TIMELINE\n-----------------------------\n\n2010-03-08 - Vendor notified\n2010-03-08 - Vendor response\n2010-06-20 - Status update received\n2010-06-29 - Coordinated public Disclosure\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201009-05\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: September 07, 2010\n Bugs: #297385, #306429, #313343, #322857\n ID: 201009-05\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might result in the execution\nof arbitrary code or other attacks. For further\ninformation please consult the CVE entries and the Adobe Security\nBulletins referenced below. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.3.4\"\n\nReferences\n==========\n\n [ 1 ] APSA10-01\n http://www.adobe.com/support/security/advisories/apsa10-01.html\n [ 2 ] APSB10-02\n http://www.adobe.com/support/security/bulletins/apsb10-02.html\n [ 3 ] APSB10-07\n http://www.adobe.com/support/security/bulletins/apsb10-07.html\n [ 4 ] APSB10-09\n http://www.adobe.com/support/security/bulletins/apsb10-09.html\n [ 5 ] APSB10-14\n http://www.adobe.com/support/security/bulletins/apsb10-14.html\n [ 6 ] APSB10-16\n http://www.adobe.com/support/security/bulletins/apsb10-16.html\n [ 7 ] CVE-2009-3953\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953\n [ 8 ] CVE-2009-4324\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324\n [ 9 ] CVE-2010-0186\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186\n [ 10 ] CVE-2010-0188\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188\n [ 11 ] CVE-2010-0190\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190\n [ 12 ] CVE-2010-0191\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191\n [ 13 ] CVE-2010-0192\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192\n [ 14 ] CVE-2010-0193\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193\n [ 15 ] CVE-2010-0194\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194\n [ 16 ] CVE-2010-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195\n [ 17 ] CVE-2010-0196\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196\n [ 18 ] CVE-2010-0197\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197\n [ 19 ] CVE-2010-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198\n [ 20 ] CVE-2010-0199\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199\n [ 21 ] CVE-2010-0201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201\n [ 22 ] CVE-2010-0202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202\n [ 23 ] CVE-2010-0203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203\n [ 24 ] CVE-2010-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204\n [ 25 ] CVE-2010-1241\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241\n [ 26 ] CVE-2010-1285\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285\n [ 27 ] CVE-2010-1295\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295\n [ 28 ] CVE-2010-1297\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297\n [ 29 ] CVE-2010-2168\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168\n [ 30 ] CVE-2010-2201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201\n [ 31 ] CVE-2010-2202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202\n [ 32 ] CVE-2010-2203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203\n [ 33 ] CVE-2010-2204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204\n [ 34 ] CVE-2010-2205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205\n [ 35 ] CVE-2010-2206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206\n [ 36 ] CVE-2010-2207\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207\n [ 37 ] CVE-2010-2208\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208\n [ 38 ] CVE-2010-2209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209\n [ 39 ] CVE-2010-2210\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210\n [ 40 ] CVE-2010-2211\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211\n [ 41 ] CVE-2010-2212\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201009-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. ----------------------------------------------------------------------\n\n\nSecunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management\n\nFree webinars\n\nhttp://secunia.com/vulnerability_scanning/corporate/webinars/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player Unspecified Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA40026\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/40026/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026\n\nRELEASE DATE:\n2010-06-05\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/40026/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/40026/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in Adobe Flash Player, which can be\nexploited by malicious people to compromise a user\u0027s system. \n\nThe vulnerability is caused due to an unspecified error. No more\ninformation is currently available. \n\nThe vulnerability is reported in version 10.0.45.2 and prior 10.0.x\nand 9.0.x versions for Windows, Macintosh, Linux, and Solaris. \n\nNOTE: The vulnerability is reportedly being actively exploited. \n\nSOLUTION:\nReportedly, the latest version 10.1 Release Candidate is not\naffected. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\nReported as a 0-day. \n\nORIGINAL ADVISORY:\nAdobe:\nhttp://www.adobe.com/support/security/advisories/apsa10-01.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n National Cyber Alert System\n\n Technical Cyber Security Alert TA10-159A\n\n\nAdobe Flash, Reader, and Acrobat Vulnerability\n\n Original release date: June 08, 2010\n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n * Adobe Flash Player 10.0.45.2 and earlier 10.x versions\n * Adobe Flash Player 9.0.262 and earlier 9.x versions\n * Adobe Reader 9.3.2 and earlier 9.x versions\n * Adobe Acrobat 9.3.2 and earlier 9.x versions\n\n Other Adobe products that support Flash may also be vulnerable. This\n vulnerability affects Flash Player, Reader, Acrobat, and possibly\n other products that support Flash. \n\n\nI. It may\n also affect other products that independently support Flash, such\n as Photoshop, Photoshop Lightroom, Freehand MX, and Fireworks. \n\n\nII. \n\n\nIII. Solution\n\n Update\n\n Adobe Security Advisory APSA10-01 suggests updating to the release\n candidate of Flash Player 10.1. \n\n Disable Flash in your web browser\n\n Uninstall Flash or restrict which sites are allowed to run Flash. \n To the extent possible, only run trusted Flash content on trusted\n domains. For more information, see Securing Your Web Browser. \n\n Disable Flash in Adobe Reader and Acrobat\n\n Disabling Flash in Adobe Reader will mitigate attacks that rely on\n Flash content embedded in a PDF file. Disabling 3D \u0026 Multimedia\n support does not directly address the vulnerability, but it does\n provide additional mitigation and results in a more user-friendly\n error message instead of a crash. To disable Flash and 3D \u0026\n Multimedia support in Adobe Reader 9, delete, rename, or remove\n access to these files:\n\n Microsoft Windows\n\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\authplay.dll\"\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\rt3d.dll\"\n\n Apple Mac OS X\n\n \"/Applications/Adobe Reader 9/Adobe\n Reader.app/Contents/Frameworks/AuthPlayLib.bundle\"\n \"/Applications/Adobe Reader 9/Adobe\n Reader.app/Contents/Frameworks/Adobe3D.framework\"\n\n\n GNU/Linux (locations may vary among distributions)\n\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so\"\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so\"\n\n File locations may be different for Adobe Acrobat or other Adobe\n products that include Flash and 3D \u0026 Multimedia support. Disabling\n these plugins will reduce functionality and will not protect\n against Flash content hosted on websites. Depending on the update\n schedule for products other than Flash Player, consider leaving\n Flash and 3D \u0026 Multimedia support disabled unless they are\n absolutely required. \n\n Prevent Internet Explorer from automatically opening PDF documents\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF documents in the web browser\n\n Preventing PDF documents from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF documents from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. \n\n Disable JavaScript in Adobe Reader and Acrobat\n\n Disabling JavaScript provides some additional protection against\n attacks. Acrobat JavaScript can be disabled using the Preferences\n menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable Acrobat\n JavaScript). \n\n Enable DEP in Microsoft Windows\n\n Consider enabling Data Execution Prevention (DEP) in supported\n versions of Windows. DEP should not be treated as a complete\n workaround, but it can mitigate the execution of attacker-supplied\n code in some cases. Microsoft has published detailed technical\n information about DEP in Security Research \u0026 Defense blog posts\n \"Understanding DEP as a mitigation technology\" part 1 and part 2. \n Use of DEP should be considered in conjunction with the application\n of patches or other mitigations described in this document. \n\n Do not access PDF documents from untrusted sources\n\n Do not open unfamiliar or unexpected PDF documents, particularly\n those hosted on websites or delivered as email attachments. Please\n see Cyber Security Tip ST04-010. \n\n\nIV. References\n\n * Security Advisory for Flash Player, Adobe Reader and Acrobat -\n \u003chttp://www.adobe.com/support/security/advisories/apsa10-01.html\u003e\n\n * Adobe Labs - Flash Player 10 pre-release -\n \u003chttp://labs.adobe.com/technologies/flashplayer10/\u003e\n\n * US-CERT Vulnerability Note VU#486225 -\n \u003chttp://www.kb.cert.org/vuls/id/486225\u003e\n\n * Securing Your Web Browser -\n \u003chttp://www.us-cert.gov/reading_room/securing_browser/\u003e\n\n * Understanding DEP as a mitigation technology part 1 -\n \u003chttp://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx\u003e\n\n * Understanding DEP as a mitigation technology part 2 -\n \u003chttp://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx\u003e\n\n ____________________________________________________________________\n\n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA10-159A.html\u003e\n ____________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-159A Feedback VU#486225\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n June 08, 2010: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBTA65yT6pPKYJORa3AQLS9wf/fh+7IwRtBvoPgn8pYeOsVheLkbVLWC3W\nmiWUnY1acuPTwZzG5JcAldRHksFkx1j0mMEvp4PhtiTr51JFPi4XgDfrG4cEcVaw\nnuAqEV+hLAWZkMex/jWxBV+85tZqKN0kiUr3bq5DPsdkhjV7c2MFfS8BSxLXLuPm\nOFAXPT+XFldq6MJhYUOtWT1CIz6PNPfo68KmZaUThjdqkkBW3HQu90OSRf2c6M/u\nV6KBQf7QuhpPqYUqAZU6ZUNEfL/7g2BwvuPjUMlgE5N+Z8EYnhyhu0qDtZeLUcXA\n2gH31VEr79DUHJqpb9jk61bi5Dm4gjHeLHoTAwu0IrduZzXvWncfIg==\n=ZPZM\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-2168"
},
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001706"
},
{
"db": "BID",
"id": "41236"
},
{
"db": "VULHUB",
"id": "VHN-44773"
},
{
"db": "VULMON",
"id": "CVE-2010-2168"
},
{
"db": "PACKETSTORM",
"id": "91355"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
}
],
"trust": 3.15
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.kb.cert.org/vuls/id/486225",
"trust": 0.8,
"type": "poc"
},
{
"reference": "https://www.scap.org.cn/vuln/vhn-44773",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=15086",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44773"
},
{
"db": "VULMON",
"id": "CVE-2010-2168"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-2168",
"trust": 3.2
},
{
"db": "BID",
"id": "41236",
"trust": 2.3
},
{
"db": "VUPEN",
"id": "ADV-2010-1636",
"trust": 2.1
},
{
"db": "SECTRACK",
"id": "1024159",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "40026",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#486225",
"trust": 0.9
},
{
"db": "USCERT",
"id": "TA10-159A",
"trust": 0.9
},
{
"db": "USCERT",
"id": "SA10-162A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "TA10-162A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA10-159A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001706",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201006-478",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "94190",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "91355",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "94191",
"trust": 0.2
},
{
"db": "EXPLOIT-DB",
"id": "15086",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-69897",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-44773",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2010-2168",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "93607",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90322",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90516",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44773"
},
{
"db": "VULMON",
"id": "CVE-2010-2168"
},
{
"db": "BID",
"id": "41236"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001706"
},
{
"db": "PACKETSTORM",
"id": "94191"
},
{
"db": "PACKETSTORM",
"id": "91355"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-478"
},
{
"db": "NVD",
"id": "CVE-2010-2168"
}
]
},
"id": "VAR-201006-1129",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-44773"
}
],
"trust": 0.01
},
"last_update_date": "2024-09-09T20:14:51.824000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-15",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"
},
{
"title": "APSB10-15",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-15.html"
},
{
"title": "RHSA-2010:0503",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0503.html"
},
{
"title": "TA10-159A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-159a.html"
},
{
"title": "TA10-162A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-162a.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001706"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44773"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001706"
},
{
"db": "NVD",
"id": "CVE-2010-2168"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"
},
{
"trust": 2.1,
"url": "http://www.vupen.com/english/advisories/2010/1636"
},
{
"trust": 2.0,
"url": "http://www.securityfocus.com/bid/41236"
},
{
"trust": 1.8,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/512096"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7167"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id?1024159"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2168"
},
{
"trust": 0.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
},
{
"trust": 0.8,
"url": "http://www.adobe.com/devnet/actionscript/articles/avm2overview.pdf"
},
{
"trust": 0.8,
"url": "http://labs.adobe.com/technologies/flashplayer10/"
},
{
"trust": 0.8,
"url": "http://blog.zynamics.com/2010/06/09/analyzing-the-currently-exploited-0-day-for-adobe-reader-and-adobe-flash/"
},
{
"trust": 0.8,
"url": "http://www.symantec.com/connect/blogs/analysis-zero-day-exploit-adobe-flash-and-reader"
},
{
"trust": 0.8,
"url": "http://community.websense.com/blogs/securitylabs/archive/2010/06/09/having-fun-with-adobe-0-day-exploits.aspx"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/40026"
},
{
"trust": 0.8,
"url": "http://www.f-secure.com/weblog/archives/00001962.html"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20100611-adobe.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100015.txt"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100017.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-159a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-162a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-16"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2168"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-159a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-162a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-159a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-162a.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.exploit-db.com/moaub-23-adobe-acrobat-and-reader-newfunction-remote-code-execution-vulnerability/"
},
{
"trust": 0.3,
"url": "/archive/1/512096"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2168"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/399.html"
},
{
"trust": 0.1,
"url": "https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2010-2168"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://packetstormsecurity.com/files/94190/month-of-abysssec-undisclosed-bugs-adobe-acrobat-reader.html"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/15086/"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/services/wass-index.php"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/research.php"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/services/ba-index.php"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/services/tpp-index.php"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/services/vns-index.php"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2203"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2209"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0188"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0199"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201009-05.xml"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2205"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2211"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1285"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0199"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0190"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2210"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0188"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0198"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-07.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1297"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1241"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1295"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2208"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0190"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0198"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2207"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2201"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-16.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0186"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2212"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40026/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/webinars/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40026/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/486225\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-159a.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx\u003e"
},
{
"trust": 0.1,
"url": "http://labs.adobe.com/technologies/flashplayer10/\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/reading_room/securing_browser/\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx\u003e"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44773"
},
{
"db": "VULMON",
"id": "CVE-2010-2168"
},
{
"db": "BID",
"id": "41236"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001706"
},
{
"db": "PACKETSTORM",
"id": "94191"
},
{
"db": "PACKETSTORM",
"id": "91355"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-478"
},
{
"db": "NVD",
"id": "CVE-2010-2168"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44773"
},
{
"db": "VULMON",
"id": "CVE-2010-2168"
},
{
"db": "BID",
"id": "41236"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001706"
},
{
"db": "PACKETSTORM",
"id": "94191"
},
{
"db": "PACKETSTORM",
"id": "91355"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-478"
},
{
"db": "NVD",
"id": "CVE-2010-2168"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-06-07T00:00:00",
"db": "CERT/CC",
"id": "VU#486225"
},
{
"date": "2010-06-30T00:00:00",
"db": "VULHUB",
"id": "VHN-44773"
},
{
"date": "2010-06-30T00:00:00",
"db": "VULMON",
"id": "CVE-2010-2168"
},
{
"date": "2010-06-29T00:00:00",
"db": "BID",
"id": "41236"
},
{
"date": "2010-07-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001706"
},
{
"date": "2010-09-24T02:07:25",
"db": "PACKETSTORM",
"id": "94191"
},
{
"date": "2010-07-01T05:46:49",
"db": "PACKETSTORM",
"id": "91355"
},
{
"date": "2010-09-08T05:23:46",
"db": "PACKETSTORM",
"id": "93607"
},
{
"date": "2010-06-07T11:14:28",
"db": "PACKETSTORM",
"id": "90322"
},
{
"date": "2010-06-12T04:47:27",
"db": "PACKETSTORM",
"id": "90516"
},
{
"date": "2010-06-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-478"
},
{
"date": "2010-06-30T18:30:01.487000",
"db": "NVD",
"id": "CVE-2010-2168"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-03-28T00:00:00",
"db": "CERT/CC",
"id": "VU#486225"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-44773"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2010-2168"
},
{
"date": "2010-09-23T11:21:00",
"db": "BID",
"id": "41236"
},
{
"date": "2010-07-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001706"
},
{
"date": "2011-07-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-478"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2010-2168"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "94191"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-478"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Acrobat and Reader \u0027newfunction\u0027 Remote Code Execution Vulnerability",
"sources": [
{
"db": "BID",
"id": "41236"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-478"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201006-478"
}
],
"trust": 0.6
}
}
var-201405-0211
Vulnerability from variot
Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. Adobe Acrobat and Reader are prone to a remote buffer-overflow vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. The following products are affected: Adobe Reader 11.x versions prior to 11.0.07 Adobe Reader 10.x versions prior to 10.1.10 Adobe Acrobat 11.x versions prior to 11.0.07 Adobe Acrobat 10.x versions prior to 10.1.10. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201405-0211",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.07)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.10)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.07)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.10)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "67362"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002489"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-254"
},
{
"db": "NVD",
"id": "CVE-2014-0529"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002489"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Venustech Active-Defense Lab",
"sources": [
{
"db": "BID",
"id": "67362"
}
],
"trust": 0.3
},
"cve": "CVE-2014-0529",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-0529",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-68022",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-0529",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-0529",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201405-254",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-68022",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68022"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002489"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-254"
},
{
"db": "NVD",
"id": "CVE-2014-0529"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. Adobe Acrobat and Reader are prone to a remote buffer-overflow vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. \nThe following products are affected:\nAdobe Reader 11.x versions prior to 11.0.07\nAdobe Reader 10.x versions prior to 10.1.10\nAdobe Acrobat 11.x versions prior to 11.0.07\nAdobe Acrobat 10.x versions prior to 10.1.10. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0529"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002489"
},
{
"db": "BID",
"id": "67362"
},
{
"db": "VULHUB",
"id": "VHN-68022"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0529",
"trust": 2.8
},
{
"db": "BID",
"id": "67362",
"trust": 1.4
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002489",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201405-254",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-68022",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68022"
},
{
"db": "BID",
"id": "67362"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002489"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-254"
},
{
"db": "NVD",
"id": "CVE-2014-0529"
}
]
},
"id": "VAR-201405-0211",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-68022"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T14:58:11.312000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB14-15",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-15.html"
},
{
"title": "APSB14-15",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb14-15.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20140515.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002489"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68022"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002489"
},
{
"db": "NVD",
"id": "CVE-2014-0529"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-15.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/67362"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0529"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20140514-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140023.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0529"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=13798"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68022"
},
{
"db": "BID",
"id": "67362"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002489"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-254"
},
{
"db": "NVD",
"id": "CVE-2014-0529"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-68022"
},
{
"db": "BID",
"id": "67362"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002489"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-254"
},
{
"db": "NVD",
"id": "CVE-2014-0529"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-05-14T00:00:00",
"db": "VULHUB",
"id": "VHN-68022"
},
{
"date": "2014-05-13T00:00:00",
"db": "BID",
"id": "67362"
},
{
"date": "2014-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002489"
},
{
"date": "2014-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-254"
},
{
"date": "2014-05-14T11:13:05.600000",
"db": "NVD",
"id": "CVE-2014-0529"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-23T00:00:00",
"db": "VULHUB",
"id": "VHN-68022"
},
{
"date": "2014-05-13T00:00:00",
"db": "BID",
"id": "67362"
},
{
"date": "2014-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002489"
},
{
"date": "2014-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-254"
},
{
"date": "2015-10-23T15:39:34.787000",
"db": "NVD",
"id": "CVE-2014-0529"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201405-254"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002489"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201405-254"
}
],
"trust": 0.6
}
}
var-201208-0435
Vulnerability from variot
Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE-2012-4150, CVE-2012-4151, CVE-2012-4152, CVE-2012-4153, CVE-2012-4154, CVE-2012-4155, CVE-2012-4156, CVE-2012-4157, CVE-2012-4158, and CVE-2012-4159. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201308-03
http://security.gentoo.org/
Severity: High Title: Adobe Reader: Multiple vulnerabilities Date: August 22, 2013 Bugs: #431732, #451058, #469960 ID: 201308-03
Synopsis
Multiple vulnerabilities have been found in Adobe Reader, including potential remote execution of arbitrary code and local privilege escalation.
Background
Adobe Reader is a closed-source PDF reader.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.5.5 >= 9.5.5
Description
Multiple vulnerabilities have been discovered in Adobe Reader. Please review the CVE identifiers referenced below for details. A local attacker could gain privileges via unspecified vectors.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.5.5"
References
[ 1 ] CVE-2012-1525 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525 [ 2 ] CVE-2012-1530 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530 [ 3 ] CVE-2012-2049 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049 [ 4 ] CVE-2012-2050 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050 [ 5 ] CVE-2012-2051 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051 [ 6 ] CVE-2012-4147 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147 [ 7 ] CVE-2012-4148 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748 [ 8 ] CVE-2012-4149 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149 [ 9 ] CVE-2012-4150 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150 [ 10 ] CVE-2012-4151 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151 [ 11 ] CVE-2012-4152 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152 [ 12 ] CVE-2012-4153 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153 [ 13 ] CVE-2012-4154 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154 [ 14 ] CVE-2012-4155 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155 [ 15 ] CVE-2012-4156 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156 [ 16 ] CVE-2012-4157 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157 [ 17 ] CVE-2012-4158 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158 [ 18 ] CVE-2012-4159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159 [ 19 ] CVE-2012-4160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160 [ 20 ] CVE-2012-4363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363 [ 21 ] CVE-2013-0601 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601 [ 22 ] CVE-2013-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602 [ 23 ] CVE-2013-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603 [ 24 ] CVE-2013-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604 [ 25 ] CVE-2013-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605 [ 26 ] CVE-2013-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606 [ 27 ] CVE-2013-0607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607 [ 28 ] CVE-2013-0608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608 [ 29 ] CVE-2013-0609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609 [ 30 ] CVE-2013-0610 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610 [ 31 ] CVE-2013-0611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611 [ 32 ] CVE-2013-0612 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612 [ 33 ] CVE-2013-0613 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613 [ 34 ] CVE-2013-0614 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614 [ 35 ] CVE-2013-0615 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615 [ 36 ] CVE-2013-0616 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616 [ 37 ] CVE-2013-0617 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617 [ 38 ] CVE-2013-0618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618 [ 39 ] CVE-2013-0619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619 [ 40 ] CVE-2013-0620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620 [ 41 ] CVE-2013-0621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621 [ 42 ] CVE-2013-0622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622 [ 43 ] CVE-2013-0623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623 [ 44 ] CVE-2013-0624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624 [ 45 ] CVE-2013-0626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626 [ 46 ] CVE-2013-0627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627 [ 47 ] CVE-2013-0640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640 [ 48 ] CVE-2013-0641 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641 [ 49 ] CVE-2013-2549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549 [ 50 ] CVE-2013-2550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550 [ 51 ] CVE-2013-2718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718 [ 52 ] CVE-2013-2719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719 [ 53 ] CVE-2013-2720 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720 [ 54 ] CVE-2013-2721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721 [ 55 ] CVE-2013-2722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722 [ 56 ] CVE-2013-2723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723 [ 57 ] CVE-2013-2724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724 [ 58 ] CVE-2013-2725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725 [ 59 ] CVE-2013-2726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726 [ 60 ] CVE-2013-2727 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727 [ 61 ] CVE-2013-2729 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729 [ 62 ] CVE-2013-2730 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730 [ 63 ] CVE-2013-2731 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731 [ 64 ] CVE-2013-2732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732 [ 65 ] CVE-2013-2733 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733 [ 66 ] CVE-2013-2734 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734 [ 67 ] CVE-2013-2735 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735 [ 68 ] CVE-2013-2736 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736 [ 69 ] CVE-2013-2737 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737 [ 70 ] CVE-2013-3337 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337 [ 71 ] CVE-2013-3338 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338 [ 72 ] CVE-2013-3339 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339 [ 73 ] CVE-2013-3340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340 [ 74 ] CVE-2013-3341 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341 [ 75 ] CVE-2013-3342 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201308-03.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . ----------------------------------------------------------------------
The new Secunia CSI 6.0 is now available in beta! Seamless integration with your existing security solutions Sign-up to become a Beta tester: http://secunia.com/csi6beta
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50281
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50281/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
RELEASE DATE: 2012-08-14
DISCUSS ADVISORY: http://secunia.com/advisories/50281/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50281/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.
1) An unspecified error can be exploited to cause a stack-based buffer overflow.
2) An unspecified error can be exploited to cause a buffer overflow.
3) An unspecified error can be exploited to corrupt memory.
4) Another unspecified error can be exploited to corrupt memory.
5) Another unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to cause a heap-based buffer overflow.
7) Multiple unspecified errors can be exploited to corrupt memory.
8) Two unspecified errors can be exploited to corrupt memory.
Note: Vulnerability #8 affects the Macintosh platform only.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
SOLUTION: Apply updates.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1) Pavel Polischouk, TELUS Security Labs 2) An anonymous person via Beyond Security 3) Mateusz Jurczyk, Google Security Team 4, 8) James Quirk 5) John Leitch, Microsoft 6) Nicolas Gr\xe9goire via iDefense 7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team
ORIGINAL ADVISORY: http://www.adobe.com/support/security/bulletins/apsb12-16.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201208-0435",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (windows and macintosh)"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (windows and macintosh)"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "55021"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003648"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-259"
},
{
"db": "NVD",
"id": "CVE-2012-4160"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003648"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mateusz Jurczyk and Gynvael Coldwind, of the Google Security Team",
"sources": [
{
"db": "BID",
"id": "55021"
}
],
"trust": 0.3
},
"cve": "CVE-2012-4160",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2012-4160",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-57441",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-4160",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2012-4160",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201208-259",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-57441",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57441"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003648"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-259"
},
{
"db": "NVD",
"id": "CVE-2012-4160"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE-2012-4150, CVE-2012-4151, CVE-2012-4152, CVE-2012-4153, CVE-2012-4154, CVE-2012-4155, CVE-2012-4156, CVE-2012-4157, CVE-2012-4158, and CVE-2012-4159. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201308-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Adobe Reader: Multiple vulnerabilities\n Date: August 22, 2013\n Bugs: #431732, #451058, #469960\n ID: 201308-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Adobe Reader, including\npotential remote execution of arbitrary code and local privilege\nescalation. \n\nBackground\n==========\n\nAdobe Reader is a closed-source PDF reader. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/acroread \u003c 9.5.5 \u003e= 9.5.5\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Adobe Reader. Please\nreview the CVE identifiers referenced below for details. A local attacker could gain privileges via\nunspecified vectors. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.5.5\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-1525\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525\n[ 2 ] CVE-2012-1530\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530\n[ 3 ] CVE-2012-2049\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049\n[ 4 ] CVE-2012-2050\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050\n[ 5 ] CVE-2012-2051\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051\n[ 6 ] CVE-2012-4147\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147\n[ 7 ] CVE-2012-4148\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748\n[ 8 ] CVE-2012-4149\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149\n[ 9 ] CVE-2012-4150\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150\n[ 10 ] CVE-2012-4151\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151\n[ 11 ] CVE-2012-4152\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152\n[ 12 ] CVE-2012-4153\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153\n[ 13 ] CVE-2012-4154\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154\n[ 14 ] CVE-2012-4155\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155\n[ 15 ] CVE-2012-4156\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156\n[ 16 ] CVE-2012-4157\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157\n[ 17 ] CVE-2012-4158\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158\n[ 18 ] CVE-2012-4159\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159\n[ 19 ] CVE-2012-4160\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160\n[ 20 ] CVE-2012-4363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363\n[ 21 ] CVE-2013-0601\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601\n[ 22 ] CVE-2013-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602\n[ 23 ] CVE-2013-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603\n[ 24 ] CVE-2013-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604\n[ 25 ] CVE-2013-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605\n[ 26 ] CVE-2013-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606\n[ 27 ] CVE-2013-0607\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607\n[ 28 ] CVE-2013-0608\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608\n[ 29 ] CVE-2013-0609\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609\n[ 30 ] CVE-2013-0610\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610\n[ 31 ] CVE-2013-0611\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611\n[ 32 ] CVE-2013-0612\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612\n[ 33 ] CVE-2013-0613\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613\n[ 34 ] CVE-2013-0614\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614\n[ 35 ] CVE-2013-0615\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615\n[ 36 ] CVE-2013-0616\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616\n[ 37 ] CVE-2013-0617\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617\n[ 38 ] CVE-2013-0618\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618\n[ 39 ] CVE-2013-0619\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619\n[ 40 ] CVE-2013-0620\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620\n[ 41 ] CVE-2013-0621\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621\n[ 42 ] CVE-2013-0622\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622\n[ 43 ] CVE-2013-0623\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623\n[ 44 ] CVE-2013-0624\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624\n[ 45 ] CVE-2013-0626\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626\n[ 46 ] CVE-2013-0627\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627\n[ 47 ] CVE-2013-0640\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640\n[ 48 ] CVE-2013-0641\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641\n[ 49 ] CVE-2013-2549\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549\n[ 50 ] CVE-2013-2550\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550\n[ 51 ] CVE-2013-2718\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718\n[ 52 ] CVE-2013-2719\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719\n[ 53 ] CVE-2013-2720\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720\n[ 54 ] CVE-2013-2721\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721\n[ 55 ] CVE-2013-2722\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722\n[ 56 ] CVE-2013-2723\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723\n[ 57 ] CVE-2013-2724\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724\n[ 58 ] CVE-2013-2725\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725\n[ 59 ] CVE-2013-2726\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726\n[ 60 ] CVE-2013-2727\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727\n[ 61 ] CVE-2013-2729\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729\n[ 62 ] CVE-2013-2730\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730\n[ 63 ] CVE-2013-2731\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731\n[ 64 ] CVE-2013-2732\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732\n[ 65 ] CVE-2013-2733\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733\n[ 66 ] CVE-2013-2734\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734\n[ 67 ] CVE-2013-2735\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735\n[ 68 ] CVE-2013-2736\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736\n[ 69 ] CVE-2013-2737\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737\n[ 70 ] CVE-2013-3337\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337\n[ 71 ] CVE-2013-3338\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338\n[ 72 ] CVE-2013-3339\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339\n[ 73 ] CVE-2013-3340\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340\n[ 74 ] CVE-2013-3341\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341\n[ 75 ] CVE-2013-3342\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201308-03.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ----------------------------------------------------------------------\n\nThe new Secunia CSI 6.0 is now available in beta!\nSeamless integration with your existing security solutions Sign-up to \nbecome a Beta tester: http://secunia.com/csi6beta\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50281\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50281/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nRELEASE DATE:\n2012-08-14\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50281/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50281/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader and Adobe\nAcrobat, which can be exploited by malicious people to compromise a\nuser\u0027s system. \n\n1) An unspecified error can be exploited to cause a stack-based\nbuffer overflow. \n\n2) An unspecified error can be exploited to cause a buffer overflow. \n\n3) An unspecified error can be exploited to corrupt memory. \n\n4) Another unspecified error can be exploited to corrupt memory. \n\n5) Another unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to cause a heap-based buffer\noverflow. \n\n7) Multiple unspecified errors can be exploited to corrupt memory. \n\n8) Two unspecified errors can be exploited to corrupt memory. \n\nNote: Vulnerability #8 affects the Macintosh platform only. \n\nSuccessful exploitation of the vulnerabilities may allow execution of\narbitrary code. \n\nSOLUTION:\nApply updates. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1) Pavel Polischouk, TELUS Security Labs\n2) An anonymous person via Beyond Security\n3) Mateusz Jurczyk, Google Security Team\n4, 8) James Quirk\n5) John Leitch, Microsoft\n6) Nicolas Gr\\xe9goire via iDefense\n7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team\n\nORIGINAL ADVISORY:\nhttp://www.adobe.com/support/security/bulletins/apsb12-16.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4160"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003648"
},
{
"db": "BID",
"id": "55021"
},
{
"db": "VULHUB",
"id": "VHN-57441"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-4160",
"trust": 2.9
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003648",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201208-259",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "50281",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "20334",
"trust": 0.6
},
{
"db": "BID",
"id": "55021",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-57441",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "122930",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "115524",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57441"
},
{
"db": "BID",
"id": "55021"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003648"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-259"
},
{
"db": "NVD",
"id": "CVE-2012-4160"
}
]
},
"id": "VAR-201208-0435",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-57441"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:37:41.423000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"title": "APSB12-16 (cq08100817)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/acrobat/kb/cq08100817.html"
},
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb12-16.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20120816.html"
},
{
"title": "AcrobatUpd1014",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44040"
},
{
"title": "AdbeRdrUpd952_all_ppc",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44044"
},
{
"title": "AcroProUpd952_all",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44039"
},
{
"title": "AdbeRdrUpd952_all_i386",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44043"
},
{
"title": "AcrobatUpd1014",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44038"
},
{
"title": "AdbeRdrUpd1014",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44042"
},
{
"title": "AcrobatUpd952_all_incr",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44037"
},
{
"title": "AdbeRdrUpd952_all_incr",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44041"
},
{
"title": "AdbeRdrUpd1014",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44045"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003648"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-259"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57441"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003648"
},
{
"db": "NVD",
"id": "CVE-2012-4160"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"trust": 1.2,
"url": "http://security.gentoo.org/glsa/glsa-201308-03.xml"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a15968"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4160"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2012/at120023.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4160"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50281"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/20334"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3338"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4147"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4155"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4152"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2729"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2718"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0611"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2719"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2722"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4147"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4152"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0620"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2725"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2721"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1525"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4153"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0607"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0617"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4151"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0615"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0601"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1525"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2735"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2726"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2737"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2549"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4154"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2727"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0608"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4157"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1530"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2734"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4157"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4153"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4150"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3342"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0641"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0610"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2731"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0623"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2049"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2733"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2736"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3337"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2050"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2720"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0614"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1530"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2730"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0616"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4151"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0619"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4150"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4154"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3341"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2550"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0640"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4155"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2049"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2732"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2724"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0612"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0613"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2723"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2050"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0621"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0601"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/"
},
{
"trust": 0.1,
"url": "http://secunia.com/csi6beta"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57441"
},
{
"db": "BID",
"id": "55021"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003648"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-259"
},
{
"db": "NVD",
"id": "CVE-2012-4160"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-57441"
},
{
"db": "BID",
"id": "55021"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003648"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-259"
},
{
"db": "NVD",
"id": "CVE-2012-4160"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-15T00:00:00",
"db": "VULHUB",
"id": "VHN-57441"
},
{
"date": "2012-08-14T00:00:00",
"db": "BID",
"id": "55021"
},
{
"date": "2012-08-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003648"
},
{
"date": "2013-08-23T06:29:02",
"db": "PACKETSTORM",
"id": "122930"
},
{
"date": "2012-08-14T04:36:45",
"db": "PACKETSTORM",
"id": "115524"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-259"
},
{
"date": "2012-08-15T10:31:41.710000",
"db": "NVD",
"id": "CVE-2012-4160"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-57441"
},
{
"date": "2013-08-26T00:17:00",
"db": "BID",
"id": "55021"
},
{
"date": "2012-08-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003648"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-259"
},
{
"date": "2017-09-19T01:35:17.370000",
"db": "NVD",
"id": "CVE-2012-4160"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-259"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X upper Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003648"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-259"
}
],
"trust": 0.6
}
}
var-201208-0438
Vulnerability from variot
Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE-2012-4150, CVE-2012-4151, CVE-2012-4152, CVE-2012-4153, CVE-2012-4154, CVE-2012-4155, CVE-2012-4157, CVE-2012-4158, CVE-2012-4159, and CVE-2012-4160. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201308-03
http://security.gentoo.org/
Severity: High Title: Adobe Reader: Multiple vulnerabilities Date: August 22, 2013 Bugs: #431732, #451058, #469960 ID: 201308-03
Synopsis
Multiple vulnerabilities have been found in Adobe Reader, including potential remote execution of arbitrary code and local privilege escalation.
Background
Adobe Reader is a closed-source PDF reader.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.5.5 >= 9.5.5
Description
Multiple vulnerabilities have been discovered in Adobe Reader. Please review the CVE identifiers referenced below for details. A local attacker could gain privileges via unspecified vectors.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.5.5"
References
[ 1 ] CVE-2012-1525 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525 [ 2 ] CVE-2012-1530 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530 [ 3 ] CVE-2012-2049 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049 [ 4 ] CVE-2012-2050 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050 [ 5 ] CVE-2012-2051 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051 [ 6 ] CVE-2012-4147 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147 [ 7 ] CVE-2012-4148 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748 [ 8 ] CVE-2012-4149 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149 [ 9 ] CVE-2012-4150 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150 [ 10 ] CVE-2012-4151 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151 [ 11 ] CVE-2012-4152 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152 [ 12 ] CVE-2012-4153 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153 [ 13 ] CVE-2012-4154 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154 [ 14 ] CVE-2012-4155 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155 [ 15 ] CVE-2012-4156 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156 [ 16 ] CVE-2012-4157 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157 [ 17 ] CVE-2012-4158 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158 [ 18 ] CVE-2012-4159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159 [ 19 ] CVE-2012-4160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160 [ 20 ] CVE-2012-4363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363 [ 21 ] CVE-2013-0601 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601 [ 22 ] CVE-2013-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602 [ 23 ] CVE-2013-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603 [ 24 ] CVE-2013-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604 [ 25 ] CVE-2013-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605 [ 26 ] CVE-2013-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606 [ 27 ] CVE-2013-0607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607 [ 28 ] CVE-2013-0608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608 [ 29 ] CVE-2013-0609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609 [ 30 ] CVE-2013-0610 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610 [ 31 ] CVE-2013-0611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611 [ 32 ] CVE-2013-0612 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612 [ 33 ] CVE-2013-0613 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613 [ 34 ] CVE-2013-0614 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614 [ 35 ] CVE-2013-0615 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615 [ 36 ] CVE-2013-0616 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616 [ 37 ] CVE-2013-0617 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617 [ 38 ] CVE-2013-0618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618 [ 39 ] CVE-2013-0619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619 [ 40 ] CVE-2013-0620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620 [ 41 ] CVE-2013-0621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621 [ 42 ] CVE-2013-0622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622 [ 43 ] CVE-2013-0623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623 [ 44 ] CVE-2013-0624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624 [ 45 ] CVE-2013-0626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626 [ 46 ] CVE-2013-0627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627 [ 47 ] CVE-2013-0640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640 [ 48 ] CVE-2013-0641 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641 [ 49 ] CVE-2013-2549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549 [ 50 ] CVE-2013-2550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550 [ 51 ] CVE-2013-2718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718 [ 52 ] CVE-2013-2719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719 [ 53 ] CVE-2013-2720 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720 [ 54 ] CVE-2013-2721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721 [ 55 ] CVE-2013-2722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722 [ 56 ] CVE-2013-2723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723 [ 57 ] CVE-2013-2724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724 [ 58 ] CVE-2013-2725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725 [ 59 ] CVE-2013-2726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726 [ 60 ] CVE-2013-2727 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727 [ 61 ] CVE-2013-2729 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729 [ 62 ] CVE-2013-2730 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730 [ 63 ] CVE-2013-2731 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731 [ 64 ] CVE-2013-2732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732 [ 65 ] CVE-2013-2733 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733 [ 66 ] CVE-2013-2734 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734 [ 67 ] CVE-2013-2735 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735 [ 68 ] CVE-2013-2736 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736 [ 69 ] CVE-2013-2737 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737 [ 70 ] CVE-2013-3337 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337 [ 71 ] CVE-2013-3338 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338 [ 72 ] CVE-2013-3339 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339 [ 73 ] CVE-2013-3340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340 [ 74 ] CVE-2013-3341 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341 [ 75 ] CVE-2013-3342 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201308-03.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . ----------------------------------------------------------------------
The new Secunia CSI 6.0 is now available in beta! Seamless integration with your existing security solutions Sign-up to become a Beta tester: http://secunia.com/csi6beta
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50281
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50281/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
RELEASE DATE: 2012-08-14
DISCUSS ADVISORY: http://secunia.com/advisories/50281/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50281/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.
1) An unspecified error can be exploited to cause a stack-based buffer overflow.
2) An unspecified error can be exploited to cause a buffer overflow.
3) An unspecified error can be exploited to corrupt memory.
4) Another unspecified error can be exploited to corrupt memory.
5) Another unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to cause a heap-based buffer overflow.
7) Multiple unspecified errors can be exploited to corrupt memory.
8) Two unspecified errors can be exploited to corrupt memory.
Note: Vulnerability #8 affects the Macintosh platform only.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
SOLUTION: Apply updates.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1) Pavel Polischouk, TELUS Security Labs 2) An anonymous person via Beyond Security 3) Mateusz Jurczyk, Google Security Team 4, 8) James Quirk 5) John Leitch, Microsoft 6) Nicolas Gr\xe9goire via iDefense 7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team
ORIGINAL ADVISORY: http://www.adobe.com/support/security/bulletins/apsb12-16.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201208-0438",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (windows and macintosh)"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (windows and macintosh)"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "55017"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003644"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-255"
},
{
"db": "NVD",
"id": "CVE-2012-4156"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003644"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mateusz Jurczyk and Gynvael Coldwind, of the Google Security Team",
"sources": [
{
"db": "BID",
"id": "55017"
}
],
"trust": 0.3
},
"cve": "CVE-2012-4156",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2012-4156",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-57437",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-4156",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2012-4156",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201208-255",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-57437",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57437"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003644"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-255"
},
{
"db": "NVD",
"id": "CVE-2012-4156"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE-2012-4150, CVE-2012-4151, CVE-2012-4152, CVE-2012-4153, CVE-2012-4154, CVE-2012-4155, CVE-2012-4157, CVE-2012-4158, CVE-2012-4159, and CVE-2012-4160. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201308-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Adobe Reader: Multiple vulnerabilities\n Date: August 22, 2013\n Bugs: #431732, #451058, #469960\n ID: 201308-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Adobe Reader, including\npotential remote execution of arbitrary code and local privilege\nescalation. \n\nBackground\n==========\n\nAdobe Reader is a closed-source PDF reader. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/acroread \u003c 9.5.5 \u003e= 9.5.5\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Adobe Reader. Please\nreview the CVE identifiers referenced below for details. A local attacker could gain privileges via\nunspecified vectors. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.5.5\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-1525\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525\n[ 2 ] CVE-2012-1530\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530\n[ 3 ] CVE-2012-2049\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049\n[ 4 ] CVE-2012-2050\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050\n[ 5 ] CVE-2012-2051\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051\n[ 6 ] CVE-2012-4147\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147\n[ 7 ] CVE-2012-4148\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748\n[ 8 ] CVE-2012-4149\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149\n[ 9 ] CVE-2012-4150\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150\n[ 10 ] CVE-2012-4151\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151\n[ 11 ] CVE-2012-4152\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152\n[ 12 ] CVE-2012-4153\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153\n[ 13 ] CVE-2012-4154\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154\n[ 14 ] CVE-2012-4155\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155\n[ 15 ] CVE-2012-4156\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156\n[ 16 ] CVE-2012-4157\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157\n[ 17 ] CVE-2012-4158\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158\n[ 18 ] CVE-2012-4159\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159\n[ 19 ] CVE-2012-4160\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160\n[ 20 ] CVE-2012-4363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363\n[ 21 ] CVE-2013-0601\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601\n[ 22 ] CVE-2013-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602\n[ 23 ] CVE-2013-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603\n[ 24 ] CVE-2013-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604\n[ 25 ] CVE-2013-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605\n[ 26 ] CVE-2013-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606\n[ 27 ] CVE-2013-0607\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607\n[ 28 ] CVE-2013-0608\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608\n[ 29 ] CVE-2013-0609\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609\n[ 30 ] CVE-2013-0610\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610\n[ 31 ] CVE-2013-0611\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611\n[ 32 ] CVE-2013-0612\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612\n[ 33 ] CVE-2013-0613\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613\n[ 34 ] CVE-2013-0614\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614\n[ 35 ] CVE-2013-0615\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615\n[ 36 ] CVE-2013-0616\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616\n[ 37 ] CVE-2013-0617\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617\n[ 38 ] CVE-2013-0618\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618\n[ 39 ] CVE-2013-0619\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619\n[ 40 ] CVE-2013-0620\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620\n[ 41 ] CVE-2013-0621\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621\n[ 42 ] CVE-2013-0622\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622\n[ 43 ] CVE-2013-0623\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623\n[ 44 ] CVE-2013-0624\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624\n[ 45 ] CVE-2013-0626\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626\n[ 46 ] CVE-2013-0627\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627\n[ 47 ] CVE-2013-0640\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640\n[ 48 ] CVE-2013-0641\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641\n[ 49 ] CVE-2013-2549\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549\n[ 50 ] CVE-2013-2550\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550\n[ 51 ] CVE-2013-2718\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718\n[ 52 ] CVE-2013-2719\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719\n[ 53 ] CVE-2013-2720\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720\n[ 54 ] CVE-2013-2721\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721\n[ 55 ] CVE-2013-2722\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722\n[ 56 ] CVE-2013-2723\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723\n[ 57 ] CVE-2013-2724\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724\n[ 58 ] CVE-2013-2725\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725\n[ 59 ] CVE-2013-2726\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726\n[ 60 ] CVE-2013-2727\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727\n[ 61 ] CVE-2013-2729\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729\n[ 62 ] CVE-2013-2730\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730\n[ 63 ] CVE-2013-2731\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731\n[ 64 ] CVE-2013-2732\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732\n[ 65 ] CVE-2013-2733\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733\n[ 66 ] CVE-2013-2734\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734\n[ 67 ] CVE-2013-2735\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735\n[ 68 ] CVE-2013-2736\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736\n[ 69 ] CVE-2013-2737\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737\n[ 70 ] CVE-2013-3337\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337\n[ 71 ] CVE-2013-3338\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338\n[ 72 ] CVE-2013-3339\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339\n[ 73 ] CVE-2013-3340\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340\n[ 74 ] CVE-2013-3341\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341\n[ 75 ] CVE-2013-3342\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201308-03.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ----------------------------------------------------------------------\n\nThe new Secunia CSI 6.0 is now available in beta!\nSeamless integration with your existing security solutions Sign-up to \nbecome a Beta tester: http://secunia.com/csi6beta\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50281\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50281/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nRELEASE DATE:\n2012-08-14\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50281/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50281/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader and Adobe\nAcrobat, which can be exploited by malicious people to compromise a\nuser\u0027s system. \n\n1) An unspecified error can be exploited to cause a stack-based\nbuffer overflow. \n\n2) An unspecified error can be exploited to cause a buffer overflow. \n\n3) An unspecified error can be exploited to corrupt memory. \n\n4) Another unspecified error can be exploited to corrupt memory. \n\n5) Another unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to cause a heap-based buffer\noverflow. \n\n7) Multiple unspecified errors can be exploited to corrupt memory. \n\n8) Two unspecified errors can be exploited to corrupt memory. \n\nNote: Vulnerability #8 affects the Macintosh platform only. \n\nSuccessful exploitation of the vulnerabilities may allow execution of\narbitrary code. \n\nSOLUTION:\nApply updates. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1) Pavel Polischouk, TELUS Security Labs\n2) An anonymous person via Beyond Security\n3) Mateusz Jurczyk, Google Security Team\n4, 8) James Quirk\n5) John Leitch, Microsoft\n6) Nicolas Gr\\xe9goire via iDefense\n7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team\n\nORIGINAL ADVISORY:\nhttp://www.adobe.com/support/security/bulletins/apsb12-16.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4156"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003644"
},
{
"db": "BID",
"id": "55017"
},
{
"db": "VULHUB",
"id": "VHN-57437"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-4156",
"trust": 2.9
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003644",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201208-255",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "50281",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "20338",
"trust": 0.6
},
{
"db": "BID",
"id": "55017",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-57437",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "122930",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "115524",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57437"
},
{
"db": "BID",
"id": "55017"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003644"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-255"
},
{
"db": "NVD",
"id": "CVE-2012-4156"
}
]
},
"id": "VAR-201208-0438",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-57437"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:04:34.055000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"title": "APSB12-16 (cq08100817)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/acrobat/kb/cq08100817.html"
},
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb12-16.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20120816.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003644"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57437"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003644"
},
{
"db": "NVD",
"id": "CVE-2012-4156"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"trust": 1.2,
"url": "http://security.gentoo.org/glsa/glsa-201308-03.xml"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16169"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4156"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2012/at120023.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4156"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50281"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/20338"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3338"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4147"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4155"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4152"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2729"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2718"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0611"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2719"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2722"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4147"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4152"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0620"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2725"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2721"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1525"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4153"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0607"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0617"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4151"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0615"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0601"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1525"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2735"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2726"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2737"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2549"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4154"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2727"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0608"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4157"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1530"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2734"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4157"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4153"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4150"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3342"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0641"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0610"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2731"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0623"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2049"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2733"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2736"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3337"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2050"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2720"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0614"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1530"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2730"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0616"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4151"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0619"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4150"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4154"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3341"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2550"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0640"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4155"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2049"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2732"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2724"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0612"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0613"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2723"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2050"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0621"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0601"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/"
},
{
"trust": 0.1,
"url": "http://secunia.com/csi6beta"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57437"
},
{
"db": "BID",
"id": "55017"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003644"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-255"
},
{
"db": "NVD",
"id": "CVE-2012-4156"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-57437"
},
{
"db": "BID",
"id": "55017"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003644"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-255"
},
{
"db": "NVD",
"id": "CVE-2012-4156"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-15T00:00:00",
"db": "VULHUB",
"id": "VHN-57437"
},
{
"date": "2012-08-14T00:00:00",
"db": "BID",
"id": "55017"
},
{
"date": "2012-08-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003644"
},
{
"date": "2013-08-23T06:29:02",
"db": "PACKETSTORM",
"id": "122930"
},
{
"date": "2012-08-14T04:36:45",
"db": "PACKETSTORM",
"id": "115524"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-255"
},
{
"date": "2012-08-15T10:31:41.553000",
"db": "NVD",
"id": "CVE-2012-4156"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-57437"
},
{
"date": "2013-08-26T00:16:00",
"db": "BID",
"id": "55017"
},
{
"date": "2012-08-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003644"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-255"
},
{
"date": "2017-09-19T01:35:17.073000",
"db": "NVD",
"id": "CVE-2012-4156"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-255"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X upper Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003644"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-255"
}
],
"trust": 0.6
}
}
var-201510-0045
Vulnerability from variot
The ANSendForBrowserReview method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the ANSendForBrowserReview method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the ANSendForBrowserReview method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0045",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-496"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005298"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-245"
},
{
"db": "NVD",
"id": "CVE-2015-7620"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005298"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Matt Molinyawe and Jasiel Spelman of HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-496"
}
],
"trust": 0.7
},
"cve": "CVE-2015-7620",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-7620",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.7,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-7620",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-85581",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-7620",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-7620",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-7620",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-245",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-85581",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-496"
},
{
"db": "VULHUB",
"id": "VHN-85581"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005298"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-245"
},
{
"db": "NVD",
"id": "CVE-2015-7620"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The ANSendForBrowserReview method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the ANSendForBrowserReview method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the ANSendForBrowserReview method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7620"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005298"
},
{
"db": "ZDI",
"id": "ZDI-15-496"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "VULHUB",
"id": "VHN-85581"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-7620",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-496",
"trust": 2.4
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005298",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3080",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-245",
"trust": 0.7
},
{
"db": "BID",
"id": "77074",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-85581",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-496"
},
{
"db": "VULHUB",
"id": "VHN-85581"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005298"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-245"
},
{
"db": "NVD",
"id": "CVE-2015-7620"
}
]
},
"id": "VAR-201510-0045",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-85581"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:37.420000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58094"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-496"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005298"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-245"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85581"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005298"
},
{
"db": "NVD",
"id": "CVE-2015-7620"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-496"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7620"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7620"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-496"
},
{
"db": "VULHUB",
"id": "VHN-85581"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005298"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-245"
},
{
"db": "NVD",
"id": "CVE-2015-7620"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-496"
},
{
"db": "VULHUB",
"id": "VHN-85581"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005298"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-245"
},
{
"db": "NVD",
"id": "CVE-2015-7620"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-496"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-85581"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005298"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-245"
},
{
"date": "2015-10-14T23:59:53.887000",
"db": "NVD",
"id": "CVE-2015-7620"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-496"
},
{
"date": "2020-05-19T00:00:00",
"db": "VULHUB",
"id": "VHN-85581"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005298"
},
{
"date": "2020-05-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-245"
},
{
"date": "2021-09-08T17:19:32.610000",
"db": "NVD",
"id": "CVE-2015-7620"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-245"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of ANSendForBrowserReview In the method JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005298"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-245"
}
],
"trust": 0.6
}
}
var-201505-0310
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, and CVE-2015-3074. This vulnerability CVE-2015-3060 , CVE-2015-3061 , CVE-2015-3062 , CVE-2015-3063 , CVE-2015-3064 , CVE-2015-3065 , CVE-2015-3066 , CVE-2015-3067 , CVE-2015-3068 , CVE-2015-3069 , CVE-2015-3071 , CVE-2015-3072 and CVE-2015-3074 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlBy the attacker, JavaScript API May limit the execution limit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within AFParseDate. By creating a specially crafted PDF with specific JavaScript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Reader and Acrobat are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201505-0310",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-197"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002651"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-186"
},
{
"db": "NVD",
"id": "CVE-2015-3073"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002651"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-197"
}
],
"trust": 0.7
},
"cve": "CVE-2015-3073",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3073",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-3073",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-81034",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3073",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-3073",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-3073",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-186",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-81034",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-3073",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-197"
},
{
"db": "VULHUB",
"id": "VHN-81034"
},
{
"db": "VULMON",
"id": "CVE-2015-3073"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002651"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-186"
},
{
"db": "NVD",
"id": "CVE-2015-3073"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, and CVE-2015-3074. This vulnerability CVE-2015-3060 , CVE-2015-3061 , CVE-2015-3062 , CVE-2015-3063 , CVE-2015-3064 , CVE-2015-3065 , CVE-2015-3066 , CVE-2015-3067 , CVE-2015-3068 , CVE-2015-3069 , CVE-2015-3071 , CVE-2015-3072 and CVE-2015-3074 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlBy the attacker, JavaScript API May limit the execution limit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within AFParseDate. By creating a specially crafted PDF with specific JavaScript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Reader and Acrobat are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3073"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002651"
},
{
"db": "ZDI",
"id": "ZDI-15-197"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "VULHUB",
"id": "VHN-81034"
},
{
"db": "VULMON",
"id": "CVE-2015-3073"
}
],
"trust": 2.7
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-81034",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=38344",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81034"
},
{
"db": "VULMON",
"id": "CVE-2015-3073"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3073",
"trust": 3.6
},
{
"db": "ZDI",
"id": "ZDI-15-197",
"trust": 1.9
},
{
"db": "BID",
"id": "74604",
"trust": 1.5
},
{
"db": "SECTRACK",
"id": "1032284",
"trust": 1.2
},
{
"db": "EXPLOIT-DB",
"id": "38344",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002651",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2665",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201505-186",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-81034",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-3073",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-197"
},
{
"db": "VULHUB",
"id": "VHN-81034"
},
{
"db": "VULMON",
"id": "CVE-2015-3073"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002651"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-186"
},
{
"db": "NVD",
"id": "CVE-2015-3073"
}
]
},
"id": "VAR-201505-0310",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81034"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:34:02.856000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-10",
"trust": 1.5,
"url": "http://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb15-10.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150514.html"
},
{
"title": "CVE-2015-3073",
"trust": 0.1,
"url": "https://github.com/reigningshells/CVE-2015-3073 "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-197"
},
{
"db": "VULMON",
"id": "CVE-2015-3073"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002651"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-284",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81034"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002651"
},
{
"db": "NVD",
"id": "CVE-2015-3073"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"trust": 1.3,
"url": "http://www.securityfocus.com/bid/74604"
},
{
"trust": 1.3,
"url": "https://www.exploit-db.com/exploits/38344/"
},
{
"trust": 1.2,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-197"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1032284"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3073"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150513-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3073"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=16279"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/284.html"
},
{
"trust": 0.1,
"url": "https://github.com/reigningshells/cve-2015-3073"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-197"
},
{
"db": "VULHUB",
"id": "VHN-81034"
},
{
"db": "VULMON",
"id": "CVE-2015-3073"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002651"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-186"
},
{
"db": "NVD",
"id": "CVE-2015-3073"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-197"
},
{
"db": "VULHUB",
"id": "VHN-81034"
},
{
"db": "VULMON",
"id": "CVE-2015-3073"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002651"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-186"
},
{
"db": "NVD",
"id": "CVE-2015-3073"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-197"
},
{
"date": "2015-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-81034"
},
{
"date": "2015-05-13T00:00:00",
"db": "VULMON",
"id": "CVE-2015-3073"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74604"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002651"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-186"
},
{
"date": "2015-05-13T11:00:07.123000",
"db": "NVD",
"id": "CVE-2015-3073"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-197"
},
{
"date": "2017-01-05T00:00:00",
"db": "VULHUB",
"id": "VHN-81034"
},
{
"date": "2017-01-05T00:00:00",
"db": "VULMON",
"id": "CVE-2015-3073"
},
{
"date": "2015-05-15T01:17:00",
"db": "BID",
"id": "74604"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002651"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-186"
},
{
"date": "2017-01-05T20:06:01.730000",
"db": "NVD",
"id": "CVE-2015-3073"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-186"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat In JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002651"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "74604"
}
],
"trust": 0.3
}
}
var-201405-0218
Vulnerability from variot
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the AcroPDF ActiveX control. The issue lies in the messageHandler property of the control. By manipulating the messageHandler's attributes an attacker can force a dangling pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code under the context of the current process. Failed exploit attempts likely result in denial-of-service conditions. The affected products are: Adobe Reader 11.x versions prior to 11.0.07 Adobe Reader 10.x versions prior to 10.1.10 Adobe Acrobat 11.x versions prior to 11.0.07 Adobe Acrobat 10.x versions prior to 10.1.10. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201405-0218",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.07)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.10)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.07)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.10)"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-128"
},
{
"db": "BID",
"id": "67367"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002487"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-252"
},
{
"db": "NVD",
"id": "CVE-2014-0527"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002487"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "chkr_d591",
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-128"
}
],
"trust": 0.7
},
"cve": "CVE-2014-0527",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-0527",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2014-0527",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-68020",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-0527",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-0527",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2014-0527",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201405-252",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-68020",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-128"
},
{
"db": "VULHUB",
"id": "VHN-68020"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002487"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-252"
},
{
"db": "NVD",
"id": "CVE-2014-0527"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the AcroPDF ActiveX control. The issue lies in the messageHandler property of the control. By manipulating the messageHandler\u0027s attributes an attacker can force a dangling pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code under the context of the current process. Failed exploit attempts likely result in denial-of-service conditions. \nThe affected products are:\nAdobe Reader 11.x versions prior to 11.0.07\nAdobe Reader 10.x versions prior to 10.1.10\nAdobe Acrobat 11.x versions prior to 11.0.07\nAdobe Acrobat 10.x versions prior to 10.1.10. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0527"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002487"
},
{
"db": "ZDI",
"id": "ZDI-14-128"
},
{
"db": "BID",
"id": "67367"
},
{
"db": "VULHUB",
"id": "VHN-68020"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0527",
"trust": 3.5
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002487",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2001",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-14-128",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201405-252",
"trust": 0.7
},
{
"db": "BID",
"id": "67367",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-68020",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-128"
},
{
"db": "VULHUB",
"id": "VHN-68020"
},
{
"db": "BID",
"id": "67367"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002487"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-252"
},
{
"db": "NVD",
"id": "CVE-2014-0527"
}
]
},
"id": "VAR-201405-0218",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-68020"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T14:40:22.018000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB14-15",
"trust": 1.5,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-15.html"
},
{
"title": "APSB14-15",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb14-15.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20140515.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-128"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002487"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68020"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002487"
},
{
"db": "NVD",
"id": "CVE-2014-0527"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-15.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0527"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20140514-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140023.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0527"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=13798"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/reader/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-128"
},
{
"db": "VULHUB",
"id": "VHN-68020"
},
{
"db": "BID",
"id": "67367"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002487"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-252"
},
{
"db": "NVD",
"id": "CVE-2014-0527"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-14-128"
},
{
"db": "VULHUB",
"id": "VHN-68020"
},
{
"db": "BID",
"id": "67367"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002487"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-252"
},
{
"db": "NVD",
"id": "CVE-2014-0527"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-05-13T00:00:00",
"db": "ZDI",
"id": "ZDI-14-128"
},
{
"date": "2014-05-14T00:00:00",
"db": "VULHUB",
"id": "VHN-68020"
},
{
"date": "2014-05-13T00:00:00",
"db": "BID",
"id": "67367"
},
{
"date": "2014-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002487"
},
{
"date": "2014-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-252"
},
{
"date": "2014-05-14T11:13:05.477000",
"db": "NVD",
"id": "CVE-2014-0527"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-05-13T00:00:00",
"db": "ZDI",
"id": "ZDI-14-128"
},
{
"date": "2014-05-14T00:00:00",
"db": "VULHUB",
"id": "VHN-68020"
},
{
"date": "2014-05-21T00:42:00",
"db": "BID",
"id": "67367"
},
{
"date": "2014-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002487"
},
{
"date": "2014-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-252"
},
{
"date": "2014-05-14T14:52:00.923000",
"db": "NVD",
"id": "CVE-2014-0527"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201405-252"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002487"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201405-252"
}
],
"trust": 0.6
}
}
var-201102-0071
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. Adobe Reader and Acrobat Any code that could be executed or service disruption (DoS) There is a vulnerability that becomes a condition.By the attacker Web Script or HTML May be inserted. Adobe Acrobat and Reader are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Adobe Reader and Acrobat versions prior to 9.4.2 and 10.0.1 are affected. ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA43207
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43207/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
RELEASE DATE: 2011-02-09
DISCUSS ADVISORY: http://secunia.com/advisories/43207/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43207/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader / Acrobat, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks and compromise a user's system.
2) An unspecified error can be exploited to corrupt memory.
3) An unspecified error related to file permissions in Windows-based versions can be exploited to gain escalated privileges.
4) An unspecified error may allow code execution.
5) An unspecified error when parsing images can be exploited to corrupt memory.
6) An error in AcroRd32.dll when parsing certain images can be exploited to corrupt memory.
7) An unspecified error in the Macintosh-based versions may allow code execution.
9) An unspecified error may allow code execution.
10) A input validation error may allow code execution.
11) An input validation error can be exploited to conduct cross-site scripting attacks.
13) An unspecified error can be exploited to corrupt memory.
14) A boundary error when decoding U3D image data in an IFF file can be exploited to cause a buffer overflow.
15) A boundary error when decoding U3D image data in a RGBA file can be exploited to cause a buffer overflow.
16) A boundary error when decoding U3D image data in a BMP file can be exploited to cause a buffer overflow.
17) A boundary error when decoding U3D image data in a PSD file can be exploited to cause a buffer overflow.
18) An input validation error when parsing fonts may allow code execution.
19) A boundary error when decoding U3D image data in a FLI file can be exploited to cause a buffer overflow.
20) An error in 2d.dll when parsing height and width values of RLE_8 compressed BMP files can be exploited to cause a heap-based buffer overflow.
21) An integer overflow in ACE.dll when parsing certain ICC data can be exploited to cause a buffer overflow.
22) A boundary error in rt3d.dll when parsing bits per pixel and number of colors if 4/8-bit RLE compressed BMP files can be exploited to cause a heap-based buffer overflow.
23) An error in the U3D implementation when handling the Parent Node count can be exploited to cause a buffer overflow.
24) A boundary error when processing JPEG files embedded in a PDF file can be exploited to corrupt heap memory.
25) An unspecified error when parsing images may allow code execution.
26) An input validation error can be exploited to conduct cross-site scripting attacks.
27) An unspecified error in the Macintosh-based versions may allow code execution.
28) A boundary error in rt3d.dll when parsing certain files can be exploited to cause a stack-based buffer overflow.
29) An integer overflow in the U3D implementation when parsing a ILBM texture file can be exploited to cause a buffer overflow.
30) Some vulnerabilities are caused due to vulnerabilities in the bundled version of Adobe Flash Player.
For more information: SA43267
The vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1 and prior, and 10.0 and prior.
SOLUTION: Update to version 8.2.6, 9.4.2, or 10.0.1.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: 2) Bing Liu, Fortinet's FortiGuard Labs. 6) Abdullah Ada via ZDI. 8) Haifei Li, Fortinet's FortiGuard Labs. 14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. 21) Sebastian Apelt via ZDI. 23) el via ZDI. 14) Sean Larsson, iDefense Labs. 28) An anonymous person via ZDI.
The vendor also credits: 1) Mitja Kolsek, ACROS Security. 3) Matthew Pun. 4, 5, 18) Tavis Ormandy, Google Security Team. 7) James Quirk. 9) Brett Gervasoni, Sense of Security. 10) Joe Schatz. 11, 26) Billy Rios, Google Security Team. 12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. 13) CESG. 25) Will Dormann, CERT. 27) Marc Schoenefeld, Red Hat Security Response Team.
ORIGINAL ADVISORY: Adobe (APSB11-03) http://www.adobe.com/support/security/bulletins/apsb11-03.html http://www.adobe.com/support/security/bulletins/apsb11-02.html
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-065/ http://www.zerodayinitiative.com/advisories/ZDI-11-066/ http://www.zerodayinitiative.com/advisories/ZDI-11-067/ http://www.zerodayinitiative.com/advisories/ZDI-11-068/ http://www.zerodayinitiative.com/advisories/ZDI-11-069/ http://www.zerodayinitiative.com/advisories/ZDI-11-070/ http://www.zerodayinitiative.com/advisories/ZDI-11-071/ http://www.zerodayinitiative.com/advisories/ZDI-11-072/ http://www.zerodayinitiative.com/advisories/ZDI-11-073/ http://www.zerodayinitiative.com/advisories/ZDI-11-074/ http://www.zerodayinitiative.com/advisories/ZDI-11-075/ http://www.zerodayinitiative.com/advisories/ZDI-11-077/
FortiGuard Labs: http://www.fortiguard.com/advisory/FGA-2011-06.html
iDefense: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201201-19
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: January 30, 2012 Bugs: #354211, #382969, #393481 ID: 201201-19
Synopsis
Multiple vulnerabilities in Adobe Reader might allow remote attackers to execute arbitrary code or conduct various other attacks.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.4.7 >= 9.4.7=20
Description
Multiple vulnerabilities have been discovered in Adobe Reader. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open a specially crafted PDF file using Adobe Reader, possibly resulting in the remote execution of arbitrary code, a Denial of Service, or other impact.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.7"
References
[ 1 ] CVE-2010-4091 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091 [ 2 ] CVE-2011-0562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562 [ 3 ] CVE-2011-0563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563 [ 4 ] CVE-2011-0565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565 [ 5 ] CVE-2011-0566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566 [ 6 ] CVE-2011-0567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567 [ 7 ] CVE-2011-0570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570 [ 8 ] CVE-2011-0585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585 [ 9 ] CVE-2011-0586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586 [ 10 ] CVE-2011-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587 [ 11 ] CVE-2011-0588 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588 [ 12 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 13 ] CVE-2011-0590 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590 [ 14 ] CVE-2011-0591 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591 [ 15 ] CVE-2011-0592 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592 [ 16 ] CVE-2011-0593 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593 [ 17 ] CVE-2011-0594 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594 [ 18 ] CVE-2011-0595 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595 [ 19 ] CVE-2011-0596 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596 [ 20 ] CVE-2011-0598 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598 [ 21 ] CVE-2011-0599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599 [ 22 ] CVE-2011-0600 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600 [ 23 ] CVE-2011-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602 [ 24 ] CVE-2011-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603 [ 25 ] CVE-2011-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604 [ 26 ] CVE-2011-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605 [ 27 ] CVE-2011-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606 [ 28 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 29 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 30 ] CVE-2011-2135 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 31 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 32 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 33 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 34 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 35 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 36 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 37 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 38 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 39 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 40 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 41 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 42 ] CVE-2011-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431 [ 43 ] CVE-2011-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432 [ 44 ] CVE-2011-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433 [ 45 ] CVE-2011-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434 [ 46 ] CVE-2011-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435 [ 47 ] CVE-2011-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436 [ 48 ] CVE-2011-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437 [ 49 ] CVE-2011-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438 [ 50 ] CVE-2011-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439 [ 51 ] CVE-2011-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440 [ 52 ] CVE-2011-2441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441 [ 53 ] CVE-2011-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442 [ 54 ] CVE-2011-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462 [ 55 ] CVE-2011-4369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201201-19.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0071",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat professional extended",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
}
],
"sources": [
{
"db": "BID",
"id": "46200"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001215"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-132"
},
{
"db": "NVD",
"id": "CVE-2011-0605"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001215"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Marc Schoenefeld",
"sources": [
{
"db": "BID",
"id": "46200"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-132"
}
],
"trust": 0.9
},
"cve": "CVE-2011-0605",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2011-0605",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-48550",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-0605",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2011-0605",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-132",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-48550",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48550"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001215"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-132"
},
{
"db": "NVD",
"id": "CVE-2011-0605"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. Adobe Reader and Acrobat Any code that could be executed or service disruption (DoS) There is a vulnerability that becomes a condition.By the attacker Web Script or HTML May be inserted. Adobe Acrobat and Reader are prone to a remote memory-corruption vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. \nAdobe Reader and Acrobat versions prior to 9.4.2 and 10.0.1 are affected. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA43207\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43207/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nRELEASE DATE:\n2011-02-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43207/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43207/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader /\nAcrobat, which can be exploited by malicious, local users to gain\nescalated privileges and by malicious people to conduct cross-site\nscripting attacks and compromise a user\u0027s system. \n\n2) An unspecified error can be exploited to corrupt memory. \n\n3) An unspecified error related to file permissions in Windows-based\nversions can be exploited to gain escalated privileges. \n\n4) An unspecified error may allow code execution. \n\n5) An unspecified error when parsing images can be exploited to\ncorrupt memory. \n\n6) An error in AcroRd32.dll when parsing certain images can be\nexploited to corrupt memory. \n\n7) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n9) An unspecified error may allow code execution. \n\n10) A input validation error may allow code execution. \n\n11) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n13) An unspecified error can be exploited to corrupt memory. \n\n14) A boundary error when decoding U3D image data in an IFF file can\nbe exploited to cause a buffer overflow. \n\n15) A boundary error when decoding U3D image data in a RGBA file can\nbe exploited to cause a buffer overflow. \n\n16) A boundary error when decoding U3D image data in a BMP file can\nbe exploited to cause a buffer overflow. \n\n17) A boundary error when decoding U3D image data in a PSD file can\nbe exploited to cause a buffer overflow. \n\n18) An input validation error when parsing fonts may allow code\nexecution. \n\n19) A boundary error when decoding U3D image data in a FLI file can\nbe exploited to cause a buffer overflow. \n\n20) An error in 2d.dll when parsing height and width values of RLE_8\ncompressed BMP files can be exploited to cause a heap-based buffer\noverflow. \n\n21) An integer overflow in ACE.dll when parsing certain ICC data can\nbe exploited to cause a buffer overflow. \n\n22) A boundary error in rt3d.dll when parsing bits per pixel and\nnumber of colors if 4/8-bit RLE compressed BMP files can be exploited\nto cause a heap-based buffer overflow. \n\n23) An error in the U3D implementation when handling the Parent Node\ncount can be exploited to cause a buffer overflow. \n\n24) A boundary error when processing JPEG files embedded in a PDF\nfile can be exploited to corrupt heap memory. \n\n25) An unspecified error when parsing images may allow code\nexecution. \n\n26) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n27) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n28) A boundary error in rt3d.dll when parsing certain files can be\nexploited to cause a stack-based buffer overflow. \n\n29) An integer overflow in the U3D implementation when parsing a ILBM\ntexture file can be exploited to cause a buffer overflow. \n\n30) Some vulnerabilities are caused due to vulnerabilities in the\nbundled version of Adobe Flash Player. \n\nFor more information:\nSA43267\n\nThe vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1\nand prior, and 10.0 and prior. \n\nSOLUTION:\nUpdate to version 8.2.6, 9.4.2, or 10.0.1. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\n2) Bing Liu, Fortinet\u0027s FortiGuard Labs. \n6) Abdullah Ada via ZDI. \n8) Haifei Li, Fortinet\u0027s FortiGuard Labs. \n14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. \n21) Sebastian Apelt via ZDI. \n23) el via ZDI. \n14) Sean Larsson, iDefense Labs. \n28) An anonymous person via ZDI. \n\nThe vendor also credits:\n1) Mitja Kolsek, ACROS Security. \n3) Matthew Pun. \n4, 5, 18) Tavis Ormandy, Google Security Team. \n7) James Quirk. \n9) Brett Gervasoni, Sense of Security. \n10) Joe Schatz. \n11, 26) Billy Rios, Google Security Team. \n12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. \n13) CESG. \n25) Will Dormann, CERT. \n27) Marc Schoenefeld, Red Hat Security Response Team. \n\nORIGINAL ADVISORY:\nAdobe (APSB11-03)\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-02.html\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-065/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-066/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-067/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-068/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-069/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-070/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-071/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-072/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-073/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-074/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-075/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-077/\n\nFortiGuard Labs:\nhttp://www.fortiguard.com/advisory/FGA-2011-06.html\n\niDefense:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201201-19\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: January 30, 2012\n Bugs: #354211, #382969, #393481\n ID: 201201-19\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might allow remote attackers\nto execute arbitrary code or conduct various other attacks. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/acroread \u003c 9.4.7 \u003e= 9.4.7=20\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Adobe Reader. Please\nreview the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could entice a user to open a specially crafted PDF\nfile using Adobe Reader, possibly resulting in the remote execution of\narbitrary code, a Denial of Service, or other impact. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.4.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-4091\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091\n[ 2 ] CVE-2011-0562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562\n[ 3 ] CVE-2011-0563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563\n[ 4 ] CVE-2011-0565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565\n[ 5 ] CVE-2011-0566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566\n[ 6 ] CVE-2011-0567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567\n[ 7 ] CVE-2011-0570\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570\n[ 8 ] CVE-2011-0585\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585\n[ 9 ] CVE-2011-0586\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586\n[ 10 ] CVE-2011-0587\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587\n[ 11 ] CVE-2011-0588\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588\n[ 12 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 13 ] CVE-2011-0590\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590\n[ 14 ] CVE-2011-0591\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591\n[ 15 ] CVE-2011-0592\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592\n[ 16 ] CVE-2011-0593\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593\n[ 17 ] CVE-2011-0594\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594\n[ 18 ] CVE-2011-0595\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595\n[ 19 ] CVE-2011-0596\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596\n[ 20 ] CVE-2011-0598\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598\n[ 21 ] CVE-2011-0599\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599\n[ 22 ] CVE-2011-0600\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600\n[ 23 ] CVE-2011-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602\n[ 24 ] CVE-2011-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603\n[ 25 ] CVE-2011-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604\n[ 26 ] CVE-2011-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605\n[ 27 ] CVE-2011-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606\n[ 28 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 29 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 30 ] CVE-2011-2135\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 31 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 32 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 33 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 34 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 35 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 36 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 37 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 38 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 39 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 40 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 41 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 42 ] CVE-2011-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431\n[ 43 ] CVE-2011-2432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432\n[ 44 ] CVE-2011-2433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433\n[ 45 ] CVE-2011-2434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434\n[ 46 ] CVE-2011-2435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435\n[ 47 ] CVE-2011-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436\n[ 48 ] CVE-2011-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437\n[ 49 ] CVE-2011-2438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438\n[ 50 ] CVE-2011-2439\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439\n[ 51 ] CVE-2011-2440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440\n[ 52 ] CVE-2011-2441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441\n[ 53 ] CVE-2011-2442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442\n[ 54 ] CVE-2011-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462\n[ 55 ] CVE-2011-4369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201201-19.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0605"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001215"
},
{
"db": "BID",
"id": "46200"
},
{
"db": "VULHUB",
"id": "VHN-48550"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-0605",
"trust": 2.9
},
{
"db": "BID",
"id": "46200",
"trust": 2.2
},
{
"db": "SECTRACK",
"id": "1025033",
"trust": 1.9
},
{
"db": "VUPEN",
"id": "ADV-2011-0337",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "43207",
"trust": 1.0
},
{
"db": "XF",
"id": "65308",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001215",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201102-132",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-48550",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-074",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-071",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-070",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-066",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-067",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-077",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-073",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-072",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-065",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-068",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-075",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-069",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98320",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109194",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48550"
},
{
"db": "BID",
"id": "46200"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001215"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-132"
},
{
"db": "NVD",
"id": "CVE-2011-0605"
}
]
},
"id": "VAR-201102-0071",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48550"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:30:07.020000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-03",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"title": "cpsid_89065",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/890/cpsid_89065.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001215"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48550"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001215"
},
{
"db": "NVD",
"id": "CVE-2011-0605"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/46200"
},
{
"trust": 1.9,
"url": "http://www.securitytracker.com/id?1025033"
},
{
"trust": 1.9,
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a13890"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65308"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0605"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/65308"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2011/at110004.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0605"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/43207"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-066/"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-068/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-065/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/vim/section_179/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-072/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-073/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-069/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-075/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-070/"
},
{
"trust": 0.1,
"url": "http://www.fortiguard.com/advisory/fga-2011-06.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-077/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-067/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-071/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-074/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48550"
},
{
"db": "BID",
"id": "46200"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001215"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-132"
},
{
"db": "NVD",
"id": "CVE-2011-0605"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-48550"
},
{
"db": "BID",
"id": "46200"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001215"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-132"
},
{
"db": "NVD",
"id": "CVE-2011-0605"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-48550"
},
{
"date": "2011-02-08T00:00:00",
"db": "BID",
"id": "46200"
},
{
"date": "2011-03-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001215"
},
{
"date": "2011-02-09T03:30:01",
"db": "PACKETSTORM",
"id": "98320"
},
{
"date": "2012-01-31T00:07:37",
"db": "PACKETSTORM",
"id": "109194"
},
{
"date": "2011-02-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-132"
},
{
"date": "2011-02-10T18:00:59.003000",
"db": "NVD",
"id": "CVE-2011-0605"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-48550"
},
{
"date": "2013-06-20T09:41:00",
"db": "BID",
"id": "46200"
},
{
"date": "2011-03-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001215"
},
{
"date": "2011-02-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-132"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2011-0605"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-132"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001215"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-132"
}
],
"trust": 0.6
}
}
var-201010-0354
Vulnerability from variot
Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010. Adobe Flash Contains a vulnerability that allows arbitrary code execution. Adobe Flash Contains a memory corruption vulnerability that could allow arbitrary code execution. Attack activity using this vulnerability has been confirmed.Crafted Flash By browsing a document with embedded content, arbitrary code may be executed. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Adobe Flash Player is a cross-platform, browser-based multimedia player product from Adobe. The product enables viewing of applications, content and video across screens and browsers.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201101-08
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: January 21, 2011 Bugs: #336508, #343091 ID: 201101-08
Synopsis
Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.4.1 >= 9.4.1
Description
Multiple vulnerabilities were discovered in Adobe Reader. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest stable version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.1"
References
[ 1 ] APSB10-21 http://www.adobe.com/support/security/bulletins/apsb10-21.html [ 2 ] APSB10-28 http://www.adobe.com/support/security/bulletins/apsb10-28.html [ 3 ] CVE-2010-2883 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2883 [ 4 ] CVE-2010-2884 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884 [ 5 ] CVE-2010-2887 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2887 [ 6 ] CVE-2010-2889 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2889 [ 7 ] CVE-2010-2890 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2890 [ 8 ] CVE-2010-3619 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3619 [ 9 ] CVE-2010-3620 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3620 [ 10 ] CVE-2010-3621 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3621 [ 11 ] CVE-2010-3622 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3622 [ 12 ] CVE-2010-3625 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3625 [ 13 ] CVE-2010-3626 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3626 [ 14 ] CVE-2010-3627 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3627 [ 15 ] CVE-2010-3628 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3628 [ 16 ] CVE-2010-3629 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3629 [ 17 ] CVE-2010-3630 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3630 [ 18 ] CVE-2010-3632 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3632 [ 19 ] CVE-2010-3654 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654 [ 20 ] CVE-2010-3656 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3656 [ 21 ] CVE-2010-3657 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3657 [ 22 ] CVE-2010-3658 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3658 [ 23 ] CVE-2010-4091 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4091
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201101-08.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201010-0354",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.85.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.92.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.92.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.246.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.28.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.260.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.124.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.31.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.48.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "7.0.70.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.22.87"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.151.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "7.0.69.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.42.34"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.0.35.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.115.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.32.18"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.12.36"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.152.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.82.76"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.47.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.45.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.53.64"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.0.159.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.15.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.0.34.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.0.584"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.20.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.21.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "macromedia",
"version": "6.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.24.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "macromedia",
"version": "6.0.79.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.114.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "macromedia",
"version": "5.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.28"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.63"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.22.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.45.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.12.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.33.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.20"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.112.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.18d60"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.39.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.85.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "macromedia",
"version": "6.0.29.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.125.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.25"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.42.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "macromedia",
"version": "6.0.40.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.52.14.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "macromedia",
"version": "6.0.65.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "macromedia",
"version": "6.0.47.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.52.15"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.125.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.79"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "macromedia",
"version": "5.0_r50"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.31"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.95.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.95.2"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adobe",
"version": null
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.8"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6 to v10.6.4"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.8"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6 to v10.6.4"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4 windows edition"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh edition"
},
{
"model": "flash player",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "10.1.85.3 windows edition"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh edition"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "linux edition"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "solaris edition"
},
{
"model": "flash player",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "adobe flash player 10.1.95.2 android edition"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4 windows edition"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh edition"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "unix edition"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "10"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "11 express"
},
{
"model": "turbolinux client",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2008"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.307.6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375127"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.28"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.34"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.322.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.391.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.14"
},
{
"model": "flash r50",
"scope": "eq",
"trust": 0.3,
"vendor": "macromedia",
"version": "5.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.50"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.306.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.95.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.434.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.399.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.365.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.335.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.326.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.317.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.64"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.408.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.11"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.76"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.40"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.447.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.307.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.366.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.35"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.348.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.2460"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.458.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.342.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.307.11"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.366.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.12"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.18"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.82"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.395.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.28"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.13"
},
{
"model": "solaris express",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "11"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.25"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.418.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.385.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.319.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.408.6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.366.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.445.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.443.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.374.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.417.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.23"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.21"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.277.0"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.342.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.418.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.71"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.407.0"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.01"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.346.0"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "flash",
"scope": "eq",
"trust": 0.3,
"vendor": "macromedia",
"version": "6.0.79.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.421.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.390.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.289.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.382.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.35"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.438.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.39"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.20"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.462.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.12"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.368.0"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.37"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.46"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.77"
},
{
"model": "flash",
"scope": "eq",
"trust": 0.3,
"vendor": "macromedia",
"version": "6.0.47.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.307.10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.87"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.126"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.393.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.362.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.408.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.423.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.418.9"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.48"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.323.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.356.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.93"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.23"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.370.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.380.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.447.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.408.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.419.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.408.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.66"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.361.0"
},
{
"model": "flash",
"scope": "eq",
"trust": 0.3,
"vendor": "macromedia",
"version": "6.0.29.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.58"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.437.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.467.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.435.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.413.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.452.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.379.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.453.1"
},
{
"model": "air",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2.5.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.469.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.334.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.408.9"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.307.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.280"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.458.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.404.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.414.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.335.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.85"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.328.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.342.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.360.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.51.66"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.381.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.19"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.0.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.15"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.394.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.41"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.415.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.437.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.364.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.349.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.408.7"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.458.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.450.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.350.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.418.7"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.322.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.20"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.345.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.354.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.325.0"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.0.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.335.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.369.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.22"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.431.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.347.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.412.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.83"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.34"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.307.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.42"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.406.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.416.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.63"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.55"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.59"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.445.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.409.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.329.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.68"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.315.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.32"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.47"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3218"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.384.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.69"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.29"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.350.1"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.408.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.26"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.422.0"
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.3.9120"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.36"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.371.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.408.8"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.411.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.452.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.363.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.367.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.454.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.453.0"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.466.6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.337.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.96"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.366.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.43"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.91"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.80"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.441.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.8"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.60"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.88"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.466.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.314.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.342.6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.343.0"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.16"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.440.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.426.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.355.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.327.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.22"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.67"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.65"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.401.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.335.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.356.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.430.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.11"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.457.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.21"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.29"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.308.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.92"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.342.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.401.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.40"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.30"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.356.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.341.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.95"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.57"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.54"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.338.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.75"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.451.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.450.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.84"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.418.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.322.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.398.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.404.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.418.6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.466.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.94"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.19"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.466.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.4"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.427.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.342.7"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.466.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375125"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.18"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.0.2.12610"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.39"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.307.8"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.336.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.61"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.98"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.342.2"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0.262"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.317.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.320.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.31"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.37"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.17"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.366.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.33"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.339.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.307.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.342.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.335.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.424.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.465.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.37599"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.330.0"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.79"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.410.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.27"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.45"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.38"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.405.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.418.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.31"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.49"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.378.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.62"
},
{
"model": "flash",
"scope": "eq",
"trust": 0.3,
"vendor": "macromedia",
"version": "6.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.16"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.360.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.466.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.418.8"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.0.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.387.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.27"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.382.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.97"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.386.0"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.425.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.450.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.372.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.450.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.392.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.403.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.307.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.0"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.72"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.360.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.51"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.26"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.2"
},
{
"model": "flash player release candida",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.404.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.332.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "flash",
"scope": "eq",
"trust": 0.3,
"vendor": "macromedia",
"version": "6.0.65.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.41"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.44"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.73"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.12.35"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.340.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.436.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.373.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.369.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.397.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.353.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.408.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.89"
},
{
"model": "flash",
"scope": "eq",
"trust": 0.3,
"vendor": "macromedia",
"version": "6.0.40.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.70"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.56"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.470.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.461.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.437.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.446.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.321.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.15"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.357.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.459.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.81"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.333.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.313.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.351.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.471.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.396.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.450.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.415.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.428.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.42"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.309.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.32"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.447.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.460.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.344.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.307.9"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.342.9"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.13"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.25"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.466.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.455.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.38"
},
{
"model": "acrobat professional extended",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.449.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.400.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.369.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.444.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.437.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.358.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.360.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.24"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.456.0"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.3.9130"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.36"
},
{
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.17"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.7"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.53"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "flash",
"scope": "eq",
"trust": 0.3,
"vendor": "macromedia",
"version": "5.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.317.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.74"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.432.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.314.0"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.105.6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.324.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.30"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.433.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.408.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.342.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.416.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.52"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "11"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.452"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.78"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.354.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.316.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.3"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.102.64"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.90"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.418.3"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.464.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0.517.41"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.418.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.359.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.383.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.376.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.465.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.306.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.375.33"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.37586"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.318.0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#298081"
},
{
"db": "BID",
"id": "44504"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002313"
},
{
"db": "CNNVD",
"id": "CNNVD-201010-426"
},
{
"db": "NVD",
"id": "CVE-2010-3654"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:flash_player",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:oracle:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_server_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_workstation_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-002313"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe",
"sources": [
{
"db": "BID",
"id": "44504"
},
{
"db": "CNNVD",
"id": "CNNVD-201010-426"
}
],
"trust": 0.9
},
"cve": "CVE-2010-3654",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-3654",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-46259",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-3654",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#298081",
"trust": 0.8,
"value": "43.54"
},
{
"author": "NVD",
"id": "CVE-2010-3654",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201010-426",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-46259",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#298081"
},
{
"db": "VULHUB",
"id": "VHN-46259"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002313"
},
{
"db": "CNNVD",
"id": "CNNVD-201010-426"
},
{
"db": "NVD",
"id": "CVE-2010-3654"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010. Adobe Flash Contains a vulnerability that allows arbitrary code execution. Adobe Flash Contains a memory corruption vulnerability that could allow arbitrary code execution. Attack activity using this vulnerability has been confirmed.Crafted Flash By browsing a document with embedded content, arbitrary code may be executed. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Adobe Flash Player is a cross-platform, browser-based multimedia player product from Adobe. The product enables viewing of applications, content and video across screens and browsers. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201101-08\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: January 21, 2011\n Bugs: #336508, #343091\n ID: 201101-08\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might result in the execution\nof arbitrary code. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/acroread \u003c 9.4.1 \u003e= 9.4.1\n\nDescription\n===========\n\nMultiple vulnerabilities were discovered in Adobe Reader. For further\ninformation please consult the CVE entries and the Adobe Security\nBulletins referenced below. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest stable version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.4.1\"\n\nReferences\n==========\n\n [ 1 ] APSB10-21\n http://www.adobe.com/support/security/bulletins/apsb10-21.html\n [ 2 ] APSB10-28\n http://www.adobe.com/support/security/bulletins/apsb10-28.html\n [ 3 ] CVE-2010-2883\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2883\n [ 4 ] CVE-2010-2884\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884\n [ 5 ] CVE-2010-2887\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2887\n [ 6 ] CVE-2010-2889\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2889\n [ 7 ] CVE-2010-2890\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2890\n [ 8 ] CVE-2010-3619\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3619\n [ 9 ] CVE-2010-3620\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3620\n [ 10 ] CVE-2010-3621\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3621\n [ 11 ] CVE-2010-3622\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3622\n [ 12 ] CVE-2010-3625\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3625\n [ 13 ] CVE-2010-3626\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3626\n [ 14 ] CVE-2010-3627\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3627\n [ 15 ] CVE-2010-3628\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3628\n [ 16 ] CVE-2010-3629\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3629\n [ 17 ] CVE-2010-3630\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3630\n [ 18 ] CVE-2010-3632\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3632\n [ 19 ] CVE-2010-3654\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654\n [ 20 ] CVE-2010-3656\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3656\n [ 21 ] CVE-2010-3657\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3657\n [ 22 ] CVE-2010-3658\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3658\n [ 23 ] CVE-2010-4091\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4091\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201101-08.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2011 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-3654"
},
{
"db": "CERT/CC",
"id": "VU#298081"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002313"
},
{
"db": "BID",
"id": "44504"
},
{
"db": "VULHUB",
"id": "VHN-46259"
},
{
"db": "PACKETSTORM",
"id": "97735"
},
{
"db": "PACKETSTORM",
"id": "97734"
}
],
"trust": 2.88
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-46259",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-46259"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#298081",
"trust": 3.6
},
{
"db": "NVD",
"id": "CVE-2010-3654",
"trust": 3.0
},
{
"db": "BID",
"id": "44504",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "41917",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2010-2903",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "42030",
"trust": 1.9
},
{
"db": "VUPEN",
"id": "ADV-2011-0173",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2010-2918",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2010-2906",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2011-0191",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2010-3111",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2011-0344",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2011-0192",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "42401",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "43025",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "42183",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "42926",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "43026",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1024660",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1024659",
"trust": 1.1
},
{
"db": "SREASON",
"id": "8210",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2010-2810",
"trust": 0.8
},
{
"db": "VUPEN",
"id": "ADV-2010-2811",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002313",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201010-426",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "95444",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "100575",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "17187",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "16667",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-88894",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-71175",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-46259",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "97735",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "97734",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#298081"
},
{
"db": "VULHUB",
"id": "VHN-46259"
},
{
"db": "BID",
"id": "44504"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002313"
},
{
"db": "PACKETSTORM",
"id": "97735"
},
{
"db": "PACKETSTORM",
"id": "97734"
},
{
"db": "CNNVD",
"id": "CNNVD-201010-426"
},
{
"db": "NVD",
"id": "CVE-2010-3654"
}
]
},
"id": "VAR-201010-0354",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-46259"
}
],
"trust": 0.01
},
"last_update_date": "2024-09-19T20:06:30.194000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSA10-05",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/advisories/apsa10-05.html"
},
{
"title": "APSB10-26",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-26.html"
},
{
"title": "APSB10-28",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
},
{
"title": "cpsid_88012",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/880/cpsid_88012.html"
},
{
"title": "APSA10-05",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/advisories/apsa10-05.html"
},
{
"title": "APSB10-28",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-28.html"
},
{
"title": "cpsid_87720",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/877/cpsid_87720.html"
},
{
"title": "cpsid_87813",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/878/cpsid_87813.html"
},
{
"title": "HT4435",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4435"
},
{
"title": "HT4435",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4435?viewlocale=ja_JP"
},
{
"title": "RHSA-2010:0934",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0934.html"
},
{
"title": "RHSA-2010:0829",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0829.html"
},
{
"title": "RHSA-2010:0834",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0834.html"
},
{
"title": "RHSA-2010:0867",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0867.html"
},
{
"title": "multiple_vulnerabilities_in_adobe_flash1",
"trust": 0.8,
"url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1"
},
{
"title": "TLSA-2011-2",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-2j.txt"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-002313"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-46259"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002313"
},
{
"db": "NVD",
"id": "CVE-2010-3654"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
},
{
"trust": 2.8,
"url": "http://www.adobe.com/support/security/advisories/apsa10-05.html"
},
{
"trust": 2.8,
"url": "http://www.kb.cert.org/vuls/id/298081"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/44504"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/41917"
},
{
"trust": 2.3,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-26.html"
},
{
"trust": 1.9,
"url": "http://secunia.com/advisories/42030"
},
{
"trust": 1.9,
"url": "http://www.vupen.com/english/advisories/2010/2903"
},
{
"trust": 1.7,
"url": "http://contagiodump.blogspot.com/2010/10/potential-new-adobe-flash-player-zero.html"
},
{
"trust": 1.4,
"url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1"
},
{
"trust": 1.2,
"url": "http://security.gentoo.org/glsa/glsa-201101-08.xml"
},
{
"trust": 1.2,
"url": "http://security.gentoo.org/glsa/glsa-201101-09.xml"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2010//nov/msg00000.html"
},
{
"trust": 1.1,
"url": "http://support.apple.com/kb/ht4435"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a13294"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2010-0829.html"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2010-0834.html"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2010-0867.html"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2010-0934.html"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1024659"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1024660"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/42183"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/42401"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/42926"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/43025"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/43026"
},
{
"trust": 1.1,
"url": "http://securityreason.com/securityalert/8210"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html"
},
{
"trust": 1.1,
"url": "http://www.turbolinux.co.jp/security/2011/tlsa-2011-2j.txt"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2010/2906"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2010/2918"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2010/3111"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2011/0173"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2011/0191"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2011/0192"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2011/0344"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3654"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20101105-adobe.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100029.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu298081"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu331391"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-3654"
},
{
"trust": 0.8,
"url": "http://www.vupen.com/english/advisories/2010/2810"
},
{
"trust": 0.8,
"url": "http://www.vupen.com/english/advisories/2010/2811"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.2,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.2,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2884"
},
{
"trust": 0.2,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2182"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3639"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2181"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2161"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0187"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2174"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3644"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2166"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2215"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2176"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2171"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2162"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2160"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2181"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4546"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-4546"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1297"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2163"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2180"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2171"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2180"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2176"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2164"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2179"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2169"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3648"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2164"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0187"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2163"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0209"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2173"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1297"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3793"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2177"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3645"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2179"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2165"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2172"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3976"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2216"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-16.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3647"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2173"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-06.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2172"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3793"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2160"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2213"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2184"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2167"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3646"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2169"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2175"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2214"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2178"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2165"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2188"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2189"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3643"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2161"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3636"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0209"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2166"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3641"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2185"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2174"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3650"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2183"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2178"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2170"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2177"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3652"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2162"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3640"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2170"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-22.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2175"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2187"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2167"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2182"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3642"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2890"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3620"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3656"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3621"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3619"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2889"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2883"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2890"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3629"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3629"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3619"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3625"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-21.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3628"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2883"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3625"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3626"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3657"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3657"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3622"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3658"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2884"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3620"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3632"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3654"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3632"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2889"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3622"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3656"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2887"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3621"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3628"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3626"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3658"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2887"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4091"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3630"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3630"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#298081"
},
{
"db": "VULHUB",
"id": "VHN-46259"
},
{
"db": "BID",
"id": "44504"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002313"
},
{
"db": "PACKETSTORM",
"id": "97735"
},
{
"db": "PACKETSTORM",
"id": "97734"
},
{
"db": "CNNVD",
"id": "CNNVD-201010-426"
},
{
"db": "NVD",
"id": "CVE-2010-3654"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#298081"
},
{
"db": "VULHUB",
"id": "VHN-46259"
},
{
"db": "BID",
"id": "44504"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002313"
},
{
"db": "PACKETSTORM",
"id": "97735"
},
{
"db": "PACKETSTORM",
"id": "97734"
},
{
"db": "CNNVD",
"id": "CNNVD-201010-426"
},
{
"db": "NVD",
"id": "CVE-2010-3654"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-10-28T00:00:00",
"db": "CERT/CC",
"id": "VU#298081"
},
{
"date": "2010-10-29T00:00:00",
"db": "VULHUB",
"id": "VHN-46259"
},
{
"date": "2010-10-28T00:00:00",
"db": "BID",
"id": "44504"
},
{
"date": "2010-11-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-002313"
},
{
"date": "2011-01-21T21:15:05",
"db": "PACKETSTORM",
"id": "97735"
},
{
"date": "2011-01-21T21:14:13",
"db": "PACKETSTORM",
"id": "97734"
},
{
"date": "2010-10-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201010-426"
},
{
"date": "2010-10-29T19:00:02.060000",
"db": "NVD",
"id": "CVE-2010-3654"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-11-17T00:00:00",
"db": "CERT/CC",
"id": "VU#298081"
},
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-46259"
},
{
"date": "2015-03-19T08:46:00",
"db": "BID",
"id": "44504"
},
{
"date": "2011-02-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-002313"
},
{
"date": "2011-07-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201010-426"
},
{
"date": "2017-09-19T01:31:31.003000",
"db": "NVD",
"id": "CVE-2010-3654"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "97735"
},
{
"db": "CNNVD",
"id": "CNNVD-201010-426"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash code execution vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#298081"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201010-426"
}
],
"trust": 0.6
}
}
var-201510-0367
Vulnerability from variot
The ANSendForReview method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the ANSendForReview method. By creating a specially crafted PDF with specific JavaScript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the ANSendForReview method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0367",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-483"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005264"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-220"
},
{
"db": "NVD",
"id": "CVE-2015-6707"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005264"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-483"
}
],
"trust": 0.7
},
"cve": "CVE-2015-6707",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6707",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.7,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-6707",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84668",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6707",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6707",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-6707",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-220",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-84668",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-483"
},
{
"db": "VULHUB",
"id": "VHN-84668"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005264"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-220"
},
{
"db": "NVD",
"id": "CVE-2015-6707"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The ANSendForReview method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the ANSendForReview method. By creating a specially crafted PDF with specific JavaScript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the ANSendForReview method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6707"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005264"
},
{
"db": "ZDI",
"id": "ZDI-15-483"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "VULHUB",
"id": "VHN-84668"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6707",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-483",
"trust": 2.4
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005264",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3058",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-220",
"trust": 0.7
},
{
"db": "BID",
"id": "77074",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84668",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-483"
},
{
"db": "VULHUB",
"id": "VHN-84668"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005264"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-220"
},
{
"db": "NVD",
"id": "CVE-2015-6707"
}
]
},
"id": "VAR-201510-0367",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84668"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:36.367000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product Privilege License and Access Control Vulnerability Fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58069"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-483"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005264"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-220"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84668"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005264"
},
{
"db": "NVD",
"id": "CVE-2015-6707"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-483"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6707"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6707"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-483"
},
{
"db": "VULHUB",
"id": "VHN-84668"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005264"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-220"
},
{
"db": "NVD",
"id": "CVE-2015-6707"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-483"
},
{
"db": "VULHUB",
"id": "VHN-84668"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005264"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-220"
},
{
"db": "NVD",
"id": "CVE-2015-6707"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-483"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84668"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005264"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-220"
},
{
"date": "2015-10-14T23:59:29.303000",
"db": "NVD",
"id": "CVE-2015-6707"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-483"
},
{
"date": "2020-05-18T00:00:00",
"db": "VULHUB",
"id": "VHN-84668"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005264"
},
{
"date": "2020-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-220"
},
{
"date": "2021-09-08T17:19:32.003000",
"db": "NVD",
"id": "CVE-2015-6707"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-220"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of ANSendForReview In the method JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005264"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-220"
}
],
"trust": 0.6
}
}
var-201510-0371
Vulnerability from variot
The DoIdentityDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the DoIdentityDialog method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the DoIdentityDialog method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0371",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-485"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005268"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-224"
},
{
"db": "NVD",
"id": "CVE-2015-6711"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005268"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-485"
}
],
"trust": 0.7
},
"cve": "CVE-2015-6711",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6711",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.7,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-6711",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84672",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6711",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6711",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-6711",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-224",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-84672",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-485"
},
{
"db": "VULHUB",
"id": "VHN-84672"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005268"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-224"
},
{
"db": "NVD",
"id": "CVE-2015-6711"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The DoIdentityDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the DoIdentityDialog method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the DoIdentityDialog method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6711"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005268"
},
{
"db": "ZDI",
"id": "ZDI-15-485"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "VULHUB",
"id": "VHN-84672"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6711",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-485",
"trust": 2.4
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005268",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3060",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-224",
"trust": 0.7
},
{
"db": "BID",
"id": "77074",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84672",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-485"
},
{
"db": "VULHUB",
"id": "VHN-84672"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005268"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-224"
},
{
"db": "NVD",
"id": "CVE-2015-6711"
}
]
},
"id": "VAR-201510-0371",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84672"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:36.444000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product Privilege License and Access Control Vulnerability Fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58073"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-485"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005268"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-224"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84672"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005268"
},
{
"db": "NVD",
"id": "CVE-2015-6711"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-485"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6711"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6711"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-485"
},
{
"db": "VULHUB",
"id": "VHN-84672"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005268"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-224"
},
{
"db": "NVD",
"id": "CVE-2015-6711"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-485"
},
{
"db": "VULHUB",
"id": "VHN-84672"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005268"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-224"
},
{
"db": "NVD",
"id": "CVE-2015-6711"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-485"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84672"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005268"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-224"
},
{
"date": "2015-10-14T23:59:33.177000",
"db": "NVD",
"id": "CVE-2015-6711"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-485"
},
{
"date": "2020-05-18T00:00:00",
"db": "VULHUB",
"id": "VHN-84672"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005268"
},
{
"date": "2020-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-224"
},
{
"date": "2021-09-08T17:19:32.120000",
"db": "NVD",
"id": "CVE-2015-6711"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-224"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of DoIdentityDialog In the method JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005268"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-224"
}
],
"trust": 0.6
}
}
var-201510-0043
Vulnerability from variot
The CBAutoConfigCommentRepository method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the CBAutoConfigCommentRepository method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the CBAutoConfigCommentRepository method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0043",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-498"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005284"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-243"
},
{
"db": "NVD",
"id": "CVE-2015-7618"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005284"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Matt Molinyawe and Jasiel Spelman of HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-498"
}
],
"trust": 0.7
},
"cve": "CVE-2015-7618",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-7618",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.7,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-7618",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-85579",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-7618",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-7618",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-7618",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-243",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-85579",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-498"
},
{
"db": "VULHUB",
"id": "VHN-85579"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005284"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-243"
},
{
"db": "NVD",
"id": "CVE-2015-7618"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The CBAutoConfigCommentRepository method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the CBAutoConfigCommentRepository method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the CBAutoConfigCommentRepository method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7618"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005284"
},
{
"db": "ZDI",
"id": "ZDI-15-498"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "VULHUB",
"id": "VHN-85579"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-7618",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-498",
"trust": 2.4
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005284",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3082",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-243",
"trust": 0.7
},
{
"db": "BID",
"id": "77074",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-85579",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-498"
},
{
"db": "VULHUB",
"id": "VHN-85579"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005284"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-243"
},
{
"db": "NVD",
"id": "CVE-2015-7618"
}
]
},
"id": "VAR-201510-0043",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-85579"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:31.702000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product Privilege License and Access Control Vulnerability Fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58092"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-498"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005284"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-243"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85579"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005284"
},
{
"db": "NVD",
"id": "CVE-2015-7618"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-498"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7618"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7618"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-498"
},
{
"db": "VULHUB",
"id": "VHN-85579"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005284"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-243"
},
{
"db": "NVD",
"id": "CVE-2015-7618"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-498"
},
{
"db": "VULHUB",
"id": "VHN-85579"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005284"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-243"
},
{
"db": "NVD",
"id": "CVE-2015-7618"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-498"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-85579"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005284"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-243"
},
{
"date": "2015-10-14T23:59:51.980000",
"db": "NVD",
"id": "CVE-2015-7618"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-498"
},
{
"date": "2020-05-18T00:00:00",
"db": "VULHUB",
"id": "VHN-85579"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005284"
},
{
"date": "2020-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-243"
},
{
"date": "2021-09-08T17:19:32.573000",
"db": "NVD",
"id": "CVE-2015-7618"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-243"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of CBAutoConfigCommentRepository In the method JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005284"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-243"
}
],
"trust": 0.6
}
}
var-201510-0373
Vulnerability from variot
The Function call implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the call method of Function objects. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. There are security vulnerabilities in the function call implementation of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0373",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-489"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005270"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-226"
},
{
"db": "NVD",
"id": "CVE-2015-6713"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005270"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WanderingGlitch of HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-489"
}
],
"trust": 0.7
},
"cve": "CVE-2015-6713",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-6713",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.7,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-6713",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-84674",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6713",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-6713",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-6713",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-226",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-84674",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-489"
},
{
"db": "VULHUB",
"id": "VHN-84674"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005270"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-226"
},
{
"db": "NVD",
"id": "CVE-2015-6713"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Function call implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the call method of Function objects. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. There are security vulnerabilities in the function call implementation of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6713"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005270"
},
{
"db": "ZDI",
"id": "ZDI-15-489"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "VULHUB",
"id": "VHN-84674"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6713",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-489",
"trust": 2.4
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005270",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3065",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-226",
"trust": 0.7
},
{
"db": "BID",
"id": "77074",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84674",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-489"
},
{
"db": "VULHUB",
"id": "VHN-84674"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005270"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-226"
},
{
"db": "NVD",
"id": "CVE-2015-6713"
}
]
},
"id": "VAR-201510-0373",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84674"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:32.417000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product Privilege License and Access Control Vulnerability Fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58075"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-489"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005270"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-226"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84674"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005270"
},
{
"db": "NVD",
"id": "CVE-2015-6713"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-489"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6713"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6713"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-489"
},
{
"db": "VULHUB",
"id": "VHN-84674"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005270"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-226"
},
{
"db": "NVD",
"id": "CVE-2015-6713"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-489"
},
{
"db": "VULHUB",
"id": "VHN-84674"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005270"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-226"
},
{
"db": "NVD",
"id": "CVE-2015-6713"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-489"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84674"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005270"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-226"
},
{
"date": "2015-10-14T23:59:35.210000",
"db": "NVD",
"id": "CVE-2015-6713"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-489"
},
{
"date": "2020-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-84674"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005270"
},
{
"date": "2020-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-226"
},
{
"date": "2021-09-08T17:19:32.167000",
"db": "NVD",
"id": "CVE-2015-6713"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-226"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of Function call In the implementation of JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005270"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-226"
}
],
"trust": 0.6
}
}
var-201004-0130
Vulnerability from variot
Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Adobe released an advisory addressing multiple issues in Reader and Acrobat. Attackers can exploit these issues to steal cookie-based authentication credentials, cause a denial-of-service, or execute arbitrary code in the context of the user running an affected application. NOTE: This BID is being retired; the following individual records have been created to document these vulnerabilities: 39515 Adobe Acrobat and Reader CVE-2010-0190 Cross Site Scripting Vulnerability 39517 Adobe Acrobat and Reader Prefix Protocol Handler Remote Code Execution Vulnerability 39523 Adobe Acrobat and Reader CVE-2010-0192 Denial of Service Vulnerability 39524 Adobe Acrobat and Reader CVE-2010-0193 Denial of Service Vulnerability 39521 Adobe Acrobat and Reader CVE-2010-0196 Denial of Service Vulnerability 39518 Adobe Acrobat and Reader CVE-2010-0197 Remote Code Execution Vulnerability 39505 Adobe Acrobat and Reader PNG Data Remote Buffer Overflow Vulnerability 39511 Adobe Acrobat and Reader JPEG Data Remote Buffer Overflow Vulnerability 39520 Adobe Acrobat and Reader CVE-2010-0201 Remote Code Execution Vulnerability 39514 Adobe Acrobat and Reader GIF Data Remote Buffer Overflow Vulnerability 39507 Adobe Acrobat and Reader BMP Data Remote Buffer Overflow Vulnerability 39522 Adobe Acrobat and Reader CVE-2010-0204 Remote Code Execution Vulnerability 39470 Adobe Acrobat and Reader CVE-2010-1241 'CoolType.dll' Remote Code Execution Vulnerability 39469 Adobe Acrobat and Reader CVE-2010-0194 X3D Component Remote Code Execution Vulnerability 39417 Adobe Acrobat and Reader CVE-2010-0195 Embedded Font Handling Remote Code Execution Vulnerability.
I. These vulnerabilities affect Reader and Acrobat 9.3.1 and earlier 9.x versions, and 8.2.1 and earlier versions.
An attacker could exploit these vulnerabilities by convincing a user to open a specially crafted PDF file. The Adobe Reader browser plug-in is available for multiple web browsers and operating systems, which can automatically open PDF documents hosted on a website.
II.
III. For a fresh installation, first install Adobe Reader 9.3.0 or 8.2.0 and then use the automatic update feature or install the appropriate update referenced in APSB10-09. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Adobe provides a framework to blacklist specific JavaScipt APIs. If JavaScript must be enabled, this feature may be useful when specific APIs are known to be vulnerable or used in attacks.
Prevent Internet Explorer from automatically opening PDF documents
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7] "EditFlags"=hex:00,00,00,00
Disable the display of PDF documents in the web browser
Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF documents from automatically being opened in a web browser, do the following:
- Open the Edit menu.
- Choose the Preferences option.
- Choose the Internet section.
- Uncheck the "Display PDF in browser" checkbox.
Do not access PDF documents from untrusted sources
Do not open unfamiliar or unexpected PDF documents, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. Please send email to cert@cert.org with "TA10-103C Feedback VU#352598" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
April 13, 2010: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBS8TuRj6pPKYJORa3AQJfzggAj8p3s/TrJT16ceFtRzLR31QBgRq6GxYr h8WnsGlj2WR71XjH219XaWx9Mj3KBWVxbAsNPmK0tEir7KA+n4DwZCewTDYRqfYs 8N7G9MOI68Z87+7zBiZAo0j5/lQuxLWyTF9PqWbX8gCWLqJWW46cEZCqg7OGRbYt w8coxdMXU6tM3WGoWAIKwLRtpQUdubcITPTrE7RATyLJ1422B9dkTSeSCuHHZs5d eXSPYzTQ1EOwHpuA5/a/or2SjeRPLQcpxb/8WKelSqwW3hpK4zviEnPt4cYyeNqW BQY06OQMTKch/nmniuEDuiwe69m0gTw7Tw2Dm6xrg6BLBy3A6GAwkQ== =CQ6i -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201009-05
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: September 07, 2010 Bugs: #297385, #306429, #313343, #322857 ID: 201009-05
Synopsis
Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code or other attacks. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.3.4"
References
[ 1 ] APSA10-01 http://www.adobe.com/support/security/advisories/apsa10-01.html [ 2 ] APSB10-02 http://www.adobe.com/support/security/bulletins/apsb10-02.html [ 3 ] APSB10-07 http://www.adobe.com/support/security/bulletins/apsb10-07.html [ 4 ] APSB10-09 http://www.adobe.com/support/security/bulletins/apsb10-09.html [ 5 ] APSB10-14 http://www.adobe.com/support/security/bulletins/apsb10-14.html [ 6 ] APSB10-16 http://www.adobe.com/support/security/bulletins/apsb10-16.html [ 7 ] CVE-2009-3953 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953 [ 8 ] CVE-2009-4324 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324 [ 9 ] CVE-2010-0186 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186 [ 10 ] CVE-2010-0188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188 [ 11 ] CVE-2010-0190 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190 [ 12 ] CVE-2010-0191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191 [ 13 ] CVE-2010-0192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192 [ 14 ] CVE-2010-0193 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193 [ 15 ] CVE-2010-0194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194 [ 16 ] CVE-2010-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195 [ 17 ] CVE-2010-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196 [ 18 ] CVE-2010-0197 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197 [ 19 ] CVE-2010-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198 [ 20 ] CVE-2010-0199 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199 [ 21 ] CVE-2010-0201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201 [ 22 ] CVE-2010-0202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202 [ 23 ] CVE-2010-0203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203 [ 24 ] CVE-2010-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204 [ 25 ] CVE-2010-1241 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241 [ 26 ] CVE-2010-1285 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285 [ 27 ] CVE-2010-1295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295 [ 28 ] CVE-2010-1297 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297 [ 29 ] CVE-2010-2168 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168 [ 30 ] CVE-2010-2201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201 [ 31 ] CVE-2010-2202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202 [ 32 ] CVE-2010-2203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203 [ 33 ] CVE-2010-2204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204 [ 34 ] CVE-2010-2205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205 [ 35 ] CVE-2010-2206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206 [ 36 ] CVE-2010-2207 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207 [ 37 ] CVE-2010-2208 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208 [ 38 ] CVE-2010-2209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209 [ 39 ] CVE-2010-2210 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210 [ 40 ] CVE-2010-2211 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211 [ 41 ] CVE-2010-2212 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201009-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201004-0130",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.4.z (server)"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "39515"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001346"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-243"
},
{
"db": "NVD",
"id": "CVE-2010-0190"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001346"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Billy Rios, Microsoft Vulnerability Research (MSVR), Aki Helin of Oulu University Secure Programming Group, Microsoft Vulnerability Research Program (MSVR), Bing Liu of Fortinet\u0027s FortiGuard Labs, an anonymous researcher reported through TippingPoint\u0026a",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-243"
}
],
"trust": 0.6
},
"cve": "CVE-2010-0190",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-0190",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-42795",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-0190",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2010-0190",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201004-243",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-42795",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42795"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001346"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-243"
},
{
"db": "NVD",
"id": "CVE-2010-0190"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Adobe released an advisory addressing multiple issues in Reader and Acrobat. \nAttackers can exploit these issues to steal cookie-based authentication credentials, cause a denial-of-service, or execute arbitrary code in the context of the user running an affected application. \nNOTE: This BID is being retired; the following individual records have been created to document these vulnerabilities:\n39515 Adobe Acrobat and Reader CVE-2010-0190 Cross Site Scripting Vulnerability\n39517 Adobe Acrobat and Reader Prefix Protocol Handler Remote Code Execution Vulnerability\n39523 Adobe Acrobat and Reader CVE-2010-0192 Denial of Service Vulnerability\n39524 Adobe Acrobat and Reader CVE-2010-0193 Denial of Service Vulnerability\n39521 Adobe Acrobat and Reader CVE-2010-0196 Denial of Service Vulnerability\n39518 Adobe Acrobat and Reader CVE-2010-0197 Remote Code Execution Vulnerability\n39505 Adobe Acrobat and Reader PNG Data Remote Buffer Overflow Vulnerability\n39511 Adobe Acrobat and Reader JPEG Data Remote Buffer Overflow Vulnerability\n39520 Adobe Acrobat and Reader CVE-2010-0201 Remote Code Execution Vulnerability\n39514 Adobe Acrobat and Reader GIF Data Remote Buffer Overflow Vulnerability\n39507 Adobe Acrobat and Reader BMP Data Remote Buffer Overflow Vulnerability\n39522 Adobe Acrobat and Reader CVE-2010-0204 Remote Code Execution Vulnerability\n39470 Adobe Acrobat and Reader CVE-2010-1241 \u0027CoolType.dll\u0027 Remote Code Execution Vulnerability\n39469 Adobe Acrobat and Reader CVE-2010-0194 X3D Component Remote Code Execution Vulnerability\n39417 Adobe Acrobat and Reader CVE-2010-0195 Embedded Font Handling Remote Code Execution Vulnerability. \n\n\nI. These\n vulnerabilities affect Reader and Acrobat 9.3.1 and earlier 9.x\n versions, and 8.2.1 and earlier versions. \n\n An attacker could exploit these vulnerabilities by convincing a\n user to open a specially crafted PDF file. The Adobe Reader browser\n plug-in is available for multiple web browsers and operating\n systems, which can automatically open PDF documents hosted on a\n website. \n\n\nII. \n\n\nIII. For a fresh installation, first install\n Adobe Reader 9.3.0 or 8.2.0 and then use the automatic update\n feature or install the appropriate update referenced in APSB10-09. Acrobat JavaScript can be disabled using the\n Preferences menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable\n Acrobat JavaScript). \n\n Adobe provides a framework to blacklist specific JavaScipt APIs. If\n JavaScript must be enabled, this feature may be useful when\n specific APIs are known to be vulnerable or used in attacks. \n\n Prevent Internet Explorer from automatically opening PDF documents\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF documents in the web browser\n\n Preventing PDF documents from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF documents from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. \n\n Do not access PDF documents from untrusted sources\n\n Do not open unfamiliar or unexpected PDF documents, particularly\n those hosted on websites or delivered as email attachments. Please\n see Cyber Security Tip ST04-010. \n\n\nIV. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-103C Feedback VU#352598\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n April 13, 2010: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBS8TuRj6pPKYJORa3AQJfzggAj8p3s/TrJT16ceFtRzLR31QBgRq6GxYr\nh8WnsGlj2WR71XjH219XaWx9Mj3KBWVxbAsNPmK0tEir7KA+n4DwZCewTDYRqfYs\n8N7G9MOI68Z87+7zBiZAo0j5/lQuxLWyTF9PqWbX8gCWLqJWW46cEZCqg7OGRbYt\nw8coxdMXU6tM3WGoWAIKwLRtpQUdubcITPTrE7RATyLJ1422B9dkTSeSCuHHZs5d\neXSPYzTQ1EOwHpuA5/a/or2SjeRPLQcpxb/8WKelSqwW3hpK4zviEnPt4cYyeNqW\nBQY06OQMTKch/nmniuEDuiwe69m0gTw7Tw2Dm6xrg6BLBy3A6GAwkQ==\n=CQ6i\n-----END PGP SIGNATURE-----\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201009-05\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: September 07, 2010\n Bugs: #297385, #306429, #313343, #322857\n ID: 201009-05\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might result in the execution\nof arbitrary code or other attacks. For further\ninformation please consult the CVE entries and the Adobe Security\nBulletins referenced below. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.3.4\"\n\nReferences\n==========\n\n [ 1 ] APSA10-01\n http://www.adobe.com/support/security/advisories/apsa10-01.html\n [ 2 ] APSB10-02\n http://www.adobe.com/support/security/bulletins/apsb10-02.html\n [ 3 ] APSB10-07\n http://www.adobe.com/support/security/bulletins/apsb10-07.html\n [ 4 ] APSB10-09\n http://www.adobe.com/support/security/bulletins/apsb10-09.html\n [ 5 ] APSB10-14\n http://www.adobe.com/support/security/bulletins/apsb10-14.html\n [ 6 ] APSB10-16\n http://www.adobe.com/support/security/bulletins/apsb10-16.html\n [ 7 ] CVE-2009-3953\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953\n [ 8 ] CVE-2009-4324\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324\n [ 9 ] CVE-2010-0186\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186\n [ 10 ] CVE-2010-0188\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188\n [ 11 ] CVE-2010-0190\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190\n [ 12 ] CVE-2010-0191\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191\n [ 13 ] CVE-2010-0192\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192\n [ 14 ] CVE-2010-0193\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193\n [ 15 ] CVE-2010-0194\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194\n [ 16 ] CVE-2010-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195\n [ 17 ] CVE-2010-0196\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196\n [ 18 ] CVE-2010-0197\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197\n [ 19 ] CVE-2010-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198\n [ 20 ] CVE-2010-0199\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199\n [ 21 ] CVE-2010-0201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201\n [ 22 ] CVE-2010-0202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202\n [ 23 ] CVE-2010-0203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203\n [ 24 ] CVE-2010-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204\n [ 25 ] CVE-2010-1241\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241\n [ 26 ] CVE-2010-1285\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285\n [ 27 ] CVE-2010-1295\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295\n [ 28 ] CVE-2010-1297\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297\n [ 29 ] CVE-2010-2168\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168\n [ 30 ] CVE-2010-2201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201\n [ 31 ] CVE-2010-2202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202\n [ 32 ] CVE-2010-2203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203\n [ 33 ] CVE-2010-2204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204\n [ 34 ] CVE-2010-2205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205\n [ 35 ] CVE-2010-2206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206\n [ 36 ] CVE-2010-2207\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207\n [ 37 ] CVE-2010-2208\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208\n [ 38 ] CVE-2010-2209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209\n [ 39 ] CVE-2010-2210\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210\n [ 40 ] CVE-2010-2211\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211\n [ 41 ] CVE-2010-2212\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201009-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-0190"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001346"
},
{
"db": "BID",
"id": "39515"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "VULHUB",
"id": "VHN-42795"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-0190",
"trust": 2.9
},
{
"db": "USCERT",
"id": "TA10-103C",
"trust": 2.6
},
{
"db": "VUPEN",
"id": "ADV-2010-0873",
"trust": 2.5
},
{
"db": "BID",
"id": "39329",
"trust": 2.0
},
{
"db": "BID",
"id": "39515",
"trust": 1.2
},
{
"db": "USCERT",
"id": "SA10-103C",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001346",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201004-243",
"trust": 0.7
},
{
"db": "CERT/CC",
"id": "TA10-103C",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-42795",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88345",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "93607",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42795"
},
{
"db": "BID",
"id": "39515"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001346"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-243"
},
{
"db": "NVD",
"id": "CVE-2010-0190"
}
]
},
"id": "VAR-201004-0130",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-42795"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:21:14.802000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-09",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"title": "APSB10-09",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-09.html"
},
{
"title": "RHSA-2010:0349",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0349.html"
},
{
"title": "TA10-103C",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-103c.html"
},
{
"title": "Adobe Reader 9.3.2 update (Intel) - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=4092"
},
{
"title": "Adobe Reader 8.1.7",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=4096"
},
{
"title": "Adobe Acrobat 9.3.2 Pro update - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=4100"
},
{
"title": "Adobe Reader 9.3.2 update - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=4091"
},
{
"title": "Adobe Reader 8.1.7",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=4095"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001346"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-243"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42795"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001346"
},
{
"db": "NVD",
"id": "CVE-2010-0190"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-103c.html"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2010/0873"
},
{
"trust": 2.4,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/39329"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a6986"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0190"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100009.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-103c/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-13/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0190"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/39515"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-103c.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/index.html#topics"
},
{
"trust": 0.6,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-103c.html\u003e"
},
{
"trust": 0.1,
"url": "http://kb2.adobe.com/cps/504/cpsid_50431.html\u003e"
},
{
"trust": 0.1,
"url": "http://blogs.adobe.com/adobereader/2010/04/upcoming_adobe_reader_and_acro.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2203"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2209"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0188"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0199"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201009-05.xml"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2205"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2211"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1285"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0199"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0186"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2210"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0188"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0198"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-07.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1297"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1241"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1295"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2208"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0190"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0198"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2207"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2168"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2201"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-16.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0186"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2212"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42795"
},
{
"db": "BID",
"id": "39515"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001346"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-243"
},
{
"db": "NVD",
"id": "CVE-2010-0190"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-42795"
},
{
"db": "BID",
"id": "39515"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001346"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-243"
},
{
"db": "NVD",
"id": "CVE-2010-0190"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-14T00:00:00",
"db": "VULHUB",
"id": "VHN-42795"
},
{
"date": "2010-04-13T00:00:00",
"db": "BID",
"id": "39515"
},
{
"date": "2010-04-08T00:00:00",
"db": "BID",
"id": "39329"
},
{
"date": "2010-04-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001346"
},
{
"date": "2010-04-14T07:04:22",
"db": "PACKETSTORM",
"id": "88345"
},
{
"date": "2010-09-08T05:23:46",
"db": "PACKETSTORM",
"id": "93607"
},
{
"date": "2010-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-243"
},
{
"date": "2010-04-14T16:00:00.663000",
"db": "NVD",
"id": "CVE-2010-0190"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-42795"
},
{
"date": "2010-09-07T21:12:00",
"db": "BID",
"id": "39515"
},
{
"date": "2010-04-16T15:53:00",
"db": "BID",
"id": "39329"
},
{
"date": "2010-04-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001346"
},
{
"date": "2010-04-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-243"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2010-0190"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "39515"
},
{
"db": "BID",
"id": "39329"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001346"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-243"
}
],
"trust": 0.6
}
}
var-201601-0031
Vulnerability from variot
Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FileAttachment annotation, a different vulnerability than CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946. This vulnerability CVE-2016-0933 , CVE-2016-0936 , CVE-2016-0938 , CVE-2016-0939 , CVE-2016-0942 , CVE-2016-0944 , CVE-2016-0945 ,and CVE-2016-0946 Is a different vulnerability.Crafted by attackers FileAttachment Arbitrary code can be executed via an annotation or denial of service ( Memory corruption ) There is a possibility of being put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The flaw exists within the handling of FileAttachment annotations. By setting the point attribute to a specific array, an attacker can force a dangling pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code under the context of the current process. Adobe Acrobat and Reader are prone to multiple memory-corruption vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Security flaws exist in several Adobe products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201601-0031",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.14 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30119 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20056 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30119 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20056 (windows/macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.14 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.006.30097"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-009"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001033"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-232"
},
{
"db": "NVD",
"id": "CVE-2016-0931"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001033"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Brian Gorenc - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-009"
}
],
"trust": 0.7
},
"cve": "CVE-2016-0931",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0931",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 2.5,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-88441",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2016-0931",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-0931",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-0931",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2016-0931",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-232",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-88441",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-009"
},
{
"db": "VULHUB",
"id": "VHN-88441"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001033"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-232"
},
{
"db": "NVD",
"id": "CVE-2016-0931"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FileAttachment annotation, a different vulnerability than CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946. This vulnerability CVE-2016-0933 , CVE-2016-0936 , CVE-2016-0938 , CVE-2016-0939 , CVE-2016-0942 , CVE-2016-0944 , CVE-2016-0945 ,and CVE-2016-0946 Is a different vulnerability.Crafted by attackers FileAttachment Arbitrary code can be executed via an annotation or denial of service ( Memory corruption ) There is a possibility of being put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The flaw exists within the handling of FileAttachment annotations. By setting the point attribute to a specific array, an attacker can force a dangling pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code under the context of the current process. Adobe Acrobat and Reader are prone to multiple memory-corruption vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Security flaws exist in several Adobe products",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0931"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001033"
},
{
"db": "ZDI",
"id": "ZDI-16-009"
},
{
"db": "BID",
"id": "80361"
},
{
"db": "VULHUB",
"id": "VHN-88441"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0931",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-16-009",
"trust": 2.7
},
{
"db": "SECTRACK",
"id": "1034646",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001033",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3021",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201601-232",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-014",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-015",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-013",
"trust": 0.3
},
{
"db": "BID",
"id": "80361",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-88441",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-009"
},
{
"db": "VULHUB",
"id": "VHN-88441"
},
{
"db": "BID",
"id": "80361"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001033"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-232"
},
{
"db": "NVD",
"id": "CVE-2016-0931"
}
]
},
"id": "VAR-201601-0031",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88441"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:32:57.715000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-02",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
},
{
"title": "APSB16-02",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb16-02.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160114.html"
},
{
"title": "Multiple Adobe Product Buffer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59579"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-009"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001033"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-232"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88441"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001033"
},
{
"db": "NVD",
"id": "CVE-2016-0931"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
},
{
"trust": 1.7,
"url": "http://zerodayinitiative.com/advisories/zdi-16-009"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1034646"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0931"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160113-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160003.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0931"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17575"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
},
{
"trust": 0.3,
"url": "https://helpx.adobe.com/security/products/reader/apsb16-02.html"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-009/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-013/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-014/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-015/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-009"
},
{
"db": "VULHUB",
"id": "VHN-88441"
},
{
"db": "BID",
"id": "80361"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001033"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-232"
},
{
"db": "NVD",
"id": "CVE-2016-0931"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-16-009"
},
{
"db": "VULHUB",
"id": "VHN-88441"
},
{
"db": "BID",
"id": "80361"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001033"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-232"
},
{
"db": "NVD",
"id": "CVE-2016-0931"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-12T00:00:00",
"db": "ZDI",
"id": "ZDI-16-009"
},
{
"date": "2016-01-14T00:00:00",
"db": "VULHUB",
"id": "VHN-88441"
},
{
"date": "2016-01-12T00:00:00",
"db": "BID",
"id": "80361"
},
{
"date": "2016-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001033"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-232"
},
{
"date": "2016-01-14T05:59:00.080000",
"db": "NVD",
"id": "CVE-2016-0931"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-12T00:00:00",
"db": "ZDI",
"id": "ZDI-16-009"
},
{
"date": "2016-12-07T00:00:00",
"db": "VULHUB",
"id": "VHN-88441"
},
{
"date": "2016-01-14T23:58:00",
"db": "BID",
"id": "80361"
},
{
"date": "2016-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001033"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-232"
},
{
"date": "2016-12-07T23:43:35.190000",
"db": "NVD",
"id": "CVE-2016-0931"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-232"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001033"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-232"
}
],
"trust": 0.6
}
}
var-201608-0299
Vulnerability from variot
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4266, CVE-2016-4267, CVE-2016-4268, and CVE-2016-4269. This vulnerability CVE-2016-4191 , CVE-2016-4192 , CVE-2016-4193 , CVE-2016-4194 , CVE-2016-4195 , CVE-2016-4196 , CVE-2016-4197 , CVE-2016-4198 , CVE-2016-4199 , CVE-2016-4200 , CVE-2016-4201 , CVE-2016-4202 , CVE-2016-4203 , CVE-2016-4204 , CVE-2016-4205 , CVE-2016-4206 , CVE-2016-4207 , CVE-2016-4208 , CVE-2016-4211 , CVE-2016-4212 , CVE-2016-4213 , CVE-2016-4214 , CVE-2016-4250 , CVE-2016-4251 , CVE-2016-4252 , CVE-2016-4254 , CVE-2016-4265 , CVE-2016-4266 , CVE-2016-4267 , CVE-2016-4268 ,and CVE-2016-4269 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of Font streams. A crafted Font stream can trigger a read past the end of an allocated buffer. Adobe Reader and Acrobat are prone to an memory-corruption vulnerability. Failed exploit attempts will likely result in denial-of-service conditions. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Security flaws exist in several Adobe products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201608-0299",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30174"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.16"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30174"
},
{
"model": "reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.16"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.016.20045"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.016.20045"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.17 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30198 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.017.20050 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30198 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.017.20050 (windows/macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.17 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "mac os x",
"scope": null,
"trust": 0.6,
"vendor": "apple",
"version": null
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "5.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "4.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.6.30172"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.6.30121"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.006.30119"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.16.20039"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "15.17.20050"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.14"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.02"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "4.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.9.20077"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "5.0.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.6.30097"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.6.30174"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.10.20059"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.14"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.6.30097"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.10.20059"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "5.0.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "5.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.16.20045"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "5.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.16.20045"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "4.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.9.20077"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "5.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "5.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "5.1"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "15.6.30198"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.15"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.010.20056"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "15.17.20050"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "15.6.30198"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.17"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.6"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.010.20056"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "5.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "4.05"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.10.20060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.01"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.15"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.6.30174"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "5.0.5"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.6.30172"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.10.20060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.17"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "4.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.6.30121"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "5.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.006.30119"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "15.16.20039"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-493"
},
{
"db": "BID",
"id": "92635"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004469"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-477"
},
{
"db": "NVD",
"id": "CVE-2016-4270"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004469"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "kdot",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-493"
},
{
"db": "BID",
"id": "92635"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-477"
}
],
"trust": 1.6
},
"cve": "CVE-2016-4270",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2016-4270",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2016-4270",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-93089",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2016-4270",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-4270",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2016-4270",
"trust": 0.8,
"value": "Critical"
},
{
"author": "ZDI",
"id": "CVE-2016-4270",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201608-477",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-93089",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-493"
},
{
"db": "VULHUB",
"id": "VHN-93089"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004469"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-477"
},
{
"db": "NVD",
"id": "CVE-2016-4270"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4266, CVE-2016-4267, CVE-2016-4268, and CVE-2016-4269. This vulnerability CVE-2016-4191 , CVE-2016-4192 , CVE-2016-4193 , CVE-2016-4194 , CVE-2016-4195 , CVE-2016-4196 , CVE-2016-4197 , CVE-2016-4198 , CVE-2016-4199 , CVE-2016-4200 , CVE-2016-4201 , CVE-2016-4202 , CVE-2016-4203 , CVE-2016-4204 , CVE-2016-4205 , CVE-2016-4206 , CVE-2016-4207 , CVE-2016-4208 , CVE-2016-4211 , CVE-2016-4212 , CVE-2016-4213 , CVE-2016-4214 , CVE-2016-4250 , CVE-2016-4251 , CVE-2016-4252 , CVE-2016-4254 , CVE-2016-4265 , CVE-2016-4266 , CVE-2016-4267 , CVE-2016-4268 ,and CVE-2016-4269 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of Font streams. A crafted Font stream can trigger a read past the end of an allocated buffer. Adobe Reader and Acrobat are prone to an memory-corruption vulnerability. Failed exploit attempts will likely result in denial-of-service conditions. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Security flaws exist in several Adobe products",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4270"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004469"
},
{
"db": "ZDI",
"id": "ZDI-16-493"
},
{
"db": "BID",
"id": "92635"
},
{
"db": "VULHUB",
"id": "VHN-93089"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-4270",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-16-493",
"trust": 2.1
},
{
"db": "BID",
"id": "92635",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004469",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3817",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201608-477",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-93089",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-493"
},
{
"db": "VULHUB",
"id": "VHN-93089"
},
{
"db": "BID",
"id": "92635"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004469"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-477"
},
{
"db": "NVD",
"id": "CVE-2016-4270"
}
]
},
"id": "VAR-201608-0299",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-93089"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T15:03:14.586000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-26",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"title": "APSB16-26",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/acrobat/apsb16-26.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160714.html"
},
{
"title": "Multiple Adobe Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=63796"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-493"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004469"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-477"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93089"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004469"
},
{
"db": "NVD",
"id": "CVE-2016-4270"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/92635"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-493"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4270"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20160713-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160030.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4270"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=18716"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/reader/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-493/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-493"
},
{
"db": "VULHUB",
"id": "VHN-93089"
},
{
"db": "BID",
"id": "92635"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004469"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-477"
},
{
"db": "NVD",
"id": "CVE-2016-4270"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-16-493"
},
{
"db": "VULHUB",
"id": "VHN-93089"
},
{
"db": "BID",
"id": "92635"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004469"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-477"
},
{
"db": "NVD",
"id": "CVE-2016-4270"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-08-24T00:00:00",
"db": "ZDI",
"id": "ZDI-16-493"
},
{
"date": "2016-08-26T00:00:00",
"db": "VULHUB",
"id": "VHN-93089"
},
{
"date": "2016-08-23T00:00:00",
"db": "BID",
"id": "92635"
},
{
"date": "2016-08-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004469"
},
{
"date": "2016-08-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201608-477"
},
{
"date": "2016-08-26T19:59:06.867000",
"db": "NVD",
"id": "CVE-2016-4270"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-08-24T00:00:00",
"db": "ZDI",
"id": "ZDI-16-493"
},
{
"date": "2016-11-28T00:00:00",
"db": "VULHUB",
"id": "VHN-93089"
},
{
"date": "2016-08-23T00:00:00",
"db": "BID",
"id": "92635"
},
{
"date": "2016-08-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004469"
},
{
"date": "2016-08-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201608-477"
},
{
"date": "2016-11-28T20:17:08.927000",
"db": "NVD",
"id": "CVE-2016-4270"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201608-477"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004469"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201608-477"
}
],
"trust": 0.6
}
}
var-201004-0124
Vulnerability from variot
Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, do not properly handle fonts, which allows attackers to execute arbitrary code via unspecified vectors. This vulnerability CVE-2010-0197 , CVE-2010-0201 and CVE-2010-0204 Is a different vulnerability.A third party may execute arbitrary code. User interaction is required in that the victim must be coerced into opening a malicious document or visiting a malicious URL.The specific flaw exists within the parsing of embedded fonts inside a PDF document. Upon parsing particular tables out of a font file the application will miscalculate an index used for seeking into a buffer. Later the application will begin to copy data into the calculated pointer corrupting the referenced data structure. Successful exploitation will lead to code execution under the context of the application. Failed exploit attempts will result in a denial-of-service condition. The following products are affected: Adobe Reader 9.3.1 and prior for Windows, Macintosh, and UNIX Adobe Acrobat 9.3.1 and prior for Windows and Macintosh Adobe Reader 8.2.1 and prior for Windows and Macintosh Acrobat 8.2.1 and prior for Windows and Macintosh NOTE: This issue was originally documented in BID 39329 (Adobe Acrobat and Reader April 2010 Multiple Remote Vulnerabilities); it has been assigned its own BID to better document the vulnerability.
I. These vulnerabilities affect Reader and Acrobat 9.3.1 and earlier 9.x versions, and 8.2.1 and earlier versions.
An attacker could exploit these vulnerabilities by convincing a user to open a specially crafted PDF file. The Adobe Reader browser plug-in is available for multiple web browsers and operating systems, which can automatically open PDF documents hosted on a website.
II.
III. For a fresh installation, first install Adobe Reader 9.3.0 or 8.2.0 and then use the automatic update feature or install the appropriate update referenced in APSB10-09. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Adobe provides a framework to blacklist specific JavaScipt APIs. If JavaScript must be enabled, this feature may be useful when specific APIs are known to be vulnerable or used in attacks.
Prevent Internet Explorer from automatically opening PDF documents
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7] "EditFlags"=hex:00,00,00,00
Disable the display of PDF documents in the web browser
Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF documents from automatically being opened in a web browser, do the following:
- Open the Edit menu.
- Choose the Preferences option.
- Choose the Internet section.
- Uncheck the "Display PDF in browser" checkbox.
Do not access PDF documents from untrusted sources
Do not open unfamiliar or unexpected PDF documents, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. Please send email to cert@cert.org with "TA10-103C Feedback VU#352598" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
April 13, 2010: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBS8TuRj6pPKYJORa3AQJfzggAj8p3s/TrJT16ceFtRzLR31QBgRq6GxYr h8WnsGlj2WR71XjH219XaWx9Mj3KBWVxbAsNPmK0tEir7KA+n4DwZCewTDYRqfYs 8N7G9MOI68Z87+7zBiZAo0j5/lQuxLWyTF9PqWbX8gCWLqJWW46cEZCqg7OGRbYt w8coxdMXU6tM3WGoWAIKwLRtpQUdubcITPTrE7RATyLJ1422B9dkTSeSCuHHZs5d eXSPYzTQ1EOwHpuA5/a/or2SjeRPLQcpxb/8WKelSqwW3hpK4zviEnPt4cYyeNqW BQY06OQMTKch/nmniuEDuiwe69m0gTw7Tw2Dm6xrg6BLBy3A6GAwkQ== =CQ6i -----END PGP SIGNATURE----- . More details can be found at:
http://www.adobe.com/support/security/bulletins/apsb10-09.html
-- Disclosure Timeline: 2010-02-18 - Vulnerability reported to vendor 2010-04-13 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by: * Anonymous
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
Follow the ZDI on Twitter:
http://twitter.com/thezdi
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201009-05
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: September 07, 2010 Bugs: #297385, #306429, #313343, #322857 ID: 201009-05
Synopsis
Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code or other attacks. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.3.4"
References
[ 1 ] APSA10-01 http://www.adobe.com/support/security/advisories/apsa10-01.html [ 2 ] APSB10-02 http://www.adobe.com/support/security/bulletins/apsb10-02.html [ 3 ] APSB10-07 http://www.adobe.com/support/security/bulletins/apsb10-07.html [ 4 ] APSB10-09 http://www.adobe.com/support/security/bulletins/apsb10-09.html [ 5 ] APSB10-14 http://www.adobe.com/support/security/bulletins/apsb10-14.html [ 6 ] APSB10-16 http://www.adobe.com/support/security/bulletins/apsb10-16.html [ 7 ] CVE-2009-3953 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953 [ 8 ] CVE-2009-4324 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324 [ 9 ] CVE-2010-0186 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186 [ 10 ] CVE-2010-0188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188 [ 11 ] CVE-2010-0190 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190 [ 12 ] CVE-2010-0191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191 [ 13 ] CVE-2010-0192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192 [ 14 ] CVE-2010-0193 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193 [ 15 ] CVE-2010-0194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194 [ 16 ] CVE-2010-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195 [ 17 ] CVE-2010-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196 [ 18 ] CVE-2010-0197 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197 [ 19 ] CVE-2010-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198 [ 20 ] CVE-2010-0199 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199 [ 21 ] CVE-2010-0201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201 [ 22 ] CVE-2010-0202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202 [ 23 ] CVE-2010-0203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203 [ 24 ] CVE-2010-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204 [ 25 ] CVE-2010-1241 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241 [ 26 ] CVE-2010-1285 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285 [ 27 ] CVE-2010-1295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295 [ 28 ] CVE-2010-1297 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297 [ 29 ] CVE-2010-2168 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168 [ 30 ] CVE-2010-2201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201 [ 31 ] CVE-2010-2202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202 [ 32 ] CVE-2010-2203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203 [ 33 ] CVE-2010-2204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204 [ 34 ] CVE-2010-2205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205 [ 35 ] CVE-2010-2206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206 [ 36 ] CVE-2010-2207 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207 [ 37 ] CVE-2010-2208 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208 [ 38 ] CVE-2010-2209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209 [ 39 ] CVE-2010-2210 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210 [ 40 ] CVE-2010-2211 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211 [ 41 ] CVE-2010-2212 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201009-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201004-0124",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.4.z (server)"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-10-071"
},
{
"db": "BID",
"id": "39417"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001351"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-248"
},
{
"db": "NVD",
"id": "CVE-2010-0195"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001351"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An anonymous source via TippingPoint\u0027s Zero Day Initiative",
"sources": [
{
"db": "BID",
"id": "39417"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-248"
}
],
"trust": 0.9
},
"cve": "CVE-2010-0195",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-0195",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2010-0195",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-42800",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-0195",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2010-0195",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2010-0195",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201004-248",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-42800",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2010-0195",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-10-071"
},
{
"db": "VULHUB",
"id": "VHN-42800"
},
{
"db": "VULMON",
"id": "CVE-2010-0195"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001351"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-248"
},
{
"db": "NVD",
"id": "CVE-2010-0195"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, do not properly handle fonts, which allows attackers to execute arbitrary code via unspecified vectors. This vulnerability CVE-2010-0197 , CVE-2010-0201 and CVE-2010-0204 Is a different vulnerability.A third party may execute arbitrary code. User interaction is required in that the victim must be coerced into opening a malicious document or visiting a malicious URL.The specific flaw exists within the parsing of embedded fonts inside a PDF document. Upon parsing particular tables out of a font file the application will miscalculate an index used for seeking into a buffer. Later the application will begin to copy data into the calculated pointer corrupting the referenced data structure. Successful exploitation will lead to code execution under the context of the application. Failed exploit attempts will result in a denial-of-service condition. \nThe following products are affected:\nAdobe Reader 9.3.1 and prior for Windows, Macintosh, and UNIX\nAdobe Acrobat 9.3.1 and prior for Windows and Macintosh\nAdobe Reader 8.2.1 and prior for Windows and Macintosh\nAcrobat 8.2.1 and prior for Windows and Macintosh\nNOTE: This issue was originally documented in BID 39329 (Adobe Acrobat and Reader April 2010 Multiple Remote Vulnerabilities); it has been assigned its own BID to better document the vulnerability. \n\n\nI. These\n vulnerabilities affect Reader and Acrobat 9.3.1 and earlier 9.x\n versions, and 8.2.1 and earlier versions. \n\n An attacker could exploit these vulnerabilities by convincing a\n user to open a specially crafted PDF file. The Adobe Reader browser\n plug-in is available for multiple web browsers and operating\n systems, which can automatically open PDF documents hosted on a\n website. \n\n\nII. \n\n\nIII. For a fresh installation, first install\n Adobe Reader 9.3.0 or 8.2.0 and then use the automatic update\n feature or install the appropriate update referenced in APSB10-09. Acrobat JavaScript can be disabled using the\n Preferences menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable\n Acrobat JavaScript). \n\n Adobe provides a framework to blacklist specific JavaScipt APIs. If\n JavaScript must be enabled, this feature may be useful when\n specific APIs are known to be vulnerable or used in attacks. \n\n Prevent Internet Explorer from automatically opening PDF documents\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF documents in the web browser\n\n Preventing PDF documents from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF documents from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. \n\n Do not access PDF documents from untrusted sources\n\n Do not open unfamiliar or unexpected PDF documents, particularly\n those hosted on websites or delivered as email attachments. Please\n see Cyber Security Tip ST04-010. \n\n\nIV. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-103C Feedback VU#352598\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n April 13, 2010: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBS8TuRj6pPKYJORa3AQJfzggAj8p3s/TrJT16ceFtRzLR31QBgRq6GxYr\nh8WnsGlj2WR71XjH219XaWx9Mj3KBWVxbAsNPmK0tEir7KA+n4DwZCewTDYRqfYs\n8N7G9MOI68Z87+7zBiZAo0j5/lQuxLWyTF9PqWbX8gCWLqJWW46cEZCqg7OGRbYt\nw8coxdMXU6tM3WGoWAIKwLRtpQUdubcITPTrE7RATyLJ1422B9dkTSeSCuHHZs5d\neXSPYzTQ1EOwHpuA5/a/or2SjeRPLQcpxb/8WKelSqwW3hpK4zviEnPt4cYyeNqW\nBQY06OQMTKch/nmniuEDuiwe69m0gTw7Tw2Dm6xrg6BLBy3A6GAwkQ==\n=CQ6i\n-----END PGP SIGNATURE-----\n. More\ndetails can be found at:\n\nhttp://www.adobe.com/support/security/bulletins/apsb10-09.html\n\n-- Disclosure Timeline:\n2010-02-18 - Vulnerability reported to vendor\n2010-04-13 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n * Anonymous\n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nFollow the ZDI on Twitter:\n\n http://twitter.com/thezdi\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201009-05\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: September 07, 2010\n Bugs: #297385, #306429, #313343, #322857\n ID: 201009-05\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might result in the execution\nof arbitrary code or other attacks. For further\ninformation please consult the CVE entries and the Adobe Security\nBulletins referenced below. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.3.4\"\n\nReferences\n==========\n\n [ 1 ] APSA10-01\n http://www.adobe.com/support/security/advisories/apsa10-01.html\n [ 2 ] APSB10-02\n http://www.adobe.com/support/security/bulletins/apsb10-02.html\n [ 3 ] APSB10-07\n http://www.adobe.com/support/security/bulletins/apsb10-07.html\n [ 4 ] APSB10-09\n http://www.adobe.com/support/security/bulletins/apsb10-09.html\n [ 5 ] APSB10-14\n http://www.adobe.com/support/security/bulletins/apsb10-14.html\n [ 6 ] APSB10-16\n http://www.adobe.com/support/security/bulletins/apsb10-16.html\n [ 7 ] CVE-2009-3953\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953\n [ 8 ] CVE-2009-4324\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324\n [ 9 ] CVE-2010-0186\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186\n [ 10 ] CVE-2010-0188\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188\n [ 11 ] CVE-2010-0190\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190\n [ 12 ] CVE-2010-0191\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191\n [ 13 ] CVE-2010-0192\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192\n [ 14 ] CVE-2010-0193\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193\n [ 15 ] CVE-2010-0194\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194\n [ 16 ] CVE-2010-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195\n [ 17 ] CVE-2010-0196\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196\n [ 18 ] CVE-2010-0197\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197\n [ 19 ] CVE-2010-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198\n [ 20 ] CVE-2010-0199\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199\n [ 21 ] CVE-2010-0201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201\n [ 22 ] CVE-2010-0202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202\n [ 23 ] CVE-2010-0203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203\n [ 24 ] CVE-2010-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204\n [ 25 ] CVE-2010-1241\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241\n [ 26 ] CVE-2010-1285\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285\n [ 27 ] CVE-2010-1295\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295\n [ 28 ] CVE-2010-1297\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297\n [ 29 ] CVE-2010-2168\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168\n [ 30 ] CVE-2010-2201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201\n [ 31 ] CVE-2010-2202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202\n [ 32 ] CVE-2010-2203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203\n [ 33 ] CVE-2010-2204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204\n [ 34 ] CVE-2010-2205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205\n [ 35 ] CVE-2010-2206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206\n [ 36 ] CVE-2010-2207\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207\n [ 37 ] CVE-2010-2208\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208\n [ 38 ] CVE-2010-2209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209\n [ 39 ] CVE-2010-2210\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210\n [ 40 ] CVE-2010-2211\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211\n [ 41 ] CVE-2010-2212\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201009-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-0195"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001351"
},
{
"db": "ZDI",
"id": "ZDI-10-071"
},
{
"db": "BID",
"id": "39417"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "VULHUB",
"id": "VHN-42800"
},
{
"db": "VULMON",
"id": "CVE-2010-0195"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "88333"
},
{
"db": "PACKETSTORM",
"id": "93607"
}
],
"trust": 3.24
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-42800",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42800"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-0195",
"trust": 3.8
},
{
"db": "USCERT",
"id": "TA10-103C",
"trust": 2.7
},
{
"db": "VUPEN",
"id": "ADV-2010-0873",
"trust": 2.6
},
{
"db": "BID",
"id": "39329",
"trust": 2.1
},
{
"db": "BID",
"id": "39417",
"trust": 1.2
},
{
"db": "ZDI",
"id": "ZDI-10-071",
"trust": 1.1
},
{
"db": "USCERT",
"id": "SA10-103C",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001351",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-696",
"trust": 0.7
},
{
"db": "CERT/CC",
"id": "TA10-103C",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201004-248",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "88333",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-42800",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2010-0195",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88345",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "93607",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-10-071"
},
{
"db": "VULHUB",
"id": "VHN-42800"
},
{
"db": "VULMON",
"id": "CVE-2010-0195"
},
{
"db": "BID",
"id": "39417"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001351"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "88333"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-248"
},
{
"db": "NVD",
"id": "CVE-2010-0195"
}
]
},
"id": "VAR-201004-0124",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-42800"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:13:46.216000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-09",
"trust": 1.5,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"title": "APSB10-09",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-09.html"
},
{
"title": "RHSA-2010:0349",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0349.html"
},
{
"title": "TA10-103C",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-103c.html"
},
{
"title": "Red Hat: Critical: acroread security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20100349 - Security Advisory"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-10-071"
},
{
"db": "VULMON",
"id": "CVE-2010-0195"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001351"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42800"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001351"
},
{
"db": "NVD",
"id": "CVE-2010-0195"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"trust": 2.6,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-103c.html"
},
{
"trust": 2.6,
"url": "http://www.vupen.com/english/advisories/2010/0873"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/39329"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7420"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0195"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100009.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-103c/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-13/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0195"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/39417"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-103c.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/index.html#topics"
},
{
"trust": 0.6,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-10-071/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0195"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/94.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2010:0349"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-103c.html\u003e"
},
{
"trust": 0.1,
"url": "http://kb2.adobe.com/cps/504/cpsid_50431.html\u003e"
},
{
"trust": 0.1,
"url": "http://blogs.adobe.com/adobereader/2010/04/upcoming_adobe_reader_and_acro.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-10-071"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://twitter.com/thezdi"
},
{
"trust": 0.1,
"url": "http://www.tippingpoint.com"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2203"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2209"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0188"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0199"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201009-05.xml"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2205"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2211"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1285"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0199"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0190"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2210"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0188"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0198"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-07.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1297"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1241"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1295"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2208"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0190"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0198"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2207"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2168"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2201"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-16.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2212"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-10-071"
},
{
"db": "VULHUB",
"id": "VHN-42800"
},
{
"db": "VULMON",
"id": "CVE-2010-0195"
},
{
"db": "BID",
"id": "39417"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001351"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "88333"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-248"
},
{
"db": "NVD",
"id": "CVE-2010-0195"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-10-071"
},
{
"db": "VULHUB",
"id": "VHN-42800"
},
{
"db": "VULMON",
"id": "CVE-2010-0195"
},
{
"db": "BID",
"id": "39417"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001351"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "88333"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-248"
},
{
"db": "NVD",
"id": "CVE-2010-0195"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-13T00:00:00",
"db": "ZDI",
"id": "ZDI-10-071"
},
{
"date": "2010-04-14T00:00:00",
"db": "VULHUB",
"id": "VHN-42800"
},
{
"date": "2010-04-14T00:00:00",
"db": "VULMON",
"id": "CVE-2010-0195"
},
{
"date": "2010-04-13T00:00:00",
"db": "BID",
"id": "39417"
},
{
"date": "2010-04-08T00:00:00",
"db": "BID",
"id": "39329"
},
{
"date": "2010-04-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001351"
},
{
"date": "2010-04-14T07:04:22",
"db": "PACKETSTORM",
"id": "88345"
},
{
"date": "2010-04-14T06:44:43",
"db": "PACKETSTORM",
"id": "88333"
},
{
"date": "2010-09-08T05:23:46",
"db": "PACKETSTORM",
"id": "93607"
},
{
"date": "2010-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-248"
},
{
"date": "2010-04-14T16:00:00.820000",
"db": "NVD",
"id": "CVE-2010-0195"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-13T00:00:00",
"db": "ZDI",
"id": "ZDI-10-071"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-42800"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2010-0195"
},
{
"date": "2010-09-07T21:12:00",
"db": "BID",
"id": "39417"
},
{
"date": "2010-04-16T15:53:00",
"db": "BID",
"id": "39329"
},
{
"date": "2010-04-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001351"
},
{
"date": "2010-04-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-248"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2010-0195"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "88333"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-248"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001351"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-248"
}
],
"trust": 0.6
}
}
var-201505-0284
Vulnerability from variot
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3053, CVE-2015-3054, CVE-2015-3055, and CVE-2015-3059. This vulnerability CVE-2015-3053 , CVE-2015-3054 , CVE-2015-3055 ,and CVE-2015-3059 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. Adobe Reader and Acrobat are prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will likely result in denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201505-0284",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "74602"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002653"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-188"
},
{
"db": "NVD",
"id": "CVE-2015-3075"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002653"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri, Brian Gorenc and bilou working with HP Zero Day Initiative, and anonymous from Beyond Security\u0027s SecuriTeam Secure Disclosure.",
"sources": [
{
"db": "BID",
"id": "74602"
}
],
"trust": 0.3
},
"cve": "CVE-2015-3075",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3075",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-81036",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3075",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-3075",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-188",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-81036",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81036"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002653"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-188"
},
{
"db": "NVD",
"id": "CVE-2015-3075"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3053, CVE-2015-3054, CVE-2015-3055, and CVE-2015-3059. This vulnerability CVE-2015-3053 , CVE-2015-3054 , CVE-2015-3055 ,and CVE-2015-3059 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. Adobe Reader and Acrobat are prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will likely result in denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3075"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002653"
},
{
"db": "BID",
"id": "74602"
},
{
"db": "VULHUB",
"id": "VHN-81036"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3075",
"trust": 2.8
},
{
"db": "BID",
"id": "74602",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1032284",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002653",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201505-188",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-81036",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81036"
},
{
"db": "BID",
"id": "74602"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002653"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-188"
},
{
"db": "NVD",
"id": "CVE-2015-3075"
}
]
},
"id": "VAR-201505-0284",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81036"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:34:06.929000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb15-10.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150514.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002653"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81036"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002653"
},
{
"db": "NVD",
"id": "CVE-2015-3075"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/74602"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032284"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3075"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150513-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3075"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=16279"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81036"
},
{
"db": "BID",
"id": "74602"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002653"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-188"
},
{
"db": "NVD",
"id": "CVE-2015-3075"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-81036"
},
{
"db": "BID",
"id": "74602"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002653"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-188"
},
{
"db": "NVD",
"id": "CVE-2015-3075"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-81036"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74602"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002653"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-188"
},
{
"date": "2015-05-13T11:00:08.923000",
"db": "NVD",
"id": "CVE-2015-3075"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-05T00:00:00",
"db": "VULHUB",
"id": "VHN-81036"
},
{
"date": "2015-05-15T00:10:00",
"db": "BID",
"id": "74602"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002653"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-188"
},
{
"date": "2017-01-05T20:12:19.420000",
"db": "NVD",
"id": "CVE-2015-3075"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-188"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002653"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "74602"
}
],
"trust": 0.3
}
}
var-201102-0031
Vulnerability from variot
Unspecified vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0565. This vulnerability CVE-2011-0565 Is a different vulnerability.Denial of service by attacker (DoS) Could be put into a state or execute arbitrary code. Adobe Acrobat and Reader are prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to cause the affected application to crash. Arbitrary code execution may be possible; this has not been confirmed. Adobe Reader and Acrobat versions prior to 9.4.2 and 10.0.1 are affected.
For more information: SA43207
SOLUTION: Updated packages are available via Red Hat Network. ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA43207
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43207/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
RELEASE DATE: 2011-02-09
DISCUSS ADVISORY: http://secunia.com/advisories/43207/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43207/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader / Acrobat, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks and compromise a user's system.
2) An unspecified error can be exploited to corrupt memory.
3) An unspecified error related to file permissions in Windows-based versions can be exploited to gain escalated privileges.
5) An unspecified error when parsing images can be exploited to corrupt memory.
6) An error in AcroRd32.dll when parsing certain images can be exploited to corrupt memory.
11) An input validation error can be exploited to conduct cross-site scripting attacks.
13) An unspecified error can be exploited to corrupt memory.
14) A boundary error when decoding U3D image data in an IFF file can be exploited to cause a buffer overflow.
15) A boundary error when decoding U3D image data in a RGBA file can be exploited to cause a buffer overflow.
16) A boundary error when decoding U3D image data in a BMP file can be exploited to cause a buffer overflow.
17) A boundary error when decoding U3D image data in a PSD file can be exploited to cause a buffer overflow.
18) An input validation error when parsing fonts may allow code execution.
19) A boundary error when decoding U3D image data in a FLI file can be exploited to cause a buffer overflow.
20) An error in 2d.dll when parsing height and width values of RLE_8 compressed BMP files can be exploited to cause a heap-based buffer overflow.
21) An integer overflow in ACE.dll when parsing certain ICC data can be exploited to cause a buffer overflow.
22) A boundary error in rt3d.dll when parsing bits per pixel and number of colors if 4/8-bit RLE compressed BMP files can be exploited to cause a heap-based buffer overflow.
23) An error in the U3D implementation when handling the Parent Node count can be exploited to cause a buffer overflow.
24) A boundary error when processing JPEG files embedded in a PDF file can be exploited to corrupt heap memory.
26) An input validation error can be exploited to conduct cross-site scripting attacks.
28) A boundary error in rt3d.dll when parsing certain files can be exploited to cause a stack-based buffer overflow.
29) An integer overflow in the U3D implementation when parsing a ILBM texture file can be exploited to cause a buffer overflow.
30) Some vulnerabilities are caused due to vulnerabilities in the bundled version of Adobe Flash Player.
For more information: SA43267
The vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1 and prior, and 10.0 and prior.
SOLUTION: Update to version 8.2.6, 9.4.2, or 10.0.1.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: 2) Bing Liu, Fortinet's FortiGuard Labs. 6) Abdullah Ada via ZDI. 8) Haifei Li, Fortinet's FortiGuard Labs. 14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. 21) Sebastian Apelt via ZDI. 23) el via ZDI. 14) Sean Larsson, iDefense Labs. 28) An anonymous person via ZDI.
The vendor also credits: 1) Mitja Kolsek, ACROS Security. 3) Matthew Pun. 4, 5, 18) Tavis Ormandy, Google Security Team. 7) James Quirk. 9) Brett Gervasoni, Sense of Security. 10) Joe Schatz. 11, 26) Billy Rios, Google Security Team. 12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. 13) CESG. 25) Will Dormann, CERT. 27) Marc Schoenefeld, Red Hat Security Response Team.
ORIGINAL ADVISORY: Adobe (APSB11-03) http://www.adobe.com/support/security/bulletins/apsb11-03.html http://www.adobe.com/support/security/bulletins/apsb11-02.html
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-065/ http://www.zerodayinitiative.com/advisories/ZDI-11-066/ http://www.zerodayinitiative.com/advisories/ZDI-11-067/ http://www.zerodayinitiative.com/advisories/ZDI-11-068/ http://www.zerodayinitiative.com/advisories/ZDI-11-069/ http://www.zerodayinitiative.com/advisories/ZDI-11-070/ http://www.zerodayinitiative.com/advisories/ZDI-11-071/ http://www.zerodayinitiative.com/advisories/ZDI-11-072/ http://www.zerodayinitiative.com/advisories/ZDI-11-073/ http://www.zerodayinitiative.com/advisories/ZDI-11-074/ http://www.zerodayinitiative.com/advisories/ZDI-11-075/ http://www.zerodayinitiative.com/advisories/ZDI-11-077/
FortiGuard Labs: http://www.fortiguard.com/advisory/FGA-2011-06.html
iDefense: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201201-19
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: January 30, 2012 Bugs: #354211, #382969, #393481 ID: 201201-19
Synopsis
Multiple vulnerabilities in Adobe Reader might allow remote attackers to execute arbitrary code or conduct various other attacks.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.4.7 >= 9.4.7=20
Description
Multiple vulnerabilities have been discovered in Adobe Reader. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open a specially crafted PDF file using Adobe Reader, possibly resulting in the remote execution of arbitrary code, a Denial of Service, or other impact.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.7"
References
[ 1 ] CVE-2010-4091 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091 [ 2 ] CVE-2011-0562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562 [ 3 ] CVE-2011-0563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563 [ 4 ] CVE-2011-0565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565 [ 5 ] CVE-2011-0566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566 [ 6 ] CVE-2011-0567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567 [ 7 ] CVE-2011-0570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570 [ 8 ] CVE-2011-0585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585 [ 9 ] CVE-2011-0586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586 [ 10 ] CVE-2011-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587 [ 11 ] CVE-2011-0588 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588 [ 12 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 13 ] CVE-2011-0590 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590 [ 14 ] CVE-2011-0591 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591 [ 15 ] CVE-2011-0592 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592 [ 16 ] CVE-2011-0593 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593 [ 17 ] CVE-2011-0594 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594 [ 18 ] CVE-2011-0595 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595 [ 19 ] CVE-2011-0596 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596 [ 20 ] CVE-2011-0598 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598 [ 21 ] CVE-2011-0599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599 [ 22 ] CVE-2011-0600 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600 [ 23 ] CVE-2011-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602 [ 24 ] CVE-2011-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603 [ 25 ] CVE-2011-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604 [ 26 ] CVE-2011-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605 [ 27 ] CVE-2011-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606 [ 28 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 29 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 30 ] CVE-2011-2135 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 31 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 32 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 33 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 34 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 35 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 36 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 37 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 38 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 39 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 40 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 41 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 42 ] CVE-2011-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431 [ 43 ] CVE-2011-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432 [ 44 ] CVE-2011-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433 [ 45 ] CVE-2011-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434 [ 46 ] CVE-2011-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435 [ 47 ] CVE-2011-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436 [ 48 ] CVE-2011-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437 [ 49 ] CVE-2011-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438 [ 50 ] CVE-2011-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439 [ 51 ] CVE-2011-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440 [ 52 ] CVE-2011-2441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441 [ 53 ] CVE-2011-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442 [ 54 ] CVE-2011-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462 [ 55 ] CVE-2011-4369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201201-19.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0031",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat professional extended",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
}
],
"sources": [
{
"db": "BID",
"id": "46207"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001197"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-150"
},
{
"db": "NVD",
"id": "CVE-2011-0585"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_server_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_workstation_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001197"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Brett Gervasoni of Sense of Security",
"sources": [
{
"db": "BID",
"id": "46207"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-150"
}
],
"trust": 0.9
},
"cve": "CVE-2011-0585",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2011-0585",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-48530",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-0585",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-0585",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-150",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-48530",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48530"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001197"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-150"
},
{
"db": "NVD",
"id": "CVE-2011-0585"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0565. This vulnerability CVE-2011-0565 Is a different vulnerability.Denial of service by attacker (DoS) Could be put into a state or execute arbitrary code. Adobe Acrobat and Reader are prone to a remote denial-of-service vulnerability. \nAttackers can exploit this issue to cause the affected application to crash. Arbitrary code execution may be possible; this has not been confirmed. \nAdobe Reader and Acrobat versions prior to 9.4.2 and 10.0.1 are affected. \n\nFor more information:\nSA43207\n\nSOLUTION:\nUpdated packages are available via Red Hat Network. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA43207\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43207/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nRELEASE DATE:\n2011-02-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43207/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43207/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader /\nAcrobat, which can be exploited by malicious, local users to gain\nescalated privileges and by malicious people to conduct cross-site\nscripting attacks and compromise a user\u0027s system. \n\n2) An unspecified error can be exploited to corrupt memory. \n\n3) An unspecified error related to file permissions in Windows-based\nversions can be exploited to gain escalated privileges. \n\n5) An unspecified error when parsing images can be exploited to\ncorrupt memory. \n\n6) An error in AcroRd32.dll when parsing certain images can be\nexploited to corrupt memory. \n\n11) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n13) An unspecified error can be exploited to corrupt memory. \n\n14) A boundary error when decoding U3D image data in an IFF file can\nbe exploited to cause a buffer overflow. \n\n15) A boundary error when decoding U3D image data in a RGBA file can\nbe exploited to cause a buffer overflow. \n\n16) A boundary error when decoding U3D image data in a BMP file can\nbe exploited to cause a buffer overflow. \n\n17) A boundary error when decoding U3D image data in a PSD file can\nbe exploited to cause a buffer overflow. \n\n18) An input validation error when parsing fonts may allow code\nexecution. \n\n19) A boundary error when decoding U3D image data in a FLI file can\nbe exploited to cause a buffer overflow. \n\n20) An error in 2d.dll when parsing height and width values of RLE_8\ncompressed BMP files can be exploited to cause a heap-based buffer\noverflow. \n\n21) An integer overflow in ACE.dll when parsing certain ICC data can\nbe exploited to cause a buffer overflow. \n\n22) A boundary error in rt3d.dll when parsing bits per pixel and\nnumber of colors if 4/8-bit RLE compressed BMP files can be exploited\nto cause a heap-based buffer overflow. \n\n23) An error in the U3D implementation when handling the Parent Node\ncount can be exploited to cause a buffer overflow. \n\n24) A boundary error when processing JPEG files embedded in a PDF\nfile can be exploited to corrupt heap memory. \n\n26) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n28) A boundary error in rt3d.dll when parsing certain files can be\nexploited to cause a stack-based buffer overflow. \n\n29) An integer overflow in the U3D implementation when parsing a ILBM\ntexture file can be exploited to cause a buffer overflow. \n\n30) Some vulnerabilities are caused due to vulnerabilities in the\nbundled version of Adobe Flash Player. \n\nFor more information:\nSA43267\n\nThe vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1\nand prior, and 10.0 and prior. \n\nSOLUTION:\nUpdate to version 8.2.6, 9.4.2, or 10.0.1. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\n2) Bing Liu, Fortinet\u0027s FortiGuard Labs. \n6) Abdullah Ada via ZDI. \n8) Haifei Li, Fortinet\u0027s FortiGuard Labs. \n14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. \n21) Sebastian Apelt via ZDI. \n23) el via ZDI. \n14) Sean Larsson, iDefense Labs. \n28) An anonymous person via ZDI. \n\nThe vendor also credits:\n1) Mitja Kolsek, ACROS Security. \n3) Matthew Pun. \n4, 5, 18) Tavis Ormandy, Google Security Team. \n7) James Quirk. \n9) Brett Gervasoni, Sense of Security. \n10) Joe Schatz. \n11, 26) Billy Rios, Google Security Team. \n12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. \n13) CESG. \n25) Will Dormann, CERT. \n27) Marc Schoenefeld, Red Hat Security Response Team. \n\nORIGINAL ADVISORY:\nAdobe (APSB11-03)\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-02.html\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-065/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-066/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-067/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-068/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-069/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-070/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-071/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-072/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-073/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-074/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-075/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-077/\n\nFortiGuard Labs:\nhttp://www.fortiguard.com/advisory/FGA-2011-06.html\n\niDefense:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201201-19\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: January 30, 2012\n Bugs: #354211, #382969, #393481\n ID: 201201-19\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might allow remote attackers\nto execute arbitrary code or conduct various other attacks. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/acroread \u003c 9.4.7 \u003e= 9.4.7=20\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Adobe Reader. Please\nreview the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could entice a user to open a specially crafted PDF\nfile using Adobe Reader, possibly resulting in the remote execution of\narbitrary code, a Denial of Service, or other impact. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.4.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-4091\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091\n[ 2 ] CVE-2011-0562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562\n[ 3 ] CVE-2011-0563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563\n[ 4 ] CVE-2011-0565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565\n[ 5 ] CVE-2011-0566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566\n[ 6 ] CVE-2011-0567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567\n[ 7 ] CVE-2011-0570\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570\n[ 8 ] CVE-2011-0585\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585\n[ 9 ] CVE-2011-0586\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586\n[ 10 ] CVE-2011-0587\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587\n[ 11 ] CVE-2011-0588\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588\n[ 12 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 13 ] CVE-2011-0590\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590\n[ 14 ] CVE-2011-0591\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591\n[ 15 ] CVE-2011-0592\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592\n[ 16 ] CVE-2011-0593\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593\n[ 17 ] CVE-2011-0594\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594\n[ 18 ] CVE-2011-0595\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595\n[ 19 ] CVE-2011-0596\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596\n[ 20 ] CVE-2011-0598\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598\n[ 21 ] CVE-2011-0599\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599\n[ 22 ] CVE-2011-0600\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600\n[ 23 ] CVE-2011-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602\n[ 24 ] CVE-2011-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603\n[ 25 ] CVE-2011-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604\n[ 26 ] CVE-2011-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605\n[ 27 ] CVE-2011-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606\n[ 28 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 29 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 30 ] CVE-2011-2135\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 31 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 32 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 33 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 34 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 35 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 36 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 37 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 38 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 39 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 40 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 41 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 42 ] CVE-2011-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431\n[ 43 ] CVE-2011-2432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432\n[ 44 ] CVE-2011-2433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433\n[ 45 ] CVE-2011-2434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434\n[ 46 ] CVE-2011-2435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435\n[ 47 ] CVE-2011-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436\n[ 48 ] CVE-2011-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437\n[ 49 ] CVE-2011-2438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438\n[ 50 ] CVE-2011-2439\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439\n[ 51 ] CVE-2011-2440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440\n[ 52 ] CVE-2011-2441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441\n[ 53 ] CVE-2011-2442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442\n[ 54 ] CVE-2011-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462\n[ 55 ] CVE-2011-4369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201201-19.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0585"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001197"
},
{
"db": "BID",
"id": "46207"
},
{
"db": "VULHUB",
"id": "VHN-48530"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-0585",
"trust": 2.9
},
{
"db": "BID",
"id": "46207",
"trust": 2.2
},
{
"db": "VUPEN",
"id": "ADV-2011-0337",
"trust": 1.9
},
{
"db": "SECTRACK",
"id": "1025033",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "43470",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2011-0492",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "43207",
"trust": 1.0
},
{
"db": "XF",
"id": "65290",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001197",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201102-150",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-48530",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99246",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-074",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-071",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-070",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-066",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-067",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-077",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-073",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-072",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-065",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-068",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-075",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-069",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98320",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109194",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48530"
},
{
"db": "BID",
"id": "46207"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001197"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-150"
},
{
"db": "NVD",
"id": "CVE-2011-0585"
}
]
},
"id": "VAR-201102-0031",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48530"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:30:46.308000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-03",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"title": "cpsid_89065",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/890/cpsid_89065.html"
},
{
"title": "RHSA-2011:0301",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2011-0301.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001197"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0585"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/46207"
},
{
"trust": 1.9,
"url": "http://www.securitytracker.com/id?1025033"
},
{
"trust": 1.9,
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12193"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2011-0301.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/43470"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2011/0492"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65290"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0585"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/65290"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2011/at110004.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0585"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/43207"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/vim/section_179/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/#comments"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-0301.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43470"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-066/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-068/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/#comments"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-065/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-072/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-073/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-069/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-075/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-070/"
},
{
"trust": 0.1,
"url": "http://www.fortiguard.com/advisory/fga-2011-06.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-077/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-067/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-071/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-074/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48530"
},
{
"db": "BID",
"id": "46207"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001197"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-150"
},
{
"db": "NVD",
"id": "CVE-2011-0585"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-48530"
},
{
"db": "BID",
"id": "46207"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001197"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-150"
},
{
"db": "NVD",
"id": "CVE-2011-0585"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-48530"
},
{
"date": "2011-02-08T00:00:00",
"db": "BID",
"id": "46207"
},
{
"date": "2011-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001197"
},
{
"date": "2011-03-14T11:37:12",
"db": "PACKETSTORM",
"id": "99246"
},
{
"date": "2011-02-09T03:30:01",
"db": "PACKETSTORM",
"id": "98320"
},
{
"date": "2012-01-31T00:07:37",
"db": "PACKETSTORM",
"id": "109194"
},
{
"date": "2011-02-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-150"
},
{
"date": "2011-02-10T18:00:58.207000",
"db": "NVD",
"id": "CVE-2011-0585"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-48530"
},
{
"date": "2015-03-19T09:45:00",
"db": "BID",
"id": "46207"
},
{
"date": "2011-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001197"
},
{
"date": "2011-02-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-150"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2011-0585"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-150"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001197"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-150"
}
],
"trust": 0.6
}
}
var-201510-0360
Vulnerability from variot
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via a crafted WillSave document action, a different vulnerability than CVE-2015-5586, CVE-2015-6683, CVE-2015-6684, CVE-2015-6687, CVE-2015-6688, CVE-2015-6690, CVE-2015-6691, CVE-2015-7615, CVE-2015-7617, and CVE-2015-7621. This vulnerability CVE-2015-5586 , CVE-2015-6683 , CVE-2015-6684 , CVE-2015-6687 , CVE-2015-6688 , CVE-2015-6690 , CVE-2015-6691 , CVE-2015-7615 , CVE-2015-7617 ,and CVE-2015-7621 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlCrafted by attackers WillSave document An arbitrary code may be executed through an action. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the WillSave document action. A specially crafted WillSave document action can force a dangling pointer to be reused after it has been freed. Adobe Acrobat and Reader are prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A use-after-free vulnerability exists in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0360",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat pro dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-470"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005246"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-202"
},
{
"db": "NVD",
"id": "CVE-2015-6689"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005246"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-470"
}
],
"trust": 0.7
},
"cve": "CVE-2015-6689",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6689",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.7,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-6689",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84650",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6689",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6689",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-6689",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-202",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-84650",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-470"
},
{
"db": "VULHUB",
"id": "VHN-84650"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005246"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-202"
},
{
"db": "NVD",
"id": "CVE-2015-6689"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via a crafted WillSave document action, a different vulnerability than CVE-2015-5586, CVE-2015-6683, CVE-2015-6684, CVE-2015-6687, CVE-2015-6688, CVE-2015-6690, CVE-2015-6691, CVE-2015-7615, CVE-2015-7617, and CVE-2015-7621. This vulnerability CVE-2015-5586 , CVE-2015-6683 , CVE-2015-6684 , CVE-2015-6687 , CVE-2015-6688 , CVE-2015-6690 , CVE-2015-6691 , CVE-2015-7615 , CVE-2015-7617 ,and CVE-2015-7621 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlCrafted by attackers WillSave document An arbitrary code may be executed through an action. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the WillSave document action. A specially crafted WillSave document action can force a dangling pointer to be reused after it has been freed. Adobe Acrobat and Reader are prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A use-after-free vulnerability exists in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6689"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005246"
},
{
"db": "ZDI",
"id": "ZDI-15-470"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "VULHUB",
"id": "VHN-84650"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6689",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-470",
"trust": 2.7
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005246",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2998",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-202",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-15-508",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-493",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-469",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-474",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-492",
"trust": 0.3
},
{
"db": "BID",
"id": "77064",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84650",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-470"
},
{
"db": "VULHUB",
"id": "VHN-84650"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005246"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-202"
},
{
"db": "NVD",
"id": "CVE-2015-6689"
}
]
},
"id": "VAR-201510-0360",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84650"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:36.603000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Remediation measures for reusing vulnerabilities after product release",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58051"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-470"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005246"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-202"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84650"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005246"
},
{
"db": "NVD",
"id": "CVE-2015-6689"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-470"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6689"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6689"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-469/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-470/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-474/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-492/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-493/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-508/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-470"
},
{
"db": "VULHUB",
"id": "VHN-84650"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005246"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-202"
},
{
"db": "NVD",
"id": "CVE-2015-6689"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-470"
},
{
"db": "VULHUB",
"id": "VHN-84650"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005246"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-202"
},
{
"db": "NVD",
"id": "CVE-2015-6689"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-470"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84650"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77064"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005246"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-202"
},
{
"date": "2015-10-14T23:59:11.017000",
"db": "NVD",
"id": "CVE-2015-6689"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-470"
},
{
"date": "2020-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-84650"
},
{
"date": "2015-10-26T17:00:00",
"db": "BID",
"id": "77064"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005246"
},
{
"date": "2020-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-202"
},
{
"date": "2021-09-08T17:19:31.597000",
"db": "NVD",
"id": "CVE-2015-6689"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-202"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005246"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-202"
}
],
"trust": 0.6
}
}
var-201412-0501
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8456, CVE-2014-8458, CVE-2014-8459, CVE-2014-8461, and CVE-2014-9158. Adobe Reader and Acrobat are prone to an unspecified memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201412-0501",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.06"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.02"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.07"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.01"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.03"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.04"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.13)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.13)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.10)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.10)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "71574"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005923"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-223"
},
{
"db": "NVD",
"id": "CVE-2014-8447"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005923"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jack Tang of Trend Micro",
"sources": [
{
"db": "BID",
"id": "71574"
}
],
"trust": 0.3
},
"cve": "CVE-2014-8447",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-8447",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-76392",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-8447",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-8447",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201412-223",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-76392",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76392"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005923"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-223"
},
{
"db": "NVD",
"id": "CVE-2014-8447"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8456, CVE-2014-8458, CVE-2014-8459, CVE-2014-8461, and CVE-2014-9158. Adobe Reader and Acrobat are prone to an unspecified memory-corruption vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8447"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005923"
},
{
"db": "BID",
"id": "71574"
},
{
"db": "VULHUB",
"id": "VHN-76392"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-8447",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005923",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201412-223",
"trust": 0.7
},
{
"db": "BID",
"id": "71574",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-76392",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76392"
},
{
"db": "BID",
"id": "71574"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005923"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-223"
},
{
"db": "NVD",
"id": "CVE-2014-8447"
}
]
},
"id": "VAR-201412-0501",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-76392"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T15:44:44.610000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb14-28.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005923"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76392"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005923"
},
{
"db": "NVD",
"id": "CVE-2014-8447"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8447"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20141210-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140053.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8447"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=15071"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat.html"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76392"
},
{
"db": "BID",
"id": "71574"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005923"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-223"
},
{
"db": "NVD",
"id": "CVE-2014-8447"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-76392"
},
{
"db": "BID",
"id": "71574"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005923"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-223"
},
{
"db": "NVD",
"id": "CVE-2014-8447"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-10T00:00:00",
"db": "VULHUB",
"id": "VHN-76392"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71574"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005923"
},
{
"date": "2014-12-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-223"
},
{
"date": "2014-12-10T21:59:20.023000",
"db": "NVD",
"id": "CVE-2014-8447"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-76392"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71574"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005923"
},
{
"date": "2014-12-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-223"
},
{
"date": "2014-12-12T01:18:22.887000",
"db": "NVD",
"id": "CVE-2014-8447"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-223"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005923"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-223"
}
],
"trust": 0.6
}
}
var-201006-1222
Vulnerability from variot
Array index error in AcroForm.api in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted GIF image in a PDF file, which bypasses a size check and triggers a heap-based buffer overflow. Adobe Flash contains a vulnerability in the handling of the ActionScript newfunction instruction, which can allow a remote, unauthenticated attacker to execute arbitrary code. Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code or cause denial-of-service conditions. Adobe Reader and Acrobat versions prior to and including 9.3.2 and 8.2.2 are affected. NOTE: This issue was previously covered in BID 41130 (Adobe Acrobat and Reader Prior to 9.3.3 Multiple Remote Vulnerabilities) but has been given its own record to better document it.
====================================================================== 2) Severity
Rating: Highly critical Impact: System access Where: From remote
====================================================================== 3) Vendor's Description of Software
"Adobe Reader software is the global standard for electronic document sharing.
The vulnerability is caused by an array-indexing error in AcroForm.api when parsing GIF image data. This can be exploited to bypass a size check to cause a heap-based buffer overflow when a specially crafted PDF file is opened.
====================================================================== 5) Solution
Update to version 8.2.3 or 9.3.3.
====================================================================== 6) Time Table
14/05/2010 - Vendor notified. 18/05/2010 - Vendor response. 24/06/2010 - Vendor provides status update. 29/06/2010 - Fixed versions issued. 30/06/2010 - Public disclosure.
====================================================================== 7) Credits
Discovered by Carsten Eiram, Secunia Research.
====================================================================== 8) References
The Common Vulnerabilities and Exposures (CVE) project has assigned CVE-2010-2206 for the vulnerability.
====================================================================== 9) About Secunia
Secunia offers vulnerability management solutions to corporate customers with verified and reliable vulnerability intelligence relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory database as a service to the security community and private individuals, who are interested in or concerned about IT-security.
http://secunia.com/advisories/
Secunia believes that it is important to support the community and to do active vulnerability research in order to aid improving the security and reliability of software in general:
http://secunia.com/secunia_research/
Secunia regularly hires new skilled team members. Check the URL below to see currently vacant positions:
http://secunia.com/corporate/jobs/
Secunia offers a FREE mailing list called Secunia Security Advisories:
http://secunia.com/advisories/mailing_lists/
====================================================================== 10) Verification
Please verify this advisory by visiting the Secunia website: http://secunia.com/secunia_research/2010-88/
Complete list of vulnerability reports published by Secunia Research: http://secunia.com/secunia_research/
====================================================================== . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201009-05
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: September 07, 2010 Bugs: #297385, #306429, #313343, #322857 ID: 201009-05
Synopsis
Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code or other attacks. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.3.4"
References
[ 1 ] APSA10-01 http://www.adobe.com/support/security/advisories/apsa10-01.html [ 2 ] APSB10-02 http://www.adobe.com/support/security/bulletins/apsb10-02.html [ 3 ] APSB10-07 http://www.adobe.com/support/security/bulletins/apsb10-07.html [ 4 ] APSB10-09 http://www.adobe.com/support/security/bulletins/apsb10-09.html [ 5 ] APSB10-14 http://www.adobe.com/support/security/bulletins/apsb10-14.html [ 6 ] APSB10-16 http://www.adobe.com/support/security/bulletins/apsb10-16.html [ 7 ] CVE-2009-3953 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953 [ 8 ] CVE-2009-4324 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324 [ 9 ] CVE-2010-0186 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186 [ 10 ] CVE-2010-0188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188 [ 11 ] CVE-2010-0190 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190 [ 12 ] CVE-2010-0191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191 [ 13 ] CVE-2010-0192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192 [ 14 ] CVE-2010-0193 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193 [ 15 ] CVE-2010-0194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194 [ 16 ] CVE-2010-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195 [ 17 ] CVE-2010-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196 [ 18 ] CVE-2010-0197 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197 [ 19 ] CVE-2010-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198 [ 20 ] CVE-2010-0199 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199 [ 21 ] CVE-2010-0201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201 [ 22 ] CVE-2010-0202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202 [ 23 ] CVE-2010-0203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203 [ 24 ] CVE-2010-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204 [ 25 ] CVE-2010-1241 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241 [ 26 ] CVE-2010-1285 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285 [ 27 ] CVE-2010-1295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295 [ 28 ] CVE-2010-1297 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297 [ 29 ] CVE-2010-2168 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168 [ 30 ] CVE-2010-2201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201 [ 31 ] CVE-2010-2202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202 [ 32 ] CVE-2010-2203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203 [ 33 ] CVE-2010-2204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204 [ 34 ] CVE-2010-2205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205 [ 35 ] CVE-2010-2206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206 [ 36 ] CVE-2010-2207 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207 [ 37 ] CVE-2010-2208 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208 [ 38 ] CVE-2010-2209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209 [ 39 ] CVE-2010-2210 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210 [ 40 ] CVE-2010-2211 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211 [ 41 ] CVE-2010-2212 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201009-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. ----------------------------------------------------------------------
Secunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management
Free webinars
http://secunia.com/vulnerability_scanning/corporate/webinars/
TITLE: Adobe Flash Player Unspecified Code Execution Vulnerability
SECUNIA ADVISORY ID: SA40026
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/40026/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=40026
RELEASE DATE: 2010-06-05
DISCUSS ADVISORY: http://secunia.com/advisories/40026/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/40026/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=40026
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system. No more information is currently available.
The vulnerability is reported in version 10.0.45.2 and prior 10.0.x and 9.0.x versions for Windows, Macintosh, Linux, and Solaris.
NOTE: The vulnerability is reportedly being actively exploited.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day.
ORIGINAL ADVISORY: Adobe: http://www.adobe.com/support/security/advisories/apsa10-01.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA10-159A
Adobe Flash, Reader, and Acrobat Vulnerability
Original release date: June 08, 2010 Last revised: -- Source: US-CERT
Systems Affected
* Adobe Flash Player 10.0.45.2 and earlier 10.x versions
* Adobe Flash Player 9.0.262 and earlier 9.x versions
* Adobe Reader 9.3.2 and earlier 9.x versions
* Adobe Acrobat 9.3.2 and earlier 9.x versions
Other Adobe products that support Flash may also be vulnerable. This
vulnerability affects Flash Player, Reader, Acrobat, and possibly other products that support Flash.
I. It may also affect other products that independently support Flash, such as Photoshop, Photoshop Lightroom, Freehand MX, and Fireworks.
An attacker could exploit this vulnerability by convincing a user to open specially crafted Flash content. Flash content is commonly hosted on a web page, but it can also be embedded in PDF and other documents or provided as a stand-alone file.
II.
III. Solution
Update
Adobe Security Advisory APSA10-01 suggests updating to the release candidate of Flash Player 10.1.
Disable Flash in your web browser
Uninstall Flash or restrict which sites are allowed to run Flash. To the extent possible, only run trusted Flash content on trusted domains. For more information, see Securing Your Web Browser.
Disable Flash in Adobe Reader and Acrobat
Disabling Flash in Adobe Reader will mitigate attacks that rely on Flash content embedded in a PDF file. Disabling 3D & Multimedia support does not directly address the vulnerability, but it does provide additional mitigation and results in a more user-friendly error message instead of a crash. To disable Flash and 3D & Multimedia support in Adobe Reader 9, delete, rename, or remove access to these files:
Microsoft Windows
"%ProgramFiles%\Adobe\Reader 9.0\Reader\authplay.dll"
"%ProgramFiles%\Adobe\Reader 9.0\Reader\rt3d.dll"
Apple Mac OS X
"/Applications/Adobe Reader 9/Adobe
Reader.app/Contents/Frameworks/AuthPlayLib.bundle"
"/Applications/Adobe Reader 9/Adobe
Reader.app/Contents/Frameworks/Adobe3D.framework"
GNU/Linux (locations may vary among distributions)
"/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so"
"/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so"
File locations may be different for Adobe Acrobat or other Adobe products that include Flash and 3D & Multimedia support. Disabling these plugins will reduce functionality and will not protect against Flash content hosted on websites. Depending on the update schedule for products other than Flash Player, consider leaving Flash and 3D & Multimedia support disabled unless they are absolutely required.
Prevent Internet Explorer from automatically opening PDF documents
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7]
"EditFlags"=hex:00,00,00,00
Disable the display of PDF documents in the web browser
Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF documents from automatically being opened in a web browser, do the following:
1.
2. Open the Edit menu.
3. Choose the Preferences option.
4. Choose the Internet section.
5. Uncheck the "Display PDF in browser" checkbox.
Disable JavaScript in Adobe Reader and Acrobat
Disabling JavaScript provides some additional protection against attacks. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Enable DEP in Microsoft Windows
Consider enabling Data Execution Prevention (DEP) in supported versions of Windows. DEP should not be treated as a complete workaround, but it can mitigate the execution of attacker-supplied code in some cases. Microsoft has published detailed technical information about DEP in Security Research & Defense blog posts "Understanding DEP as a mitigation technology" part 1 and part 2. Use of DEP should be considered in conjunction with the application of patches or other mitigations described in this document.
Do not access PDF documents from untrusted sources
Do not open unfamiliar or unexpected PDF documents, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. References
-
Security Advisory for Flash Player, Adobe Reader and Acrobat - http://www.adobe.com/support/security/advisories/apsa10-01.html
-
Adobe Labs - Flash Player 10 pre-release - http://labs.adobe.com/technologies/flashplayer10/
-
US-CERT Vulnerability Note VU#486225 - http://www.kb.cert.org/vuls/id/486225
-
Securing Your Web Browser - http://www.us-cert.gov/reading_room/securing_browser/
-
Understanding DEP as a mitigation technology part 1 - http://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx
-
Understanding DEP as a mitigation technology part 2 - http://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA10-159A.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA10-159A Feedback VU#486225" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
June 08, 2010: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBTA65yT6pPKYJORa3AQLS9wf/fh+7IwRtBvoPgn8pYeOsVheLkbVLWC3W miWUnY1acuPTwZzG5JcAldRHksFkx1j0mMEvp4PhtiTr51JFPi4XgDfrG4cEcVaw nuAqEV+hLAWZkMex/jWxBV+85tZqKN0kiUr3bq5DPsdkhjV7c2MFfS8BSxLXLuPm OFAXPT+XFldq6MJhYUOtWT1CIz6PNPfo68KmZaUThjdqkkBW3HQu90OSRf2c6M/u V6KBQf7QuhpPqYUqAZU6ZUNEfL/7g2BwvuPjUMlgE5N+Z8EYnhyhu0qDtZeLUcXA 2gH31VEr79DUHJqpb9jk61bi5Dm4gjHeLHoTAwu0IrduZzXvWncfIg== =ZPZM -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201006-1222",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.4.z (server)"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "BID",
"id": "41241"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001712"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-484"
},
{
"db": "NVD",
"id": "CVE-2010-2206"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001712"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Carsten Eiram of Secunia Research",
"sources": [
{
"db": "BID",
"id": "41241"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-484"
}
],
"trust": 0.9
},
"cve": "CVE-2010-2206",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-2206",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CARNEGIE MELLON",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 9.0,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 7.0,
"exploitability": "PROOF-OF-CONCEPT",
"exploitabilityScore": 8.6,
"id": "VU#486225",
"impactScore": 9.5,
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "OFFICIAL FIX",
"reportConfidence": "CONFIRMED",
"severity": "HIGH",
"targetDistribution": "NOT DEFINED",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-44811",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-2206",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#486225",
"trust": 0.8,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2010-2206",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201006-484",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-44811",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2010-2206",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44811"
},
{
"db": "VULMON",
"id": "CVE-2010-2206"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001712"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-484"
},
{
"db": "NVD",
"id": "CVE-2010-2206"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Array index error in AcroForm.api in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted GIF image in a PDF file, which bypasses a size check and triggers a heap-based buffer overflow. Adobe Flash contains a vulnerability in the handling of the ActionScript newfunction instruction, which can allow a remote, unauthenticated attacker to execute arbitrary code. Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. \nAttackers can exploit this issue to execute arbitrary code or cause denial-of-service conditions. \nAdobe Reader and Acrobat versions prior to and including 9.3.2 and 8.2.2 are affected. \nNOTE: This issue was previously covered in BID 41130 (Adobe Acrobat and Reader Prior to 9.3.3 Multiple Remote Vulnerabilities) but has been given its own record to better document it. \n\n====================================================================== \n2) Severity \n\nRating: Highly critical\nImpact: System access\nWhere: From remote\n\n====================================================================== \n3) Vendor\u0027s Description of Software \n\n\"Adobe Reader software is the global standard for electronic document \nsharing. \n\nThe vulnerability is caused by an array-indexing error in AcroForm.api\nwhen parsing GIF image data. This can be exploited to bypass a size \ncheck to cause a heap-based buffer overflow when a specially crafted \nPDF file is opened. \n\n====================================================================== \n5) Solution \n\nUpdate to version 8.2.3 or 9.3.3. \n\n====================================================================== \n6) Time Table \n\n14/05/2010 - Vendor notified. \n18/05/2010 - Vendor response. \n24/06/2010 - Vendor provides status update. \n29/06/2010 - Fixed versions issued. \n30/06/2010 - Public disclosure. \n\n====================================================================== \n7) Credits \n\nDiscovered by Carsten Eiram, Secunia Research. \n\n====================================================================== \n8) References\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned\nCVE-2010-2206 for the vulnerability. \n\n====================================================================== \n9) About Secunia\n\nSecunia offers vulnerability management solutions to corporate\ncustomers with verified and reliable vulnerability intelligence\nrelevant to their specific system configuration:\n\nhttp://secunia.com/advisories/business_solutions/\n\nSecunia also provides a publicly accessible and comprehensive advisory\ndatabase as a service to the security community and private \nindividuals, who are interested in or concerned about IT-security. \n\nhttp://secunia.com/advisories/\n\nSecunia believes that it is important to support the community and to\ndo active vulnerability research in order to aid improving the \nsecurity and reliability of software in general:\n\nhttp://secunia.com/secunia_research/\n\nSecunia regularly hires new skilled team members. Check the URL below\nto see currently vacant positions:\n\nhttp://secunia.com/corporate/jobs/\n\nSecunia offers a FREE mailing list called Secunia Security Advisories:\n\nhttp://secunia.com/advisories/mailing_lists/\n\n====================================================================== \n10) Verification \n\nPlease verify this advisory by visiting the Secunia website:\nhttp://secunia.com/secunia_research/2010-88/\n\nComplete list of vulnerability reports published by Secunia Research:\nhttp://secunia.com/secunia_research/\n\n======================================================================\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201009-05\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: September 07, 2010\n Bugs: #297385, #306429, #313343, #322857\n ID: 201009-05\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might result in the execution\nof arbitrary code or other attacks. For further\ninformation please consult the CVE entries and the Adobe Security\nBulletins referenced below. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.3.4\"\n\nReferences\n==========\n\n [ 1 ] APSA10-01\n http://www.adobe.com/support/security/advisories/apsa10-01.html\n [ 2 ] APSB10-02\n http://www.adobe.com/support/security/bulletins/apsb10-02.html\n [ 3 ] APSB10-07\n http://www.adobe.com/support/security/bulletins/apsb10-07.html\n [ 4 ] APSB10-09\n http://www.adobe.com/support/security/bulletins/apsb10-09.html\n [ 5 ] APSB10-14\n http://www.adobe.com/support/security/bulletins/apsb10-14.html\n [ 6 ] APSB10-16\n http://www.adobe.com/support/security/bulletins/apsb10-16.html\n [ 7 ] CVE-2009-3953\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953\n [ 8 ] CVE-2009-4324\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324\n [ 9 ] CVE-2010-0186\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186\n [ 10 ] CVE-2010-0188\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188\n [ 11 ] CVE-2010-0190\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190\n [ 12 ] CVE-2010-0191\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191\n [ 13 ] CVE-2010-0192\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192\n [ 14 ] CVE-2010-0193\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193\n [ 15 ] CVE-2010-0194\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194\n [ 16 ] CVE-2010-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195\n [ 17 ] CVE-2010-0196\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196\n [ 18 ] CVE-2010-0197\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197\n [ 19 ] CVE-2010-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198\n [ 20 ] CVE-2010-0199\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199\n [ 21 ] CVE-2010-0201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201\n [ 22 ] CVE-2010-0202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202\n [ 23 ] CVE-2010-0203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203\n [ 24 ] CVE-2010-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204\n [ 25 ] CVE-2010-1241\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241\n [ 26 ] CVE-2010-1285\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285\n [ 27 ] CVE-2010-1295\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295\n [ 28 ] CVE-2010-1297\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297\n [ 29 ] CVE-2010-2168\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168\n [ 30 ] CVE-2010-2201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201\n [ 31 ] CVE-2010-2202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202\n [ 32 ] CVE-2010-2203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203\n [ 33 ] CVE-2010-2204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204\n [ 34 ] CVE-2010-2205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205\n [ 35 ] CVE-2010-2206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206\n [ 36 ] CVE-2010-2207\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207\n [ 37 ] CVE-2010-2208\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208\n [ 38 ] CVE-2010-2209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209\n [ 39 ] CVE-2010-2210\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210\n [ 40 ] CVE-2010-2211\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211\n [ 41 ] CVE-2010-2212\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201009-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. ----------------------------------------------------------------------\n\n\nSecunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management\n\nFree webinars\n\nhttp://secunia.com/vulnerability_scanning/corporate/webinars/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player Unspecified Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA40026\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/40026/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026\n\nRELEASE DATE:\n2010-06-05\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/40026/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/40026/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in Adobe Flash Player, which can be\nexploited by malicious people to compromise a user\u0027s system. No more\ninformation is currently available. \n\nThe vulnerability is reported in version 10.0.45.2 and prior 10.0.x\nand 9.0.x versions for Windows, Macintosh, Linux, and Solaris. \n\nNOTE: The vulnerability is reportedly being actively exploited. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\nReported as a 0-day. \n\nORIGINAL ADVISORY:\nAdobe:\nhttp://www.adobe.com/support/security/advisories/apsa10-01.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n National Cyber Alert System\n\n Technical Cyber Security Alert TA10-159A\n\n\nAdobe Flash, Reader, and Acrobat Vulnerability\n\n Original release date: June 08, 2010\n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n * Adobe Flash Player 10.0.45.2 and earlier 10.x versions\n * Adobe Flash Player 9.0.262 and earlier 9.x versions\n * Adobe Reader 9.3.2 and earlier 9.x versions\n * Adobe Acrobat 9.3.2 and earlier 9.x versions\n\n Other Adobe products that support Flash may also be vulnerable. This\n vulnerability affects Flash Player, Reader, Acrobat, and possibly\n other products that support Flash. \n\n\nI. It may\n also affect other products that independently support Flash, such\n as Photoshop, Photoshop Lightroom, Freehand MX, and Fireworks. \n\n An attacker could exploit this vulnerability by convincing a user\n to open specially crafted Flash content. Flash content is commonly\n hosted on a web page, but it can also be embedded in PDF and other\n documents or provided as a stand-alone file. \n\n\nII. \n\n\nIII. Solution\n\n Update\n\n Adobe Security Advisory APSA10-01 suggests updating to the release\n candidate of Flash Player 10.1. \n\n Disable Flash in your web browser\n\n Uninstall Flash or restrict which sites are allowed to run Flash. \n To the extent possible, only run trusted Flash content on trusted\n domains. For more information, see Securing Your Web Browser. \n\n Disable Flash in Adobe Reader and Acrobat\n\n Disabling Flash in Adobe Reader will mitigate attacks that rely on\n Flash content embedded in a PDF file. Disabling 3D \u0026 Multimedia\n support does not directly address the vulnerability, but it does\n provide additional mitigation and results in a more user-friendly\n error message instead of a crash. To disable Flash and 3D \u0026\n Multimedia support in Adobe Reader 9, delete, rename, or remove\n access to these files:\n\n Microsoft Windows\n\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\authplay.dll\"\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\rt3d.dll\"\n\n Apple Mac OS X\n\n \"/Applications/Adobe Reader 9/Adobe\n Reader.app/Contents/Frameworks/AuthPlayLib.bundle\"\n \"/Applications/Adobe Reader 9/Adobe\n Reader.app/Contents/Frameworks/Adobe3D.framework\"\n\n\n GNU/Linux (locations may vary among distributions)\n\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so\"\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so\"\n\n File locations may be different for Adobe Acrobat or other Adobe\n products that include Flash and 3D \u0026 Multimedia support. Disabling\n these plugins will reduce functionality and will not protect\n against Flash content hosted on websites. Depending on the update\n schedule for products other than Flash Player, consider leaving\n Flash and 3D \u0026 Multimedia support disabled unless they are\n absolutely required. \n\n Prevent Internet Explorer from automatically opening PDF documents\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF documents in the web browser\n\n Preventing PDF documents from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF documents from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. \n\n Disable JavaScript in Adobe Reader and Acrobat\n\n Disabling JavaScript provides some additional protection against\n attacks. Acrobat JavaScript can be disabled using the Preferences\n menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable Acrobat\n JavaScript). \n\n Enable DEP in Microsoft Windows\n\n Consider enabling Data Execution Prevention (DEP) in supported\n versions of Windows. DEP should not be treated as a complete\n workaround, but it can mitigate the execution of attacker-supplied\n code in some cases. Microsoft has published detailed technical\n information about DEP in Security Research \u0026 Defense blog posts\n \"Understanding DEP as a mitigation technology\" part 1 and part 2. \n Use of DEP should be considered in conjunction with the application\n of patches or other mitigations described in this document. \n\n Do not access PDF documents from untrusted sources\n\n Do not open unfamiliar or unexpected PDF documents, particularly\n those hosted on websites or delivered as email attachments. Please\n see Cyber Security Tip ST04-010. \n\n\nIV. References\n\n * Security Advisory for Flash Player, Adobe Reader and Acrobat -\n \u003chttp://www.adobe.com/support/security/advisories/apsa10-01.html\u003e\n\n * Adobe Labs - Flash Player 10 pre-release -\n \u003chttp://labs.adobe.com/technologies/flashplayer10/\u003e\n\n * US-CERT Vulnerability Note VU#486225 -\n \u003chttp://www.kb.cert.org/vuls/id/486225\u003e\n\n * Securing Your Web Browser -\n \u003chttp://www.us-cert.gov/reading_room/securing_browser/\u003e\n\n * Understanding DEP as a mitigation technology part 1 -\n \u003chttp://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx\u003e\n\n * Understanding DEP as a mitigation technology part 2 -\n \u003chttp://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx\u003e\n\n ____________________________________________________________________\n\n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA10-159A.html\u003e\n ____________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-159A Feedback VU#486225\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n June 08, 2010: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBTA65yT6pPKYJORa3AQLS9wf/fh+7IwRtBvoPgn8pYeOsVheLkbVLWC3W\nmiWUnY1acuPTwZzG5JcAldRHksFkx1j0mMEvp4PhtiTr51JFPi4XgDfrG4cEcVaw\nnuAqEV+hLAWZkMex/jWxBV+85tZqKN0kiUr3bq5DPsdkhjV7c2MFfS8BSxLXLuPm\nOFAXPT+XFldq6MJhYUOtWT1CIz6PNPfo68KmZaUThjdqkkBW3HQu90OSRf2c6M/u\nV6KBQf7QuhpPqYUqAZU6ZUNEfL/7g2BwvuPjUMlgE5N+Z8EYnhyhu0qDtZeLUcXA\n2gH31VEr79DUHJqpb9jk61bi5Dm4gjHeLHoTAwu0IrduZzXvWncfIg==\n=ZPZM\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-2206"
},
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001712"
},
{
"db": "BID",
"id": "41241"
},
{
"db": "VULHUB",
"id": "VHN-44811"
},
{
"db": "VULMON",
"id": "CVE-2010-2206"
},
{
"db": "PACKETSTORM",
"id": "91336"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
}
],
"trust": 3.15
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.kb.cert.org/vuls/id/486225",
"trust": 0.8,
"type": "poc"
},
{
"reference": "https://www.scap.org.cn/vuln/vhn-44811",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44811"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-2206",
"trust": 3.1
},
{
"db": "BID",
"id": "41241",
"trust": 2.3
},
{
"db": "VUPEN",
"id": "ADV-2010-1636",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1024159",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "40026",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#486225",
"trust": 0.9
},
{
"db": "USCERT",
"id": "TA10-159A",
"trust": 0.9
},
{
"db": "USCERT",
"id": "SA10-162A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "TA10-162A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA10-159A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001712",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201006-484",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "91336",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-44811",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2010-2206",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "93607",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90322",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90516",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44811"
},
{
"db": "VULMON",
"id": "CVE-2010-2206"
},
{
"db": "BID",
"id": "41241"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001712"
},
{
"db": "PACKETSTORM",
"id": "91336"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-484"
},
{
"db": "NVD",
"id": "CVE-2010-2206"
}
]
},
"id": "VAR-201006-1222",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-44811"
}
],
"trust": 0.01
},
"last_update_date": "2024-09-09T19:52:13.566000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-15",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"
},
{
"title": "APSB10-15",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-15.html"
},
{
"title": "RHSA-2010:0503",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0503.html"
},
{
"title": "TA10-159A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-159a.html"
},
{
"title": "TA10-162A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-162a.html"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/0xCyberY/CVE-T4PDF "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-2206"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001712"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-189",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44811"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001712"
},
{
"db": "NVD",
"id": "CVE-2010-2206"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.securityfocus.com/bid/41241"
},
{
"trust": 2.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"
},
{
"trust": 2.0,
"url": "http://www.vupen.com/english/advisories/2010/1636"
},
{
"trust": 1.8,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html"
},
{
"trust": 1.6,
"url": "http://secunia.com/secunia_research/2010-88/"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/512092/100/0/threaded"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7200"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id?1024159"
},
{
"trust": 0.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2206"
},
{
"trust": 0.8,
"url": "http://www.adobe.com/devnet/actionscript/articles/avm2overview.pdf"
},
{
"trust": 0.8,
"url": "http://labs.adobe.com/technologies/flashplayer10/"
},
{
"trust": 0.8,
"url": "http://blog.zynamics.com/2010/06/09/analyzing-the-currently-exploited-0-day-for-adobe-reader-and-adobe-flash/"
},
{
"trust": 0.8,
"url": "http://www.symantec.com/connect/blogs/analysis-zero-day-exploit-adobe-flash-and-reader"
},
{
"trust": 0.8,
"url": "http://community.websense.com/blogs/securitylabs/archive/2010/06/09/having-fun-with-adobe-0-day-exploits.aspx"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/40026"
},
{
"trust": 0.8,
"url": "http://www.f-secure.com/weblog/archives/00001962.html"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20100611-adobe.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100015.txt"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100017.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-159a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-162a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-16"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2206"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-159a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-162a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-159a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-162a.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "/archive/1/512092"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/189.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/0xcybery/cve-t4pdf"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_research/"
},
{
"trust": 0.1,
"url": "http://secunia.com/corporate/jobs/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/mailing_lists/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2206"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/products/reader/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2203"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2209"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0188"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0199"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201009-05.xml"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2205"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2211"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1285"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0199"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0190"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2210"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0188"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0198"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-07.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1297"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1241"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1295"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2208"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0190"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0198"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2207"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2168"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2201"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-16.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0186"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2212"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40026/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/webinars/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40026/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/486225\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-159a.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx\u003e"
},
{
"trust": 0.1,
"url": "http://labs.adobe.com/technologies/flashplayer10/\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/reading_room/securing_browser/\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx\u003e"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44811"
},
{
"db": "VULMON",
"id": "CVE-2010-2206"
},
{
"db": "BID",
"id": "41241"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001712"
},
{
"db": "PACKETSTORM",
"id": "91336"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-484"
},
{
"db": "NVD",
"id": "CVE-2010-2206"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44811"
},
{
"db": "VULMON",
"id": "CVE-2010-2206"
},
{
"db": "BID",
"id": "41241"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001712"
},
{
"db": "PACKETSTORM",
"id": "91336"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-484"
},
{
"db": "NVD",
"id": "CVE-2010-2206"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-06-07T00:00:00",
"db": "CERT/CC",
"id": "VU#486225"
},
{
"date": "2010-06-30T00:00:00",
"db": "VULHUB",
"id": "VHN-44811"
},
{
"date": "2010-06-30T00:00:00",
"db": "VULMON",
"id": "CVE-2010-2206"
},
{
"date": "2010-06-29T00:00:00",
"db": "BID",
"id": "41241"
},
{
"date": "2010-07-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001712"
},
{
"date": "2010-07-01T04:31:50",
"db": "PACKETSTORM",
"id": "91336"
},
{
"date": "2010-09-08T05:23:46",
"db": "PACKETSTORM",
"id": "93607"
},
{
"date": "2010-06-07T11:14:28",
"db": "PACKETSTORM",
"id": "90322"
},
{
"date": "2010-06-12T04:47:27",
"db": "PACKETSTORM",
"id": "90516"
},
{
"date": "2010-06-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-484"
},
{
"date": "2010-06-30T18:30:01.660000",
"db": "NVD",
"id": "CVE-2010-2206"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-03-28T00:00:00",
"db": "CERT/CC",
"id": "VU#486225"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-44811"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2010-2206"
},
{
"date": "2010-09-07T21:52:00",
"db": "BID",
"id": "41241"
},
{
"date": "2010-07-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001712"
},
{
"date": "2011-07-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-484"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2010-2206"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-484"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash ActionScript AVM2 newfunction vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "digital error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201006-484"
}
],
"trust": 0.6
}
}
var-201510-0346
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to obtain sensitive information about color objects from process memory by reading a light object's RGB data, a different vulnerability than CVE-2015-6699, CVE-2015-6700, CVE-2015-6701, CVE-2015-6702, CVE-2015-6703, and CVE-2015-6704. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the implementation of color objects in light objects. The RGB values returned from a newly created light object can disclose the heap address of a color object. An attacker can use this information in conjunction with other vulnerabilities to execute code in the context of the process. Adobe Acrobat and Reader are prone to multiple information-disclosure vulnerabilities. An attacker can exploit these issues to gain access to sensitive information that may aid in further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. Security flaws exist in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0346",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat pro dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-475"
},
{
"db": "BID",
"id": "77067"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005254"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-210"
},
{
"db": "NVD",
"id": "CVE-2015-6697"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005254"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-475"
}
],
"trust": 0.7
},
"cve": "CVE-2015-6697",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6697",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.7,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2015-6697",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84658",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6697",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6697",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2015-6697",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-210",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-84658",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-475"
},
{
"db": "VULHUB",
"id": "VHN-84658"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005254"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-210"
},
{
"db": "NVD",
"id": "CVE-2015-6697"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to obtain sensitive information about color objects from process memory by reading a light object\u0027s RGB data, a different vulnerability than CVE-2015-6699, CVE-2015-6700, CVE-2015-6701, CVE-2015-6702, CVE-2015-6703, and CVE-2015-6704. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the implementation of color objects in light objects. The RGB values returned from a newly created light object can disclose the heap address of a color object. An attacker can use this information in conjunction with other vulnerabilities to execute code in the context of the process. Adobe Acrobat and Reader are prone to multiple information-disclosure vulnerabilities. \nAn attacker can exploit these issues to gain access to sensitive information that may aid in further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. Security flaws exist in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6697"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005254"
},
{
"db": "ZDI",
"id": "ZDI-15-475"
},
{
"db": "BID",
"id": "77067"
},
{
"db": "VULHUB",
"id": "VHN-84658"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6697",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-475",
"trust": 2.7
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005254",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3036",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-210",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-15-481",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-482",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-479",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-480",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-478",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-477",
"trust": 0.3
},
{
"db": "BID",
"id": "77067",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84658",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-475"
},
{
"db": "VULHUB",
"id": "VHN-84658"
},
{
"db": "BID",
"id": "77067"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005254"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-210"
},
{
"db": "NVD",
"id": "CVE-2015-6697"
}
]
},
"id": "VAR-201510-0346",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84658"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:32.455000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58059"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-475"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005254"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-210"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-772",
"trust": 1.1
},
{
"problemtype": "CWE-200",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84658"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005254"
},
{
"db": "NVD",
"id": "CVE-2015-6697"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-475"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6697"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6697"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-475/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-477/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-479/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-482/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-480/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-481/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-478/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-475"
},
{
"db": "VULHUB",
"id": "VHN-84658"
},
{
"db": "BID",
"id": "77067"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005254"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-210"
},
{
"db": "NVD",
"id": "CVE-2015-6697"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-475"
},
{
"db": "VULHUB",
"id": "VHN-84658"
},
{
"db": "BID",
"id": "77067"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005254"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-210"
},
{
"db": "NVD",
"id": "CVE-2015-6697"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-475"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84658"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77067"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005254"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-210"
},
{
"date": "2015-10-14T23:59:19.300000",
"db": "NVD",
"id": "CVE-2015-6697"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-475"
},
{
"date": "2020-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-84658"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77067"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005254"
},
{
"date": "2020-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-210"
},
{
"date": "2021-09-08T17:19:31.773000",
"db": "NVD",
"id": "CVE-2015-6697"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-210"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerability in obtaining important information about color objects from process memory",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005254"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-210"
}
],
"trust": 0.6
}
}
var-201601-0601
Vulnerability from variot
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0932, CVE-2016-0934, CVE-2016-0937, and CVE-2016-0941. This vulnerability CVE-2016-0932 , CVE-2016-0934 , CVE-2016-0937 ,and CVE-2016-0941 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A use-after-free vulnerability exists in several Adobe products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201601-0601",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.14 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30119 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20056 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30119 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20056 (windows/macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.14 (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.13"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001042"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-240"
},
{
"db": "NVD",
"id": "CVE-2016-0940"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001042"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri of HPE\u0027s Zero Day Initiative, kdot, working with HPE\u0027s Zero Day Initiative, Behzad Najjarpour Jabbari, Secunia Research at Flexera Software and AbdulAziz Hariri and Jasiel Spelman of HPE\u0027s Zero Day Initiative.",
"sources": [
{
"db": "BID",
"id": "80358"
}
],
"trust": 0.3
},
"cve": "CVE-2016-0940",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2016-0940",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-88450",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2016-0940",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-0940",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2016-0940",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-240",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-88450",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88450"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001042"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-240"
},
{
"db": "NVD",
"id": "CVE-2016-0940"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0932, CVE-2016-0934, CVE-2016-0937, and CVE-2016-0941. This vulnerability CVE-2016-0932 , CVE-2016-0934 , CVE-2016-0937 ,and CVE-2016-0941 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A use-after-free vulnerability exists in several Adobe products",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0940"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001042"
},
{
"db": "BID",
"id": "80358"
},
{
"db": "VULHUB",
"id": "VHN-88450"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0940",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1034646",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001042",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201601-240",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-011",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-008",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-016",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-010",
"trust": 0.3
},
{
"db": "BID",
"id": "80358",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-88450",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88450"
},
{
"db": "BID",
"id": "80358"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001042"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-240"
},
{
"db": "NVD",
"id": "CVE-2016-0940"
}
]
},
"id": "VAR-201601-0601",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88450"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:32:57.929000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-02",
"trust": 0.8,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
},
{
"title": "APSB16-02",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb16-02.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160114.html"
},
{
"title": "Multiple Adobe Remediation measures for reusing vulnerabilities after product release",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59587"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001042"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-240"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001042"
},
{
"db": "NVD",
"id": "CVE-2016-0940"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1034646"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0940"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160113-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160003.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0940"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17575"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "https://helpx.adobe.com/security/products/reader/apsb16-02.html"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-008/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-010/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-011/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-016/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88450"
},
{
"db": "BID",
"id": "80358"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001042"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-240"
},
{
"db": "NVD",
"id": "CVE-2016-0940"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-88450"
},
{
"db": "BID",
"id": "80358"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001042"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-240"
},
{
"db": "NVD",
"id": "CVE-2016-0940"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-14T00:00:00",
"db": "VULHUB",
"id": "VHN-88450"
},
{
"date": "2016-01-12T00:00:00",
"db": "BID",
"id": "80358"
},
{
"date": "2016-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001042"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-240"
},
{
"date": "2016-01-14T05:59:09.280000",
"db": "NVD",
"id": "CVE-2016-0940"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-07T00:00:00",
"db": "VULHUB",
"id": "VHN-88450"
},
{
"date": "2016-01-14T23:58:00",
"db": "BID",
"id": "80358"
},
{
"date": "2016-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001042"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-240"
},
{
"date": "2016-12-07T23:42:09.977000",
"db": "NVD",
"id": "CVE-2016-0940"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-240"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001042"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-240"
}
],
"trust": 0.6
}
}
var-201412-0397
Vulnerability from variot
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8454 and CVE-2014-8455. This vulnerability CVE-2014-8454 and CVE-2014-8455 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. Adobe Reader and Acrobat are prone to a remote code-execution vulnerability. Failed exploit attempts likely result in denial-of-service conditions. The affected products are: Adobe Reader 11.x versions prior to 11.0.10 Adobe Reader 10.x versions prior to 10.1.13 Adobe Acrobat 11.x versions prior to 11.0.10 Adobe Acrobat 10.x versions prior to 10.1.13. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201412-0397",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.06"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.02"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.03"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.04"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.01"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.07"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.13)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.13)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.10)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.10)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "71575"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005939"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-242"
},
{
"db": "NVD",
"id": "CVE-2014-9165"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005939"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wei Lei and Wu Hongjun of Nanyang Technological University.",
"sources": [
{
"db": "BID",
"id": "71575"
}
],
"trust": 0.3
},
"cve": "CVE-2014-9165",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-9165",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-77110",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-9165",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-9165",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201412-242",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-77110",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-77110"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005939"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-242"
},
{
"db": "NVD",
"id": "CVE-2014-9165"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8454 and CVE-2014-8455. This vulnerability CVE-2014-8454 and CVE-2014-8455 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. Adobe Reader and Acrobat are prone to a remote code-execution vulnerability. Failed exploit attempts likely result in denial-of-service conditions. \nThe affected products are:\nAdobe Reader 11.x versions prior to 11.0.10\nAdobe Reader 10.x versions prior to 10.1.13\nAdobe Acrobat 11.x versions prior to 11.0.10\nAdobe Acrobat 10.x versions prior to 10.1.13. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-9165"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005939"
},
{
"db": "BID",
"id": "71575"
},
{
"db": "VULHUB",
"id": "VHN-77110"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-9165",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005939",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201412-242",
"trust": 0.7
},
{
"db": "BID",
"id": "71575",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-77110",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-77110"
},
{
"db": "BID",
"id": "71575"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005939"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-242"
},
{
"db": "NVD",
"id": "CVE-2014-9165"
}
]
},
"id": "VAR-201412-0397",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-77110"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T15:24:09.059000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb14-28.html"
},
{
"title": "AdbeRdrUpd10113",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52690"
},
{
"title": "AcrobatUpd11010",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52693"
},
{
"title": "AcrobatUpd10113",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52692"
},
{
"title": "AdbeRdrUpd11010",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52691"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005939"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-242"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005939"
},
{
"db": "NVD",
"id": "CVE-2014-9165"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9165"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20141210-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140053.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-9165"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=15071"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/reader/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-77110"
},
{
"db": "BID",
"id": "71575"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005939"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-242"
},
{
"db": "NVD",
"id": "CVE-2014-9165"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-77110"
},
{
"db": "BID",
"id": "71575"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005939"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-242"
},
{
"db": "NVD",
"id": "CVE-2014-9165"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-10T00:00:00",
"db": "VULHUB",
"id": "VHN-77110"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71575"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005939"
},
{
"date": "2014-12-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-242"
},
{
"date": "2014-12-10T21:59:37.040000",
"db": "NVD",
"id": "CVE-2014-9165"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-77110"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71575"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005939"
},
{
"date": "2014-12-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-242"
},
{
"date": "2014-12-12T01:45:28.383000",
"db": "NVD",
"id": "CVE-2014-9165"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-242"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005939"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-242"
}
],
"trust": 0.6
}
}
var-201409-0436
Vulnerability from variot
Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0567. This vulnerability is CVE-2014-0567 This is a different vulnerability.An attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the 3DIF Plugin (3difr.x3d). Failed exploit attempts likely result in denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201409-0436",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.09)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.12)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.09)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.12)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-324"
},
{
"db": "BID",
"id": "69821"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004240"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-580"
},
{
"db": "NVD",
"id": "CVE-2014-0561"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-004240"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tom Ferris - Security-Protocols.com",
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-324"
}
],
"trust": 0.7
},
"cve": "CVE-2014-0561",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-0561",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2014-0561",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-68054",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-0561",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-0561",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2014-0561",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201409-580",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-68054",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-324"
},
{
"db": "VULHUB",
"id": "VHN-68054"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004240"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-580"
},
{
"db": "NVD",
"id": "CVE-2014-0561"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0567. This vulnerability is CVE-2014-0567 This is a different vulnerability.An attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the 3DIF Plugin (3difr.x3d). Failed exploit attempts likely result in denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0561"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004240"
},
{
"db": "ZDI",
"id": "ZDI-14-324"
},
{
"db": "BID",
"id": "69821"
},
{
"db": "VULHUB",
"id": "VHN-68054"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0561",
"trust": 3.5
},
{
"db": "BID",
"id": "69821",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1030853",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004240",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2300",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-14-324",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201409-580",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-68054",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-324"
},
{
"db": "VULHUB",
"id": "VHN-68054"
},
{
"db": "BID",
"id": "69821"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004240"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-580"
},
{
"db": "NVD",
"id": "CVE-2014-0561"
}
]
},
"id": "VAR-201409-0436",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-68054"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:51.681000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB14-20",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-20.html"
},
{
"title": "APSB14-20",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb14-20.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20140918.html"
},
{
"title": "Adobe has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "http://t.info.adobesystems.com//r/?id=t35c7e2bc,808fe4f,83a379a"
},
{
"title": "AdbeRdrUpd11009",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51674"
},
{
"title": "AcrobatUpd11009",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51678"
},
{
"title": "AdbeRdrUpd10112",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51673"
},
{
"title": "AcrobatUpd10112",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51677"
},
{
"title": "AdbeRdrUpd11009",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51676"
},
{
"title": "AcrobatUpd11009",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51680"
},
{
"title": "AdbeRdrUpd10112",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51675"
},
{
"title": "AcrobatUpd10112",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51679"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-324"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004240"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-580"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68054"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004240"
},
{
"db": "NVD",
"id": "CVE-2014-0561"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-20.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/69821"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1030853"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95996"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0561"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20140917-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140036.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0561"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=14605"
},
{
"trust": 0.7,
"url": "http://t.info.adobesystems.com//r/?id=t35c7e2bc,808fe4f,83a379a"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-324"
},
{
"db": "VULHUB",
"id": "VHN-68054"
},
{
"db": "BID",
"id": "69821"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004240"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-580"
},
{
"db": "NVD",
"id": "CVE-2014-0561"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-14-324"
},
{
"db": "VULHUB",
"id": "VHN-68054"
},
{
"db": "BID",
"id": "69821"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004240"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-580"
},
{
"db": "NVD",
"id": "CVE-2014-0561"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-09-16T00:00:00",
"db": "ZDI",
"id": "ZDI-14-324"
},
{
"date": "2014-09-17T00:00:00",
"db": "VULHUB",
"id": "VHN-68054"
},
{
"date": "2014-09-16T00:00:00",
"db": "BID",
"id": "69821"
},
{
"date": "2014-09-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-004240"
},
{
"date": "2014-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201409-580"
},
{
"date": "2014-09-17T10:55:06.653000",
"db": "NVD",
"id": "CVE-2014-0561"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-09-16T00:00:00",
"db": "ZDI",
"id": "ZDI-14-324"
},
{
"date": "2017-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-68054"
},
{
"date": "2014-09-17T17:48:00",
"db": "BID",
"id": "69821"
},
{
"date": "2014-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-004240"
},
{
"date": "2014-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201409-580"
},
{
"date": "2017-08-29T01:34:12.467000",
"db": "NVD",
"id": "CVE-2014-0561"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201409-580"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to heap-based buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-004240"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201409-580"
}
],
"trust": 0.6
}
}
var-201102-0024
Vulnerability from variot
Unspecified vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Mac OS X allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors. Adobe Acrobat and Reader are prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to cause the affected application to crash. Arbitrary code execution may be possible; this has not been confirmed. Adobe Reader and Acrobat versions prior to 9.4.2 and 10.0.1 for Apple Mac OS X are affected. ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA43207
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43207/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
RELEASE DATE: 2011-02-09
DISCUSS ADVISORY: http://secunia.com/advisories/43207/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43207/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader / Acrobat, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks and compromise a user's system.
1) An unspecified error related to library loading can be exploited to execute arbitrary code.
2) An unspecified error can be exploited to corrupt memory.
3) An unspecified error related to file permissions in Windows-based versions can be exploited to gain escalated privileges.
5) An unspecified error when parsing images can be exploited to corrupt memory.
6) An error in AcroRd32.dll when parsing certain images can be exploited to corrupt memory.
8) An unspecified error related to library loading can be exploited to execute arbitrary code.
11) An input validation error can be exploited to conduct cross-site scripting attacks.
12) An unspecified error related to library loading can be exploited to execute arbitrary code.
13) An unspecified error can be exploited to corrupt memory.
14) A boundary error when decoding U3D image data in an IFF file can be exploited to cause a buffer overflow.
15) A boundary error when decoding U3D image data in a RGBA file can be exploited to cause a buffer overflow.
16) A boundary error when decoding U3D image data in a BMP file can be exploited to cause a buffer overflow.
17) A boundary error when decoding U3D image data in a PSD file can be exploited to cause a buffer overflow.
18) An input validation error when parsing fonts may allow code execution.
19) A boundary error when decoding U3D image data in a FLI file can be exploited to cause a buffer overflow.
20) An error in 2d.dll when parsing height and width values of RLE_8 compressed BMP files can be exploited to cause a heap-based buffer overflow.
21) An integer overflow in ACE.dll when parsing certain ICC data can be exploited to cause a buffer overflow.
22) A boundary error in rt3d.dll when parsing bits per pixel and number of colors if 4/8-bit RLE compressed BMP files can be exploited to cause a heap-based buffer overflow.
23) An error in the U3D implementation when handling the Parent Node count can be exploited to cause a buffer overflow.
24) A boundary error when processing JPEG files embedded in a PDF file can be exploited to corrupt heap memory.
26) An input validation error can be exploited to conduct cross-site scripting attacks.
28) A boundary error in rt3d.dll when parsing certain files can be exploited to cause a stack-based buffer overflow.
29) An integer overflow in the U3D implementation when parsing a ILBM texture file can be exploited to cause a buffer overflow.
30) Some vulnerabilities are caused due to vulnerabilities in the bundled version of Adobe Flash Player.
For more information: SA43267
The vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1 and prior, and 10.0 and prior.
SOLUTION: Update to version 8.2.6, 9.4.2, or 10.0.1.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: 2) Bing Liu, Fortinet's FortiGuard Labs. 6) Abdullah Ada via ZDI. 8) Haifei Li, Fortinet's FortiGuard Labs. 14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. 21) Sebastian Apelt via ZDI. 23) el via ZDI. 14) Sean Larsson, iDefense Labs. 28) An anonymous person via ZDI.
The vendor also credits: 1) Mitja Kolsek, ACROS Security. 3) Matthew Pun. 4, 5, 18) Tavis Ormandy, Google Security Team. 7) James Quirk. 9) Brett Gervasoni, Sense of Security. 10) Joe Schatz. 11, 26) Billy Rios, Google Security Team. 12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. 13) CESG. 25) Will Dormann, CERT. 27) Marc Schoenefeld, Red Hat Security Response Team.
ORIGINAL ADVISORY: Adobe (APSB11-03) http://www.adobe.com/support/security/bulletins/apsb11-03.html http://www.adobe.com/support/security/bulletins/apsb11-02.html
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-065/ http://www.zerodayinitiative.com/advisories/ZDI-11-066/ http://www.zerodayinitiative.com/advisories/ZDI-11-067/ http://www.zerodayinitiative.com/advisories/ZDI-11-068/ http://www.zerodayinitiative.com/advisories/ZDI-11-069/ http://www.zerodayinitiative.com/advisories/ZDI-11-070/ http://www.zerodayinitiative.com/advisories/ZDI-11-071/ http://www.zerodayinitiative.com/advisories/ZDI-11-072/ http://www.zerodayinitiative.com/advisories/ZDI-11-073/ http://www.zerodayinitiative.com/advisories/ZDI-11-074/ http://www.zerodayinitiative.com/advisories/ZDI-11-075/ http://www.zerodayinitiative.com/advisories/ZDI-11-077/
FortiGuard Labs: http://www.fortiguard.com/advisory/FGA-2011-06.html
iDefense: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0024",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat professional extended",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
}
],
"sources": [
{
"db": "BID",
"id": "46206"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001195"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-152"
},
{
"db": "NVD",
"id": "CVE-2011-0568"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001195"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "James Quirk",
"sources": [
{
"db": "BID",
"id": "46206"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-152"
}
],
"trust": 0.9
},
"cve": "CVE-2011-0568",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2011-0568",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-48513",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-0568",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2011-0568",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-152",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-48513",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48513"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001195"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-152"
},
{
"db": "NVD",
"id": "CVE-2011-0568"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Mac OS X allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors. Adobe Acrobat and Reader are prone to a remote denial-of-service vulnerability. \nAttackers can exploit this issue to cause the affected application to crash. Arbitrary code execution may be possible; this has not been confirmed. \nAdobe Reader and Acrobat versions prior to 9.4.2 and 10.0.1 for Apple Mac OS X are affected. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA43207\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43207/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nRELEASE DATE:\n2011-02-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43207/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43207/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader /\nAcrobat, which can be exploited by malicious, local users to gain\nescalated privileges and by malicious people to conduct cross-site\nscripting attacks and compromise a user\u0027s system. \n\n1) An unspecified error related to library loading can be exploited\nto execute arbitrary code. \n\n2) An unspecified error can be exploited to corrupt memory. \n\n3) An unspecified error related to file permissions in Windows-based\nversions can be exploited to gain escalated privileges. \n\n5) An unspecified error when parsing images can be exploited to\ncorrupt memory. \n\n6) An error in AcroRd32.dll when parsing certain images can be\nexploited to corrupt memory. \n\n8) An unspecified error related to library loading can be exploited\nto execute arbitrary code. \n\n11) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n12) An unspecified error related to library loading can be exploited\nto execute arbitrary code. \n\n13) An unspecified error can be exploited to corrupt memory. \n\n14) A boundary error when decoding U3D image data in an IFF file can\nbe exploited to cause a buffer overflow. \n\n15) A boundary error when decoding U3D image data in a RGBA file can\nbe exploited to cause a buffer overflow. \n\n16) A boundary error when decoding U3D image data in a BMP file can\nbe exploited to cause a buffer overflow. \n\n17) A boundary error when decoding U3D image data in a PSD file can\nbe exploited to cause a buffer overflow. \n\n18) An input validation error when parsing fonts may allow code\nexecution. \n\n19) A boundary error when decoding U3D image data in a FLI file can\nbe exploited to cause a buffer overflow. \n\n20) An error in 2d.dll when parsing height and width values of RLE_8\ncompressed BMP files can be exploited to cause a heap-based buffer\noverflow. \n\n21) An integer overflow in ACE.dll when parsing certain ICC data can\nbe exploited to cause a buffer overflow. \n\n22) A boundary error in rt3d.dll when parsing bits per pixel and\nnumber of colors if 4/8-bit RLE compressed BMP files can be exploited\nto cause a heap-based buffer overflow. \n\n23) An error in the U3D implementation when handling the Parent Node\ncount can be exploited to cause a buffer overflow. \n\n24) A boundary error when processing JPEG files embedded in a PDF\nfile can be exploited to corrupt heap memory. \n\n26) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n28) A boundary error in rt3d.dll when parsing certain files can be\nexploited to cause a stack-based buffer overflow. \n\n29) An integer overflow in the U3D implementation when parsing a ILBM\ntexture file can be exploited to cause a buffer overflow. \n\n30) Some vulnerabilities are caused due to vulnerabilities in the\nbundled version of Adobe Flash Player. \n\nFor more information:\nSA43267\n\nThe vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1\nand prior, and 10.0 and prior. \n\nSOLUTION:\nUpdate to version 8.2.6, 9.4.2, or 10.0.1. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\n2) Bing Liu, Fortinet\u0027s FortiGuard Labs. \n6) Abdullah Ada via ZDI. \n8) Haifei Li, Fortinet\u0027s FortiGuard Labs. \n14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. \n21) Sebastian Apelt via ZDI. \n23) el via ZDI. \n14) Sean Larsson, iDefense Labs. \n28) An anonymous person via ZDI. \n\nThe vendor also credits:\n1) Mitja Kolsek, ACROS Security. \n3) Matthew Pun. \n4, 5, 18) Tavis Ormandy, Google Security Team. \n7) James Quirk. \n9) Brett Gervasoni, Sense of Security. \n10) Joe Schatz. \n11, 26) Billy Rios, Google Security Team. \n12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. \n13) CESG. \n25) Will Dormann, CERT. \n27) Marc Schoenefeld, Red Hat Security Response Team. \n\nORIGINAL ADVISORY:\nAdobe (APSB11-03)\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-02.html\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-065/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-066/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-067/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-068/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-069/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-070/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-071/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-072/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-073/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-074/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-075/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-077/\n\nFortiGuard Labs:\nhttp://www.fortiguard.com/advisory/FGA-2011-06.html\n\niDefense:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0568"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001195"
},
{
"db": "BID",
"id": "46206"
},
{
"db": "VULHUB",
"id": "VHN-48513"
},
{
"db": "PACKETSTORM",
"id": "98320"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-0568",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1025033",
"trust": 1.9
},
{
"db": "VUPEN",
"id": "ADV-2011-0337",
"trust": 1.9
},
{
"db": "BID",
"id": "46206",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "43207",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001195",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201102-152",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-48513",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-074",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-071",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-070",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-066",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-067",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-077",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-073",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-072",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-065",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-068",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-075",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-069",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98320",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48513"
},
{
"db": "BID",
"id": "46206"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001195"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-152"
},
{
"db": "NVD",
"id": "CVE-2011-0568"
}
]
},
"id": "VAR-201102-0024",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48513"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:59:06.577000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-03",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"title": "cpsid_89065",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/890/cpsid_89065.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001195"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0568"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"trust": 1.9,
"url": "http://www.securitytracker.com/id?1025033"
},
{
"trust": 1.9,
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14024"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0568"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2011/at110004.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0568"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/43207"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/46206"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-066/"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-068/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-065/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/vim/section_179/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-072/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-073/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-069/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-075/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-070/"
},
{
"trust": 0.1,
"url": "http://www.fortiguard.com/advisory/fga-2011-06.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-077/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-067/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-071/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-074/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48513"
},
{
"db": "BID",
"id": "46206"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001195"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-152"
},
{
"db": "NVD",
"id": "CVE-2011-0568"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-48513"
},
{
"db": "BID",
"id": "46206"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001195"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-152"
},
{
"db": "NVD",
"id": "CVE-2011-0568"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-48513"
},
{
"date": "2011-02-08T00:00:00",
"db": "BID",
"id": "46206"
},
{
"date": "2011-03-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001195"
},
{
"date": "2011-02-09T03:30:01",
"db": "PACKETSTORM",
"id": "98320"
},
{
"date": "2011-02-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-152"
},
{
"date": "2011-02-10T18:00:58.113000",
"db": "NVD",
"id": "CVE-2011-0568"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-48513"
},
{
"date": "2013-06-20T09:37:00",
"db": "BID",
"id": "46206"
},
{
"date": "2011-03-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001195"
},
{
"date": "2011-02-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-152"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2011-0568"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-152"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001195"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-152"
}
],
"trust": 0.6
}
}
var-201510-0049
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2015-5583, CVE-2015-6705, and CVE-2015-6706. This vulnerability CVE-2015-5583 , CVE-2015-6705 ,and CVE-2015-6706 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlAn attacker could bypass access restrictions and obtain important information. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Security flaws exist in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0049",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows)"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "BID",
"id": "77070"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005300"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-249"
},
{
"db": "NVD",
"id": "CVE-2015-7624"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005300"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Joel Brewer, Alex Inf\u00fchr of Cure53.de, AbdulAziz Hariri and Jasiel Spelman of HP Zero Day Initiative",
"sources": [
{
"db": "BID",
"id": "77070"
}
],
"trust": 0.3
},
"cve": "CVE-2015-7624",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-7624",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-85585",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-7624",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-7624",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-249",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-85585",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85585"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005300"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-249"
},
{
"db": "NVD",
"id": "CVE-2015-7624"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2015-5583, CVE-2015-6705, and CVE-2015-6706. This vulnerability CVE-2015-5583 , CVE-2015-6705 ,and CVE-2015-6706 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlAn attacker could bypass access restrictions and obtain important information. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Security flaws exist in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7624"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005300"
},
{
"db": "BID",
"id": "77070"
},
{
"db": "VULHUB",
"id": "VHN-85585"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-7624",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005300",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201510-249",
"trust": 0.7
},
{
"db": "BID",
"id": "77070",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-85585",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85585"
},
{
"db": "BID",
"id": "77070"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005300"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-249"
},
{
"db": "NVD",
"id": "CVE-2015-7624"
}
]
},
"id": "VAR-201510-0049",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-85585"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:31.821000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58098"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005300"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-249"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
},
{
"problemtype": "CWE-284",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85585"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005300"
},
{
"db": "NVD",
"id": "CVE-2015-7624"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7624"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7624"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85585"
},
{
"db": "BID",
"id": "77070"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005300"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-249"
},
{
"db": "NVD",
"id": "CVE-2015-7624"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-85585"
},
{
"db": "BID",
"id": "77070"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005300"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-249"
},
{
"db": "NVD",
"id": "CVE-2015-7624"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-85585"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77070"
},
{
"date": "2015-10-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005300"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-249"
},
{
"date": "2015-10-14T23:59:57.887000",
"db": "NVD",
"id": "CVE-2015-7624"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-19T00:00:00",
"db": "VULHUB",
"id": "VHN-85585"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77070"
},
{
"date": "2015-10-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005300"
},
{
"date": "2020-05-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-249"
},
{
"date": "2021-09-08T17:19:32.700000",
"db": "NVD",
"id": "CVE-2015-7624"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-249"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to access restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005300"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-249"
}
],
"trust": 0.6
}
}
var-201510-0356
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) by using the Format action for unspecified fields, a different vulnerability than CVE-2015-6686, CVE-2015-6693, CVE-2015-6694, CVE-2015-6695, and CVE-2015-7622. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The flaw exists within the handling of fields. A specially crafted PDF with specific fields with the Format action can force a dangling pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code under the context of the current process. Adobe Acrobat and Reader are prone to multiple memory-corruption vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. Security flaws exist in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0356",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-467"
},
{
"db": "BID",
"id": "77069"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005242"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-198"
},
{
"db": "NVD",
"id": "CVE-2015-6685"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005242"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-467"
}
],
"trust": 0.7
},
"cve": "CVE-2015-6685",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6685",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.7,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-6685",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84646",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6685",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6685",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-6685",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-198",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-84646",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-467"
},
{
"db": "VULHUB",
"id": "VHN-84646"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005242"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-198"
},
{
"db": "NVD",
"id": "CVE-2015-6685"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) by using the Format action for unspecified fields, a different vulnerability than CVE-2015-6686, CVE-2015-6693, CVE-2015-6694, CVE-2015-6695, and CVE-2015-7622. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The flaw exists within the handling of fields. A specially crafted PDF with specific fields with the Format action can force a dangling pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code under the context of the current process. Adobe Acrobat and Reader are prone to multiple memory-corruption vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. Security flaws exist in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6685"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005242"
},
{
"db": "ZDI",
"id": "ZDI-15-467"
},
{
"db": "BID",
"id": "77069"
},
{
"db": "VULHUB",
"id": "VHN-84646"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6685",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-467",
"trust": 2.7
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005242",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2816",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-198",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-15-471",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-466",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-472",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-473",
"trust": 0.3
},
{
"db": "BID",
"id": "77069",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84646",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-467"
},
{
"db": "VULHUB",
"id": "VHN-84646"
},
{
"db": "BID",
"id": "77069"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005242"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-198"
},
{
"db": "NVD",
"id": "CVE-2015-6685"
}
]
},
"id": "VAR-201510-0356",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84646"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:36.640000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product Buffer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58047"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-467"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005242"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-198"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84646"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005242"
},
{
"db": "NVD",
"id": "CVE-2015-6685"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-467"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6685"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6685"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-467/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-466/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-473/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-471/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-472/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-467"
},
{
"db": "VULHUB",
"id": "VHN-84646"
},
{
"db": "BID",
"id": "77069"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005242"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-198"
},
{
"db": "NVD",
"id": "CVE-2015-6685"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-467"
},
{
"db": "VULHUB",
"id": "VHN-84646"
},
{
"db": "BID",
"id": "77069"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005242"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-198"
},
{
"db": "NVD",
"id": "CVE-2015-6685"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-467"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84646"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77069"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005242"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-198"
},
{
"date": "2015-10-14T23:59:06.530000",
"db": "NVD",
"id": "CVE-2015-6685"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-467"
},
{
"date": "2020-05-18T00:00:00",
"db": "VULHUB",
"id": "VHN-84646"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77069"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005242"
},
{
"date": "2020-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-198"
},
{
"date": "2021-09-08T17:19:31.477000",
"db": "NVD",
"id": "CVE-2015-6685"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-198"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005242"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-198"
}
],
"trust": 0.6
}
}
var-201505-0302
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3046, CVE-2015-3049, CVE-2015-3051, CVE-2015-3052, CVE-2015-3056, CVE-2015-3057, CVE-2015-3070, and CVE-2015-3076. Adobe Reader and Acrobat are prone to multiple memory-corruption vulnerabilities. Failed exploit attempts will likely result in denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201505-0302",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002628"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-163"
},
{
"db": "NVD",
"id": "CVE-2015-3050"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002628"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "instruder of Alibaba Security Research Team, Mateusz Jurczyk of Google Project Zero, Alex Inf\u00fchr of Cure53.de, Mateusz Jurczyk of Google Project Zero and Gynvael Coldwind of Google Security Team, Wei Lei, as well as Wu Hongjun of Nanyang Technological Uni",
"sources": [
{
"db": "BID",
"id": "74600"
}
],
"trust": 0.3
},
"cve": "CVE-2015-3050",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3050",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-81011",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3050",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-3050",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-163",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-81011",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-3050",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81011"
},
{
"db": "VULMON",
"id": "CVE-2015-3050"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002628"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-163"
},
{
"db": "NVD",
"id": "CVE-2015-3050"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3046, CVE-2015-3049, CVE-2015-3051, CVE-2015-3052, CVE-2015-3056, CVE-2015-3057, CVE-2015-3070, and CVE-2015-3076. Adobe Reader and Acrobat are prone to multiple memory-corruption vulnerabilities. Failed exploit attempts will likely result in denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3050"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002628"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "VULHUB",
"id": "VHN-81011"
},
{
"db": "VULMON",
"id": "CVE-2015-3050"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3050",
"trust": 2.9
},
{
"db": "BID",
"id": "74600",
"trust": 1.5
},
{
"db": "SECTRACK",
"id": "1032284",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002628",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201505-163",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-81011",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-3050",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81011"
},
{
"db": "VULMON",
"id": "CVE-2015-3050"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002628"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-163"
},
{
"db": "NVD",
"id": "CVE-2015-3050"
}
]
},
"id": "VAR-201505-0302",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81011"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:34:03.155000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb15-10.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150514.html"
},
{
"title": "AdbeRdrUpd11011",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55535"
},
{
"title": "AcrobatUpd11011",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55539"
},
{
"title": "AdbeRdrUpd10114",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55534"
},
{
"title": "AcrobatUpd10114",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55538"
},
{
"title": "AdbeRdrUpd11011",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55533"
},
{
"title": "AcrobatUpd11011",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55537"
},
{
"title": "AdbeRdrUpd10114",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55532"
},
{
"title": "AcrobatUpd10114",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55536"
},
{
"title": "Debian CVElist Bug Report Logs: apache-directory-api: CVE-2015-3250",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=3e18fe2f114e763369218926ea3734ed"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-3050"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002628"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-163"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81011"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002628"
},
{
"db": "NVD",
"id": "CVE-2015-3050"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/74600"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1032284"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3050"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150513-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3050"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=16279"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=39065"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81011"
},
{
"db": "VULMON",
"id": "CVE-2015-3050"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002628"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-163"
},
{
"db": "NVD",
"id": "CVE-2015-3050"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-81011"
},
{
"db": "VULMON",
"id": "CVE-2015-3050"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002628"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-163"
},
{
"db": "NVD",
"id": "CVE-2015-3050"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-81011"
},
{
"date": "2015-05-13T00:00:00",
"db": "VULMON",
"id": "CVE-2015-3050"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74600"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002628"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-163"
},
{
"date": "2015-05-13T10:59:46.840000",
"db": "NVD",
"id": "CVE-2015-3050"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-03T00:00:00",
"db": "VULHUB",
"id": "VHN-81011"
},
{
"date": "2017-01-03T00:00:00",
"db": "VULMON",
"id": "CVE-2015-3050"
},
{
"date": "2015-07-15T01:02:00",
"db": "BID",
"id": "74600"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002628"
},
{
"date": "2015-05-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-163"
},
{
"date": "2017-01-03T19:58:21.070000",
"db": "NVD",
"id": "CVE-2015-3050"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-163"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002628"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-163"
}
],
"trust": 0.6
}
}
var-201004-0133
Vulnerability from variot
Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2010-0192 and CVE-2010-0196. This vulnerability CVE-2010-0192 and CVE-2010-0196 Is a different vulnerability.Service disruption by a third party (DoS) Could be put into a state or execute arbitrary code. Adobe Acrobat and Reader are prone to a denial-of-service vulnerability. Attackers can exploit this issue to crash the application, resulting in a denial-of-service condition. Due to the nature of this issue, arbitrary code execution may also be possible but this has not been confirmed. The following products are affected: Adobe Reader 9.3.1 and prior for Windows, Macintosh, and UNIX Adobe Acrobat 9.3.1 and prior for Windows and Macintosh Adobe Reader 8.2.1 and prior for Windows and Macintosh Acrobat 8.2.1 and prior for Windows and Macintosh Note: This vulnerability was previously documented in BID 39329 (Adobe Acrobat and Reader April 2010 Multiple Remote Vulnerabilities) but has been given its own record to better document the issue. Attackers can exploit these issues to steal cookie-based authentication credentials, cause a denial-of-service, or execute arbitrary code in the context of the user running an affected application.
I. These vulnerabilities affect Reader and Acrobat 9.3.1 and earlier 9.x versions, and 8.2.1 and earlier versions.
An attacker could exploit these vulnerabilities by convincing a user to open a specially crafted PDF file. The Adobe Reader browser plug-in is available for multiple web browsers and operating systems, which can automatically open PDF documents hosted on a website.
II.
III. For a fresh installation, first install Adobe Reader 9.3.0 or 8.2.0 and then use the automatic update feature or install the appropriate update referenced in APSB10-09. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Adobe provides a framework to blacklist specific JavaScipt APIs. If JavaScript must be enabled, this feature may be useful when specific APIs are known to be vulnerable or used in attacks.
Prevent Internet Explorer from automatically opening PDF documents
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7] "EditFlags"=hex:00,00,00,00
Disable the display of PDF documents in the web browser
Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF documents from automatically being opened in a web browser, do the following:
- Open the Edit menu.
- Choose the Preferences option.
- Choose the Internet section.
- Uncheck the "Display PDF in browser" checkbox.
Do not access PDF documents from untrusted sources
Do not open unfamiliar or unexpected PDF documents, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. Please send email to cert@cert.org with "TA10-103C Feedback VU#352598" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
April 13, 2010: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBS8TuRj6pPKYJORa3AQJfzggAj8p3s/TrJT16ceFtRzLR31QBgRq6GxYr h8WnsGlj2WR71XjH219XaWx9Mj3KBWVxbAsNPmK0tEir7KA+n4DwZCewTDYRqfYs 8N7G9MOI68Z87+7zBiZAo0j5/lQuxLWyTF9PqWbX8gCWLqJWW46cEZCqg7OGRbYt w8coxdMXU6tM3WGoWAIKwLRtpQUdubcITPTrE7RATyLJ1422B9dkTSeSCuHHZs5d eXSPYzTQ1EOwHpuA5/a/or2SjeRPLQcpxb/8WKelSqwW3hpK4zviEnPt4cYyeNqW BQY06OQMTKch/nmniuEDuiwe69m0gTw7Tw2Dm6xrg6BLBy3A6GAwkQ== =CQ6i -----END PGP SIGNATURE----- . For further information please consult the CVE entries and the Adobe Security Bulletins referenced below.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.3.4"
References
[ 1 ] APSA10-01 http://www.adobe.com/support/security/advisories/apsa10-01.html [ 2 ] APSB10-02 http://www.adobe.com/support/security/bulletins/apsb10-02.html [ 3 ] APSB10-07 http://www.adobe.com/support/security/bulletins/apsb10-07.html [ 4 ] APSB10-09 http://www.adobe.com/support/security/bulletins/apsb10-09.html [ 5 ] APSB10-14 http://www.adobe.com/support/security/bulletins/apsb10-14.html [ 6 ] APSB10-16 http://www.adobe.com/support/security/bulletins/apsb10-16.html [ 7 ] CVE-2009-3953 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953 [ 8 ] CVE-2009-4324 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324 [ 9 ] CVE-2010-0186 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186 [ 10 ] CVE-2010-0188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188 [ 11 ] CVE-2010-0190 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190 [ 12 ] CVE-2010-0191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191 [ 13 ] CVE-2010-0192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192 [ 14 ] CVE-2010-0193 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193 [ 15 ] CVE-2010-0194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194 [ 16 ] CVE-2010-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195 [ 17 ] CVE-2010-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196 [ 18 ] CVE-2010-0197 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197 [ 19 ] CVE-2010-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198 [ 20 ] CVE-2010-0199 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199 [ 21 ] CVE-2010-0201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201 [ 22 ] CVE-2010-0202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202 [ 23 ] CVE-2010-0203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203 [ 24 ] CVE-2010-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204 [ 25 ] CVE-2010-1241 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241 [ 26 ] CVE-2010-1285 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285 [ 27 ] CVE-2010-1295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295 [ 28 ] CVE-2010-1297 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297 [ 29 ] CVE-2010-2168 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168 [ 30 ] CVE-2010-2201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201 [ 31 ] CVE-2010-2202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202 [ 32 ] CVE-2010-2203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203 [ 33 ] CVE-2010-2204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204 [ 34 ] CVE-2010-2205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205 [ 35 ] CVE-2010-2206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206 [ 36 ] CVE-2010-2207 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207 [ 37 ] CVE-2010-2208 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208 [ 38 ] CVE-2010-2209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209 [ 39 ] CVE-2010-2210 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210 [ 40 ] CVE-2010-2211 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211 [ 41 ] CVE-2010-2212 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201009-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201004-0133",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.4.z (server)"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "39524"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001349"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-246"
},
{
"db": "NVD",
"id": "CVE-2010-0193"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001349"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Billy Rios and Microsoft Vulnerability Research (MSVR), Aki Helin of Oulu University Secure Programming Group, Microsoft Vulnerability Research Program (MSVR), Bing Liu of Fortinet\u0027s FortiGuard Labs, an anonymous researcher reported through TippingPoint\u0026a",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-246"
}
],
"trust": 0.6
},
"cve": "CVE-2010-0193",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-0193",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-42798",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-0193",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2010-0193",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201004-246",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-42798",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42798"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001349"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-246"
},
{
"db": "NVD",
"id": "CVE-2010-0193"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2010-0192 and CVE-2010-0196. This vulnerability CVE-2010-0192 and CVE-2010-0196 Is a different vulnerability.Service disruption by a third party (DoS) Could be put into a state or execute arbitrary code. Adobe Acrobat and Reader are prone to a denial-of-service vulnerability. \nAttackers can exploit this issue to crash the application, resulting in a denial-of-service condition. Due to the nature of this issue, arbitrary code execution may also be possible but this has not been confirmed. \nThe following products are affected:\nAdobe Reader 9.3.1 and prior for Windows, Macintosh, and UNIX\nAdobe Acrobat 9.3.1 and prior for Windows and Macintosh\nAdobe Reader 8.2.1 and prior for Windows and Macintosh\nAcrobat 8.2.1 and prior for Windows and Macintosh\nNote: This vulnerability was previously documented in BID 39329 (Adobe Acrobat and Reader April 2010 Multiple Remote Vulnerabilities) but has been given its own record to better document the issue. \nAttackers can exploit these issues to steal cookie-based authentication credentials, cause a denial-of-service, or execute arbitrary code in the context of the user running an affected application. \n\n\nI. These\n vulnerabilities affect Reader and Acrobat 9.3.1 and earlier 9.x\n versions, and 8.2.1 and earlier versions. \n\n An attacker could exploit these vulnerabilities by convincing a\n user to open a specially crafted PDF file. The Adobe Reader browser\n plug-in is available for multiple web browsers and operating\n systems, which can automatically open PDF documents hosted on a\n website. \n\n\nII. \n\n\nIII. For a fresh installation, first install\n Adobe Reader 9.3.0 or 8.2.0 and then use the automatic update\n feature or install the appropriate update referenced in APSB10-09. Acrobat JavaScript can be disabled using the\n Preferences menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable\n Acrobat JavaScript). \n\n Adobe provides a framework to blacklist specific JavaScipt APIs. If\n JavaScript must be enabled, this feature may be useful when\n specific APIs are known to be vulnerable or used in attacks. \n\n Prevent Internet Explorer from automatically opening PDF documents\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF documents in the web browser\n\n Preventing PDF documents from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF documents from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. \n\n Do not access PDF documents from untrusted sources\n\n Do not open unfamiliar or unexpected PDF documents, particularly\n those hosted on websites or delivered as email attachments. Please\n see Cyber Security Tip ST04-010. \n\n\nIV. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-103C Feedback VU#352598\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n April 13, 2010: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBS8TuRj6pPKYJORa3AQJfzggAj8p3s/TrJT16ceFtRzLR31QBgRq6GxYr\nh8WnsGlj2WR71XjH219XaWx9Mj3KBWVxbAsNPmK0tEir7KA+n4DwZCewTDYRqfYs\n8N7G9MOI68Z87+7zBiZAo0j5/lQuxLWyTF9PqWbX8gCWLqJWW46cEZCqg7OGRbYt\nw8coxdMXU6tM3WGoWAIKwLRtpQUdubcITPTrE7RATyLJ1422B9dkTSeSCuHHZs5d\neXSPYzTQ1EOwHpuA5/a/or2SjeRPLQcpxb/8WKelSqwW3hpK4zviEnPt4cYyeNqW\nBQY06OQMTKch/nmniuEDuiwe69m0gTw7Tw2Dm6xrg6BLBy3A6GAwkQ==\n=CQ6i\n-----END PGP SIGNATURE-----\n. For further\ninformation please consult the CVE entries and the Adobe Security\nBulletins referenced below. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.3.4\"\n\nReferences\n==========\n\n [ 1 ] APSA10-01\n http://www.adobe.com/support/security/advisories/apsa10-01.html\n [ 2 ] APSB10-02\n http://www.adobe.com/support/security/bulletins/apsb10-02.html\n [ 3 ] APSB10-07\n http://www.adobe.com/support/security/bulletins/apsb10-07.html\n [ 4 ] APSB10-09\n http://www.adobe.com/support/security/bulletins/apsb10-09.html\n [ 5 ] APSB10-14\n http://www.adobe.com/support/security/bulletins/apsb10-14.html\n [ 6 ] APSB10-16\n http://www.adobe.com/support/security/bulletins/apsb10-16.html\n [ 7 ] CVE-2009-3953\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953\n [ 8 ] CVE-2009-4324\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324\n [ 9 ] CVE-2010-0186\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186\n [ 10 ] CVE-2010-0188\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188\n [ 11 ] CVE-2010-0190\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190\n [ 12 ] CVE-2010-0191\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191\n [ 13 ] CVE-2010-0192\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192\n [ 14 ] CVE-2010-0193\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193\n [ 15 ] CVE-2010-0194\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194\n [ 16 ] CVE-2010-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195\n [ 17 ] CVE-2010-0196\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196\n [ 18 ] CVE-2010-0197\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197\n [ 19 ] CVE-2010-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198\n [ 20 ] CVE-2010-0199\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199\n [ 21 ] CVE-2010-0201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201\n [ 22 ] CVE-2010-0202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202\n [ 23 ] CVE-2010-0203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203\n [ 24 ] CVE-2010-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204\n [ 25 ] CVE-2010-1241\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241\n [ 26 ] CVE-2010-1285\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285\n [ 27 ] CVE-2010-1295\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295\n [ 28 ] CVE-2010-1297\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297\n [ 29 ] CVE-2010-2168\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168\n [ 30 ] CVE-2010-2201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201\n [ 31 ] CVE-2010-2202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202\n [ 32 ] CVE-2010-2203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203\n [ 33 ] CVE-2010-2204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204\n [ 34 ] CVE-2010-2205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205\n [ 35 ] CVE-2010-2206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206\n [ 36 ] CVE-2010-2207\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207\n [ 37 ] CVE-2010-2208\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208\n [ 38 ] CVE-2010-2209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209\n [ 39 ] CVE-2010-2210\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210\n [ 40 ] CVE-2010-2211\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211\n [ 41 ] CVE-2010-2212\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201009-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-0193"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001349"
},
{
"db": "BID",
"id": "39524"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "VULHUB",
"id": "VHN-42798"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-0193",
"trust": 2.9
},
{
"db": "USCERT",
"id": "TA10-103C",
"trust": 2.6
},
{
"db": "VUPEN",
"id": "ADV-2010-0873",
"trust": 2.5
},
{
"db": "BID",
"id": "39329",
"trust": 2.0
},
{
"db": "XF",
"id": "57701",
"trust": 1.4
},
{
"db": "BID",
"id": "39524",
"trust": 1.2
},
{
"db": "USCERT",
"id": "SA10-103C",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001349",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201004-246",
"trust": 0.7
},
{
"db": "CERT/CC",
"id": "TA10-103C",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-42798",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88345",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "93607",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42798"
},
{
"db": "BID",
"id": "39524"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001349"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-246"
},
{
"db": "NVD",
"id": "CVE-2010-0193"
}
]
},
"id": "VAR-201004-0133",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-42798"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:10:14.106000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-09",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"title": "APSB10-09",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-09.html"
},
{
"title": "RHSA-2010:0349",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0349.html"
},
{
"title": "TA10-103C",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-103c.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001349"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-0193"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-103c.html"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2010/0873"
},
{
"trust": 2.4,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/39329"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/57701"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7352"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57701"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0193"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100009.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-103c/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-13/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0193"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/39524"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-103c.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/index.html#topics"
},
{
"trust": 0.6,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-103c.html\u003e"
},
{
"trust": 0.1,
"url": "http://kb2.adobe.com/cps/504/cpsid_50431.html\u003e"
},
{
"trust": 0.1,
"url": "http://blogs.adobe.com/adobereader/2010/04/upcoming_adobe_reader_and_acro.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2203"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2209"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0188"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0199"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201009-05.xml"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2205"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2211"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1285"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0199"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0190"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2210"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0188"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0198"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-07.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1297"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1241"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1295"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2208"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0190"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0198"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2207"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2168"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2201"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-16.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0186"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2212"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42798"
},
{
"db": "BID",
"id": "39524"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001349"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-246"
},
{
"db": "NVD",
"id": "CVE-2010-0193"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-42798"
},
{
"db": "BID",
"id": "39524"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001349"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-246"
},
{
"db": "NVD",
"id": "CVE-2010-0193"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-14T00:00:00",
"db": "VULHUB",
"id": "VHN-42798"
},
{
"date": "2010-04-16T00:00:00",
"db": "BID",
"id": "39524"
},
{
"date": "2010-04-08T00:00:00",
"db": "BID",
"id": "39329"
},
{
"date": "2010-04-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001349"
},
{
"date": "2010-04-14T07:04:22",
"db": "PACKETSTORM",
"id": "88345"
},
{
"date": "2010-09-08T05:23:46",
"db": "PACKETSTORM",
"id": "93607"
},
{
"date": "2010-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-246"
},
{
"date": "2010-04-14T16:00:00.757000",
"db": "NVD",
"id": "CVE-2010-0193"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-42798"
},
{
"date": "2010-09-07T21:12:00",
"db": "BID",
"id": "39524"
},
{
"date": "2010-04-16T15:53:00",
"db": "BID",
"id": "39329"
},
{
"date": "2010-04-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001349"
},
{
"date": "2010-04-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-246"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2010-0193"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "39524"
},
{
"db": "BID",
"id": "39329"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001349"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "39524"
},
{
"db": "BID",
"id": "39329"
}
],
"trust": 0.6
}
}
var-201009-0241
Vulnerability from variot
Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, and Solaris and 10.1.92.10 on Android; authplay.dll in Adobe Reader and Acrobat 9.x before 9.4; and authplay.dll in Adobe Reader and Acrobat 8.x before 8.2.5 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in September 2010. Adobe Flash Contains a vulnerability. Attack activity using this vulnerability has been confirmed.Crafted Flash By browsing a document with embedded content, arbitrary code may be executed. Failed attacks may cause denial-of-service conditions. The product enables viewing of applications, content and video across screens and browsers.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201101-08
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: January 21, 2011 Bugs: #336508, #343091 ID: 201101-08
Synopsis
Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code.
Background
Adobe Reader (formerly Adobe Acrobat Reader) is a closed-source PDF reader.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.4.1 >= 9.4.1
Description
Multiple vulnerabilities were discovered in Adobe Reader. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest stable version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.1"
References
[ 1 ] APSB10-21 http://www.adobe.com/support/security/bulletins/apsb10-21.html [ 2 ] APSB10-28 http://www.adobe.com/support/security/bulletins/apsb10-28.html [ 3 ] CVE-2010-2883 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2883 [ 4 ] CVE-2010-2884 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884 [ 5 ] CVE-2010-2887 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2887 [ 6 ] CVE-2010-2889 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2889 [ 7 ] CVE-2010-2890 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2890 [ 8 ] CVE-2010-3619 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3619 [ 9 ] CVE-2010-3620 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3620 [ 10 ] CVE-2010-3621 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3621 [ 11 ] CVE-2010-3622 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3622 [ 12 ] CVE-2010-3625 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3625 [ 13 ] CVE-2010-3626 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3626 [ 14 ] CVE-2010-3627 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3627 [ 15 ] CVE-2010-3628 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3628 [ 16 ] CVE-2010-3629 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3629 [ 17 ] CVE-2010-3630 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3630 [ 18 ] CVE-2010-3632 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3632 [ 19 ] CVE-2010-3654 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654 [ 20 ] CVE-2010-3656 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3656 [ 21 ] CVE-2010-3657 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3657 [ 22 ] CVE-2010-3658 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3658 [ 23 ] CVE-2010-4091 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4091
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201101-08.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201009-0241",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.8,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "5.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "5.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "5.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "5.0.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "5.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "5.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "5.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.32.18"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.12.36"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.22.87"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.15.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.42.34"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "3.02"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "3.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.20.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.31.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.246.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.114.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.82.76"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.12.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.112.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.18d60"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.47.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "3.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5a"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.39.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.16"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.260.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.125.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5a"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.42.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.151.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.70.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.125.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.34.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.152.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.31"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.0.584"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.10"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.115.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.35.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.24.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.28"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.63"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.22.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "3.01"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.48.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.45.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0.33.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.124.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.159.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.20"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.5"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.69.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5c"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.25"
},
{
"model": "flash player",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0.28.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5c"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.92.10"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adobe",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.8"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6 to v10.6.4"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.8"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6 to v10.6.4"
},
{
"model": "flash player",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "10.1.82.76 windows edition"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh edition"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "linux edition"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "solaris edition"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "10.1.92.10 android edition"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "10"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "11 express"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.12.35"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "opensuse",
"scope": "ne",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.2"
},
{
"model": "linux enterprise sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.397.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.391.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.398.0"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.95.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.51.66"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.47255"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.381.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.394.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.396.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "opensuse",
"scope": "ne",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.0.2.12610"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "chrome",
"scope": "ne",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.62"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.395.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "solaris express",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "11"
},
{
"model": "linux enterprise desktop",
"scope": "ne",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "air",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2.0.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.385.0"
},
{
"model": "linux enterprise desktop sp3",
"scope": "ne",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "moblin",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "2.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.59"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.384.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3218"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.1"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "linux enterprise sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.53.64"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.390.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.3.9130"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"model": "linux enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.3.9120"
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.382.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.378.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "opensuse",
"scope": "ne",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.82.76"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "flash player",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.85.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.452"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.0.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.387.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.393.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.382.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "moblin",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "2.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.386.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "linux enterprise desktop sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.392.0"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.380.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.472.53"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.383.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.376.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.92.10"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.379.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#275289"
},
{
"db": "BID",
"id": "43205"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002089"
},
{
"db": "CNNVD",
"id": "CNNVD-201009-136"
},
{
"db": "NVD",
"id": "CVE-2010-2884"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:flash_player",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:oracle:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-002089"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Steven Adair of the Shadowserver Foundation",
"sources": [
{
"db": "BID",
"id": "43205"
}
],
"trust": 0.3
},
"cve": "CVE-2010-2884",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-2884",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-45489",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-2884",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#275289",
"trust": 0.8,
"value": "31.59"
},
{
"author": "NVD",
"id": "CVE-2010-2884",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201009-136",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-45489",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#275289"
},
{
"db": "VULHUB",
"id": "VHN-45489"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002089"
},
{
"db": "CNNVD",
"id": "CNNVD-201009-136"
},
{
"db": "NVD",
"id": "CVE-2010-2884"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, and Solaris and 10.1.92.10 on Android; authplay.dll in Adobe Reader and Acrobat 9.x before 9.4; and authplay.dll in Adobe Reader and Acrobat 8.x before 8.2.5 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in September 2010. Adobe Flash Contains a vulnerability. Attack activity using this vulnerability has been confirmed.Crafted Flash By browsing a document with embedded content, arbitrary code may be executed. Failed attacks may cause denial-of-service conditions. The product enables viewing of applications, content and video across screens and browsers. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201101-08\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: January 21, 2011\n Bugs: #336508, #343091\n ID: 201101-08\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might result in the execution\nof arbitrary code. \n\nBackground\n==========\n\nAdobe Reader (formerly Adobe Acrobat Reader) is a closed-source PDF\nreader. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/acroread \u003c 9.4.1 \u003e= 9.4.1\n\nDescription\n===========\n\nMultiple vulnerabilities were discovered in Adobe Reader. For further\ninformation please consult the CVE entries and the Adobe Security\nBulletins referenced below. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest stable version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.4.1\"\n\nReferences\n==========\n\n [ 1 ] APSB10-21\n http://www.adobe.com/support/security/bulletins/apsb10-21.html\n [ 2 ] APSB10-28\n http://www.adobe.com/support/security/bulletins/apsb10-28.html\n [ 3 ] CVE-2010-2883\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2883\n [ 4 ] CVE-2010-2884\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884\n [ 5 ] CVE-2010-2887\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2887\n [ 6 ] CVE-2010-2889\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2889\n [ 7 ] CVE-2010-2890\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2890\n [ 8 ] CVE-2010-3619\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3619\n [ 9 ] CVE-2010-3620\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3620\n [ 10 ] CVE-2010-3621\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3621\n [ 11 ] CVE-2010-3622\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3622\n [ 12 ] CVE-2010-3625\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3625\n [ 13 ] CVE-2010-3626\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3626\n [ 14 ] CVE-2010-3627\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3627\n [ 15 ] CVE-2010-3628\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3628\n [ 16 ] CVE-2010-3629\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3629\n [ 17 ] CVE-2010-3630\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3630\n [ 18 ] CVE-2010-3632\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3632\n [ 19 ] CVE-2010-3654\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654\n [ 20 ] CVE-2010-3656\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3656\n [ 21 ] CVE-2010-3657\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3657\n [ 22 ] CVE-2010-3658\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3658\n [ 23 ] CVE-2010-4091\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4091\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201101-08.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2011 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-2884"
},
{
"db": "CERT/CC",
"id": "VU#275289"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002089"
},
{
"db": "BID",
"id": "43205"
},
{
"db": "VULHUB",
"id": "VHN-45489"
},
{
"db": "PACKETSTORM",
"id": "97735"
},
{
"db": "PACKETSTORM",
"id": "97734"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#275289",
"trust": 3.0
},
{
"db": "NVD",
"id": "CVE-2010-2884",
"trust": 3.0
},
{
"db": "SECUNIA",
"id": "41435",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "41443",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "41434",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2010-2348",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2010-2349",
"trust": 2.5
},
{
"db": "USCERT",
"id": "TA10-279A",
"trust": 1.9
},
{
"db": "USCERT",
"id": "TA10-263A",
"trust": 1.9
},
{
"db": "XF",
"id": "61771",
"trust": 1.4
},
{
"db": "SECUNIA",
"id": "43025",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "41526",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "43026",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2011-0192",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2011-0191",
"trust": 1.1
},
{
"db": "USCERT",
"id": "SA10-263A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA10-279A",
"trust": 0.8
},
{
"db": "VUPEN",
"id": "ADV-2010-2573",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002089",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201009-136",
"trust": 0.7
},
{
"db": "BID",
"id": "43205",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-45489",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "97735",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "97734",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#275289"
},
{
"db": "VULHUB",
"id": "VHN-45489"
},
{
"db": "BID",
"id": "43205"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002089"
},
{
"db": "PACKETSTORM",
"id": "97735"
},
{
"db": "PACKETSTORM",
"id": "97734"
},
{
"db": "CNNVD",
"id": "CNNVD-201009-136"
},
{
"db": "NVD",
"id": "CVE-2010-2884"
}
]
},
"id": "VAR-201009-0241",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-45489"
}
],
"trust": 0.01
},
"last_update_date": "2024-09-19T20:30:49.056000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSA10-03",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/advisories/apsa10-03.html"
},
{
"title": "APSB10-22",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-22.html"
},
{
"title": "APSB10-21",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-21.html"
},
{
"title": "cpsid_86695",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/866/cpsid_86695.html"
},
{
"title": "APSB10-21",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-21.html"
},
{
"title": "cpsid_86922",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/869/cpsid_86922.html"
},
{
"title": "APSB10-22",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-22.html"
},
{
"title": "APSA10-03",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/advisories/apsa10-03.html"
},
{
"title": "HT4435",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4435"
},
{
"title": "HT4435",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4435?viewlocale=ja_JP"
},
{
"title": "RHSA-2010:0743",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0743.html"
},
{
"title": "RHSA-2010:0706",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0706.html"
},
{
"title": "cve_2010_2884_vulnerability_in",
"trust": 0.8,
"url": "http://blogs.sun.com/security/entry/cve_2010_2884_vulnerability_in"
},
{
"title": "TA10-279A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-279a.html"
},
{
"title": "TA10-263A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-263a.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-002089"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-2884"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://www.adobe.com/support/security/advisories/apsa10-03.html"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/41434"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/41435"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/41443"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2010/2348"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2010/2349"
},
{
"trust": 2.2,
"url": "http://www.kb.cert.org/vuls/id/275289"
},
{
"trust": 1.9,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-263a.html"
},
{
"trust": 1.9,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-279a.html"
},
{
"trust": 1.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-21.html"
},
{
"trust": 1.6,
"url": "http://blogs.adobe.com/psirt/2010/09/security-advisory-for-adobe-flash-player-apsa10-03.html"
},
{
"trust": 1.6,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 1.5,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-22.html"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/61771"
},
{
"trust": 1.2,
"url": "http://security.gentoo.org/glsa/glsa-201101-08.xml"
},
{
"trust": 1.2,
"url": "http://security.gentoo.org/glsa/glsa-201101-09.xml"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2010//nov/msg00000.html"
},
{
"trust": 1.1,
"url": "http://support.apple.com/kb/ht4435"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a6852"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2010-0706.html"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2010-0743.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/41526"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/43025"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/43026"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2011/0191"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2011/0192"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61771"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2884"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20100921-adobe.html"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20101006-adobe.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2010/at100024.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2010/at100026.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu275289"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-25"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-279a"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu331391"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-263a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2884"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-279a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-263a.html"
},
{
"trust": 0.8,
"url": "http://www.vupen.com/english/advisories/2010/2573"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/flash/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://blogs.sun.com/security/entry/cve_2010_2884_vulnerability_in"
},
{
"trust": 0.3,
"url": "http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_17.html"
},
{
"trust": 0.2,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3654"
},
{
"trust": 0.2,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.2,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2182"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3639"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2181"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2161"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0187"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2174"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3644"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2166"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2215"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2176"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2171"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2162"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2160"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2181"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4546"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-4546"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1297"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2163"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2180"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2171"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2180"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2176"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2164"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2179"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2169"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3648"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2164"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0187"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2163"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0209"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2173"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1297"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3793"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2177"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3645"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2179"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2165"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2172"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3976"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2216"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-16.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3647"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2173"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-06.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2172"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3793"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2160"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2213"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2184"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2167"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3646"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2169"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2175"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2214"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2178"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2165"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-26.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2188"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2189"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3643"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2161"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3636"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0209"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2166"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3641"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2185"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2174"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3650"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2183"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2178"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2170"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2177"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3652"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2162"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3640"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2170"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2175"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2187"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3649"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2167"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2182"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3642"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2890"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3620"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3656"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3621"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3619"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2889"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2883"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2890"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3629"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3629"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3619"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3625"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3628"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2883"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3625"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3626"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3657"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3657"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3622"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3658"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2884"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3620"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3632"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3654"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3632"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2889"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3622"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3656"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2887"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3621"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3628"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3626"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3658"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2887"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4091"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3630"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3630"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#275289"
},
{
"db": "VULHUB",
"id": "VHN-45489"
},
{
"db": "BID",
"id": "43205"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002089"
},
{
"db": "PACKETSTORM",
"id": "97735"
},
{
"db": "PACKETSTORM",
"id": "97734"
},
{
"db": "CNNVD",
"id": "CNNVD-201009-136"
},
{
"db": "NVD",
"id": "CVE-2010-2884"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#275289"
},
{
"db": "VULHUB",
"id": "VHN-45489"
},
{
"db": "BID",
"id": "43205"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002089"
},
{
"db": "PACKETSTORM",
"id": "97735"
},
{
"db": "PACKETSTORM",
"id": "97734"
},
{
"db": "CNNVD",
"id": "CNNVD-201009-136"
},
{
"db": "NVD",
"id": "CVE-2010-2884"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-09-14T00:00:00",
"db": "CERT/CC",
"id": "VU#275289"
},
{
"date": "2010-09-15T00:00:00",
"db": "VULHUB",
"id": "VHN-45489"
},
{
"date": "2010-09-13T00:00:00",
"db": "BID",
"id": "43205"
},
{
"date": "2010-10-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-002089"
},
{
"date": "2011-01-21T21:15:05",
"db": "PACKETSTORM",
"id": "97735"
},
{
"date": "2011-01-21T21:14:13",
"db": "PACKETSTORM",
"id": "97734"
},
{
"date": "2010-09-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201009-136"
},
{
"date": "2010-09-15T18:00:44.073000",
"db": "NVD",
"id": "CVE-2010-2884"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-09-21T00:00:00",
"db": "CERT/CC",
"id": "VU#275289"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-45489"
},
{
"date": "2015-03-19T08:37:00",
"db": "BID",
"id": "43205"
},
{
"date": "2010-12-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-002089"
},
{
"date": "2011-07-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201009-136"
},
{
"date": "2018-10-30T16:26:24.687000",
"db": "NVD",
"id": "CVE-2010-2884"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "97735"
},
{
"db": "CNNVD",
"id": "CNNVD-201009-136"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash unspecified code execution vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#275289"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201009-136"
}
],
"trust": 0.6
}
}
var-201011-0203
Vulnerability from variot
The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information. Adobe Acrobat and Reader are prone to multiple security vulnerabilities. Adobe released an advance advisory regarding multiple security vulnerabilities in Reader and Acrobat. The vendor indicates that these issues will be addressed in updates for Microsoft Windows and Mac platforms on Tuesday, November 16, 2010, and for UNIX platforms on Monday, November 30, 2010. This BID will be updated when the advisory is released. Adobe Reader and Acrobat 9.4 and earlier are vulnerable. Successful exploits may allow attackers to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition.
For more information: SA41340 SA41435 SA42030 SA42095
SOLUTION: Update to version "app-text/acroread-9.4.1" or later. ----------------------------------------------------------------------
Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM) Beta.
Join the beta: http://secunia.com/products/corporate/vim/
TITLE: Adobe Reader Unspecified Memory Corruption Vulnerability
SECUNIA ADVISORY ID: SA42095
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42095/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42095
RELEASE DATE: 2010-11-05
DISCUSS ADVISORY: http://secunia.com/advisories/42095/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/42095/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=42095
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in Adobe Reader, which can be exploited by malicious people to potentially compromise a user's system.
The vulnerability is caused due to an unspecified error when parsing PDF files and can be exploited to corrupt memory.
The vulnerability is confirmed in version 9.4.0.
SOLUTION: Do not open untrusted PDF files.
PROVIDED AND/OR DISCOVERED BY: scup
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.
For more information: SA42030 SA42095
SOLUTION: Updated packages are available via Red Hat Network. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.7"
References
[ 1 ] CVE-2010-4091 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091 [ 2 ] CVE-2011-0562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562 [ 3 ] CVE-2011-0563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563 [ 4 ] CVE-2011-0565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565 [ 5 ] CVE-2011-0566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566 [ 6 ] CVE-2011-0567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567 [ 7 ] CVE-2011-0570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570 [ 8 ] CVE-2011-0585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585 [ 9 ] CVE-2011-0586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586 [ 10 ] CVE-2011-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587 [ 11 ] CVE-2011-0588 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588 [ 12 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 13 ] CVE-2011-0590 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590 [ 14 ] CVE-2011-0591 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591 [ 15 ] CVE-2011-0592 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592 [ 16 ] CVE-2011-0593 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593 [ 17 ] CVE-2011-0594 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594 [ 18 ] CVE-2011-0595 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595 [ 19 ] CVE-2011-0596 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596 [ 20 ] CVE-2011-0598 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598 [ 21 ] CVE-2011-0599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599 [ 22 ] CVE-2011-0600 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600 [ 23 ] CVE-2011-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602 [ 24 ] CVE-2011-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603 [ 25 ] CVE-2011-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604 [ 26 ] CVE-2011-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605 [ 27 ] CVE-2011-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606 [ 28 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 29 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 30 ] CVE-2011-2135 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 31 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 32 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 33 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 34 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 35 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 36 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 37 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 38 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 39 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 40 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 41 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 42 ] CVE-2011-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431 [ 43 ] CVE-2011-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432 [ 44 ] CVE-2011-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433 [ 45 ] CVE-2011-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434 [ 46 ] CVE-2011-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435 [ 47 ] CVE-2011-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436 [ 48 ] CVE-2011-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437 [ 49 ] CVE-2011-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438 [ 50 ] CVE-2011-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439 [ 51 ] CVE-2011-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440 [ 52 ] CVE-2011-2441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441 [ 53 ] CVE-2011-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442 [ 54 ] CVE-2011-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462 [ 55 ] CVE-2011-4369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201201-19.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201011-0203",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh unix"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4 and earlier for windows macintosh"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.1 and earlier for windows"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4 and earlier for windows"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0) for windows macintosh"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0) and earlier for windows macintosh"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat professional extended",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
}
],
"sources": [
{
"db": "BID",
"id": "44838"
},
{
"db": "BID",
"id": "44638"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002470"
},
{
"db": "CNNVD",
"id": "CNNVD-201011-073"
},
{
"db": "NVD",
"id": "CVE-2010-4091"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_server_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_workstation_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-002470"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe",
"sources": [
{
"db": "BID",
"id": "44838"
}
],
"trust": 0.3
},
"cve": "CVE-2010-4091",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-4091",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-46696",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-4091",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2010-4091",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201011-073",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-46696",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2010-4091",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-46696"
},
{
"db": "VULMON",
"id": "CVE-2010-4091"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002470"
},
{
"db": "CNNVD",
"id": "CNNVD-201011-073"
},
{
"db": "NVD",
"id": "CVE-2010-4091"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information. Adobe Acrobat and Reader are prone to multiple security vulnerabilities. \nAdobe released an advance advisory regarding multiple security vulnerabilities in Reader and Acrobat. The vendor indicates that these issues will be addressed in updates for Microsoft Windows and Mac platforms on Tuesday, November 16, 2010, and for UNIX platforms on Monday, November 30, 2010. \nThis BID will be updated when the advisory is released. \nAdobe Reader and Acrobat 9.4 and earlier are vulnerable. \nSuccessful exploits may allow attackers to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition. \n\nFor more information:\nSA41340\nSA41435\nSA42030\nSA42095\n\nSOLUTION:\nUpdate to version \"app-text/acroread-9.4.1\" or later. ----------------------------------------------------------------------\n\n\nSecure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM) Beta. \n\nJoin the beta: \nhttp://secunia.com/products/corporate/vim/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader Unspecified Memory Corruption Vulnerability\n\nSECUNIA ADVISORY ID:\nSA42095\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/42095/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42095\n\nRELEASE DATE:\n2010-11-05\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/42095/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/42095/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42095\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in Adobe Reader, which can be\nexploited by malicious people to potentially compromise a user\u0027s\nsystem. \n\nThe vulnerability is caused due to an unspecified error when parsing\nPDF files and can be exploited to corrupt memory. \n\nThe vulnerability is confirmed in version 9.4.0. \n\nSOLUTION:\nDo not open untrusted PDF files. \n\nPROVIDED AND/OR DISCOVERED BY:\nscup\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. For further\ninformation please consult the CVE entries and the Adobe Security\nBulletins referenced below. This fixes multiple\nvulnerabilities, which can be exploited by malicious people to\ncompromise a user\u0027s system. \n\nFor more information:\nSA42030\nSA42095\n\nSOLUTION:\nUpdated packages are available via Red Hat Network. Please\nreview the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.4.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-4091\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091\n[ 2 ] CVE-2011-0562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562\n[ 3 ] CVE-2011-0563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563\n[ 4 ] CVE-2011-0565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565\n[ 5 ] CVE-2011-0566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566\n[ 6 ] CVE-2011-0567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567\n[ 7 ] CVE-2011-0570\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570\n[ 8 ] CVE-2011-0585\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585\n[ 9 ] CVE-2011-0586\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586\n[ 10 ] CVE-2011-0587\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587\n[ 11 ] CVE-2011-0588\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588\n[ 12 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 13 ] CVE-2011-0590\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590\n[ 14 ] CVE-2011-0591\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591\n[ 15 ] CVE-2011-0592\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592\n[ 16 ] CVE-2011-0593\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593\n[ 17 ] CVE-2011-0594\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594\n[ 18 ] CVE-2011-0595\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595\n[ 19 ] CVE-2011-0596\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596\n[ 20 ] CVE-2011-0598\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598\n[ 21 ] CVE-2011-0599\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599\n[ 22 ] CVE-2011-0600\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600\n[ 23 ] CVE-2011-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602\n[ 24 ] CVE-2011-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603\n[ 25 ] CVE-2011-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604\n[ 26 ] CVE-2011-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605\n[ 27 ] CVE-2011-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606\n[ 28 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 29 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 30 ] CVE-2011-2135\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 31 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 32 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 33 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 34 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 35 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 36 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 37 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 38 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 39 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 40 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 41 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 42 ] CVE-2011-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431\n[ 43 ] CVE-2011-2432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432\n[ 44 ] CVE-2011-2433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433\n[ 45 ] CVE-2011-2434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434\n[ 46 ] CVE-2011-2435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435\n[ 47 ] CVE-2011-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436\n[ 48 ] CVE-2011-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437\n[ 49 ] CVE-2011-2438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438\n[ 50 ] CVE-2011-2439\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439\n[ 51 ] CVE-2011-2440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440\n[ 52 ] CVE-2011-2441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441\n[ 53 ] CVE-2011-2442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442\n[ 54 ] CVE-2011-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462\n[ 55 ] CVE-2011-4369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201201-19.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-4091"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002470"
},
{
"db": "BID",
"id": "44838"
},
{
"db": "BID",
"id": "44638"
},
{
"db": "VULHUB",
"id": "VHN-46696"
},
{
"db": "VULMON",
"id": "CVE-2010-4091"
},
{
"db": "PACKETSTORM",
"id": "97778"
},
{
"db": "PACKETSTORM",
"id": "95541"
},
{
"db": "PACKETSTORM",
"id": "97734"
},
{
"db": "PACKETSTORM",
"id": "96330"
},
{
"db": "PACKETSTORM",
"id": "109194"
}
],
"trust": 2.79
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-46696",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=15419",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-46696"
},
{
"db": "VULMON",
"id": "CVE-2010-4091"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-4091",
"trust": 3.1
},
{
"db": "BID",
"id": "44638",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "42095",
"trust": 2.7
},
{
"db": "VUPEN",
"id": "ADV-2010-2890",
"trust": 2.6
},
{
"db": "OSVDB",
"id": "69005",
"trust": 2.0
},
{
"db": "EXPLOIT-DB",
"id": "15419",
"trust": 1.8
},
{
"db": "XF",
"id": "62996",
"trust": 1.4
},
{
"db": "SECUNIA",
"id": "43025",
"trust": 1.3
},
{
"db": "SECUNIA",
"id": "42401",
"trust": 1.3
},
{
"db": "VUPEN",
"id": "ADV-2010-3111",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2011-0191",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2011-0337",
"trust": 1.2
},
{
"db": "SECTRACK",
"id": "1025033",
"trust": 1.2
},
{
"db": "SECTRACK",
"id": "1024684",
"trust": 1.2
},
{
"db": "BID",
"id": "44838",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002470",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201011-073",
"trust": 0.7
},
{
"db": "FULLDISC",
"id": "20101103 [0DAYZ] ACROBAT READER MEMORY CORRUPTION REMOTE ARBITRARY CODE EXECUTION",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "109194",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-70134",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-46696",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2010-4091",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "97778",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "95541",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "97734",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "96330",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-46696"
},
{
"db": "VULMON",
"id": "CVE-2010-4091"
},
{
"db": "BID",
"id": "44838"
},
{
"db": "BID",
"id": "44638"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002470"
},
{
"db": "PACKETSTORM",
"id": "97778"
},
{
"db": "PACKETSTORM",
"id": "95541"
},
{
"db": "PACKETSTORM",
"id": "97734"
},
{
"db": "PACKETSTORM",
"id": "96330"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201011-073"
},
{
"db": "NVD",
"id": "CVE-2010-4091"
}
]
},
"id": "VAR-201011-0203",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-46696"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:53:56.748000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-28",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
},
{
"title": "APSB11-03",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"title": "APSB10-28",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-28.html"
},
{
"title": "cpsid_88012",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/880/cpsid_88012.html"
},
{
"title": "cpsid_89065",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/890/cpsid_89065.html"
},
{
"title": "RHSA-2010:0934",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0934.html"
},
{
"title": "AdbeRdrUpd1001_Tier2",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38291"
},
{
"title": "AcrobatUpd1001",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38218"
},
{
"title": "AcrobatUpd1001_Tier4",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38222"
},
{
"title": "AcroProUpd826_all",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38275"
},
{
"title": "AdbeRdrUpd942_all_ppc",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38360"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/0xCyberY/CVE-T4PDF "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-4091"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002470"
},
{
"db": "CNNVD",
"id": "CNNVD-201011-073"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-46696"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002470"
},
{
"db": "NVD",
"id": "CVE-2010-4091"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://www.securityfocus.com/bid/44638"
},
{
"trust": 2.6,
"url": "http://secunia.com/advisories/42095"
},
{
"trust": 2.6,
"url": "http://www.vupen.com/english/advisories/2010/2890"
},
{
"trust": 2.1,
"url": "http://blogs.adobe.com/psirt/2010/11/potential-issue-in-adobe-reader.html"
},
{
"trust": 2.0,
"url": "http://osvdb.org/69005"
},
{
"trust": 1.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
},
{
"trust": 1.8,
"url": "http://www.exploit-db.com/exploits/15419"
},
{
"trust": 1.8,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0024.html"
},
{
"trust": 1.5,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"trust": 1.5,
"url": "http://extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/62996"
},
{
"trust": 1.3,
"url": "http://security.gentoo.org/glsa/glsa-201101-08.xml"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12527"
},
{
"trust": 1.2,
"url": "http://www.redhat.com/support/errata/rhsa-2010-0934.html"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id?1024684"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id?1025033"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/42401"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/43025"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2010/3111"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2011/0191"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"trust": 1.2,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62996"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4091"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2010/at100031.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-4091"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/44838"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://seclists.org/fulldisclosure/2010/nov/23"
},
{
"trust": 0.3,
"url": "http://kb2.adobe.com/cps/504/cpsid_50431.html"
},
{
"trust": 0.3,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.3,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.3,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.3,
"url": "http://secunia.com/products/corporate/vim/"
},
{
"trust": 0.3,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.3,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.3,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.2,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.2,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.2,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/15419/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43025/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43025"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43025/#comments"
},
{
"trust": 0.1,
"url": "http://www.gentoo.org/security/en/glsa/glsa-201101-08.xml"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42095"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/42095/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/42095/#comments"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2890"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3620"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3656"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3621"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3619"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2889"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2883"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2890"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3629"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3629"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3619"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3625"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-21.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3628"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2883"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3625"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3626"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3657"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3654"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3657"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3622"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3658"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2884"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3620"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3632"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3654"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3632"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2889"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3622"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3656"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2887"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3621"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3628"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3626"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3627"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2884"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3658"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2887"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3630"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3630"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42401"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/42401/"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2010-0934.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/42401/#comments"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-46696"
},
{
"db": "VULMON",
"id": "CVE-2010-4091"
},
{
"db": "BID",
"id": "44838"
},
{
"db": "BID",
"id": "44638"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002470"
},
{
"db": "PACKETSTORM",
"id": "97778"
},
{
"db": "PACKETSTORM",
"id": "95541"
},
{
"db": "PACKETSTORM",
"id": "97734"
},
{
"db": "PACKETSTORM",
"id": "96330"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201011-073"
},
{
"db": "NVD",
"id": "CVE-2010-4091"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-46696"
},
{
"db": "VULMON",
"id": "CVE-2010-4091"
},
{
"db": "BID",
"id": "44838"
},
{
"db": "BID",
"id": "44638"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002470"
},
{
"db": "PACKETSTORM",
"id": "97778"
},
{
"db": "PACKETSTORM",
"id": "95541"
},
{
"db": "PACKETSTORM",
"id": "97734"
},
{
"db": "PACKETSTORM",
"id": "96330"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201011-073"
},
{
"db": "NVD",
"id": "CVE-2010-4091"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-11-07T00:00:00",
"db": "VULHUB",
"id": "VHN-46696"
},
{
"date": "2010-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2010-4091"
},
{
"date": "2010-11-12T00:00:00",
"db": "BID",
"id": "44838"
},
{
"date": "2010-11-04T00:00:00",
"db": "BID",
"id": "44638"
},
{
"date": "2010-12-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-002470"
},
{
"date": "2011-01-24T07:05:02",
"db": "PACKETSTORM",
"id": "97778"
},
{
"date": "2010-11-05T10:53:47",
"db": "PACKETSTORM",
"id": "95541"
},
{
"date": "2011-01-21T21:14:13",
"db": "PACKETSTORM",
"id": "97734"
},
{
"date": "2010-12-03T09:08:04",
"db": "PACKETSTORM",
"id": "96330"
},
{
"date": "2012-01-31T00:07:37",
"db": "PACKETSTORM",
"id": "109194"
},
{
"date": "2010-11-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201011-073"
},
{
"date": "2010-11-07T22:00:03.410000",
"db": "NVD",
"id": "CVE-2010-4091"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-46696"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2010-4091"
},
{
"date": "2013-06-20T09:38:00",
"db": "BID",
"id": "44838"
},
{
"date": "2013-06-20T09:40:00",
"db": "BID",
"id": "44638"
},
{
"date": "2011-02-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-002470"
},
{
"date": "2011-07-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201011-073"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2010-4091"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201011-073"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat of EScript.api Vulnerability to execute arbitrary code in plug-in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-002470"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201011-073"
}
],
"trust": 0.6
}
}
var-201405-0217
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0522, CVE-2014-0523, and CVE-2014-0524. Adobe Acrobat and Reader are prone to an unspecified memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. The following products are affected: Adobe Reader 11.x versions prior to 11.0.07 Adobe Reader 10.x versions prior to 10.1.10 Adobe Acrobat 11.x versions prior to 11.0.07 Adobe Acrobat 10.x versions prior to 10.1.10. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201405-0217",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.07)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.10)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.07)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.10)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "67370"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002486"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-251"
},
{
"db": "NVD",
"id": "CVE-2014-0526"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002486"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Pedro Ribeiro from Agile Information Security, and Honglin Long.",
"sources": [
{
"db": "BID",
"id": "67370"
}
],
"trust": 0.3
},
"cve": "CVE-2014-0526",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-0526",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-68019",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-0526",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-0526",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201405-251",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-68019",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2014-0526",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68019"
},
{
"db": "VULMON",
"id": "CVE-2014-0526"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002486"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-251"
},
{
"db": "NVD",
"id": "CVE-2014-0526"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0522, CVE-2014-0523, and CVE-2014-0524. Adobe Acrobat and Reader are prone to an unspecified memory-corruption vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. \nThe following products are affected:\nAdobe Reader 11.x versions prior to 11.0.07\nAdobe Reader 10.x versions prior to 10.1.10\nAdobe Acrobat 11.x versions prior to 11.0.07\nAdobe Acrobat 10.x versions prior to 10.1.10. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0526"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002486"
},
{
"db": "BID",
"id": "67370"
},
{
"db": "VULHUB",
"id": "VHN-68019"
},
{
"db": "VULMON",
"id": "CVE-2014-0526"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0526",
"trust": 2.9
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002486",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201405-251",
"trust": 0.7
},
{
"db": "BID",
"id": "67370",
"trust": 0.5
},
{
"db": "VULHUB",
"id": "VHN-68019",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2014-0526",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68019"
},
{
"db": "VULMON",
"id": "CVE-2014-0526"
},
{
"db": "BID",
"id": "67370"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002486"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-251"
},
{
"db": "NVD",
"id": "CVE-2014-0526"
}
]
},
"id": "VAR-201405-0217",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-68019"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T15:35:06.042000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB14-15",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-15.html"
},
{
"title": "APSB14-15",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb14-15.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20140515.html"
},
{
"title": "radamsa-Fuzzer",
"trust": 0.1,
"url": "https://github.com/sunzu94/radamsa-Fuzzer "
},
{
"title": "RADAMSA",
"trust": 0.1,
"url": "https://github.com/StephenHaruna/RADAMSA "
},
{
"title": "radamsa",
"trust": 0.1,
"url": "https://github.com/Hwangtaewon/radamsa "
},
{
"title": "radamsa",
"trust": 0.1,
"url": "https://github.com/benoit-a/radamsa "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0526"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002486"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68019"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002486"
},
{
"db": "NVD",
"id": "CVE-2014-0526"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-15.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0526"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20140514-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140023.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0526"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=13798"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://www.securityfocus.com/bid/67370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/sunzu94/radamsa-fuzzer"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68019"
},
{
"db": "VULMON",
"id": "CVE-2014-0526"
},
{
"db": "BID",
"id": "67370"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002486"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-251"
},
{
"db": "NVD",
"id": "CVE-2014-0526"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-68019"
},
{
"db": "VULMON",
"id": "CVE-2014-0526"
},
{
"db": "BID",
"id": "67370"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002486"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-251"
},
{
"db": "NVD",
"id": "CVE-2014-0526"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-05-14T00:00:00",
"db": "VULHUB",
"id": "VHN-68019"
},
{
"date": "2014-05-14T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0526"
},
{
"date": "2014-05-13T00:00:00",
"db": "BID",
"id": "67370"
},
{
"date": "2014-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002486"
},
{
"date": "2014-05-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-251"
},
{
"date": "2014-05-14T11:13:05.413000",
"db": "NVD",
"id": "CVE-2014-0526"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-05-14T00:00:00",
"db": "VULHUB",
"id": "VHN-68019"
},
{
"date": "2014-05-14T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0526"
},
{
"date": "2014-05-14T00:42:00",
"db": "BID",
"id": "67370"
},
{
"date": "2014-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002486"
},
{
"date": "2014-05-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-251"
},
{
"date": "2014-05-14T14:49:17.993000",
"db": "NVD",
"id": "CVE-2014-0526"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201405-251"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002486"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201405-251"
}
],
"trust": 0.6
}
}
var-201006-1247
Vulnerability from variot
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, access uninitialized memory, which allows attackers to execute arbitrary code via unspecified vectors. Adobe Flash contains a vulnerability in the handling of the ActionScript newfunction instruction, which can allow a remote, unauthenticated attacker to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple remote vulnerabilities. Attackers can exploit these issues to execute arbitrary code or cause denial-of-service conditions. Adobe Reader and Acrobat versions prior to and including 9.3.2 and 8.2.2 are affected. This BID is being retired. The following individual records exist to better document the issues: 41230 Adobe Acrobat and Reader CVE-2010-1295 Remote Memory Corruption Vulnerability 41231 Adobe Acrobat and Reader CoolType Typography Engine Remote Denial of Service Vulnerability 41232 Adobe Acrobat andReader CVE-2010-1285 Remote Code Execution Vulnerability 41234 Adobe Acrobat and Reader CVE-2010-2202 Remote Memory Corruption Vulnerability 41235 Adobe Acrobat and Reader CVE-2010-2203 Remote Memory Corruption Vulnerability 41236 Adobe Acrobat and Reader CVE-2010-2168 Remote Code Execution Vulnerability 41237 Adobe Acrobat and Reader CVE-2010-2201 Remote Code Execution Vulnerability 41238 Adobe Acrobat and Reader CVE-2010-2205 Remote Code Execution Vulnerability 41239 Adobe Acrobat and Reader CVE-2010-2207 Remote Memory Corruption Vulnerability 41240 Adobe Acrobat and Reader CVE-2010-2209 Remote Memory Corruption Vulnerability 41241 Adobe Acrobat and Reader CVE-2010-2206 Remote Code Execution Vulnerability 41242 Adobe Acrobat and Reader CVE-2010-2210 Remote Memory Corruption Vulnerability 41243 Adobe Acrobat and Reader CVE-2010-2211 Remote Memory Corruption Vulnerability 41244 Adobe Acrobat and Reader CVE-2010-2208 Remote Code Execution Vulnerability 41245 Adobe Acrobat and Reader CVE-2010-2212 Remote Memory Corruption Vulnerability. Adobe Reader's AcroForm.api has an uninitialized memory error when parsing JPEG graphics files. Users who are tricked into opening malformed PDF files may trigger out-of-bounds memory references, resulting in arbitrary code execution. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201009-05
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: September 07, 2010 Bugs: #297385, #306429, #313343, #322857 ID: 201009-05
Synopsis
Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code or other attacks. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.3.4"
References
[ 1 ] APSA10-01 http://www.adobe.com/support/security/advisories/apsa10-01.html [ 2 ] APSB10-02 http://www.adobe.com/support/security/bulletins/apsb10-02.html [ 3 ] APSB10-07 http://www.adobe.com/support/security/bulletins/apsb10-07.html [ 4 ] APSB10-09 http://www.adobe.com/support/security/bulletins/apsb10-09.html [ 5 ] APSB10-14 http://www.adobe.com/support/security/bulletins/apsb10-14.html [ 6 ] APSB10-16 http://www.adobe.com/support/security/bulletins/apsb10-16.html [ 7 ] CVE-2009-3953 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953 [ 8 ] CVE-2009-4324 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324 [ 9 ] CVE-2010-0186 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186 [ 10 ] CVE-2010-0188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188 [ 11 ] CVE-2010-0190 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190 [ 12 ] CVE-2010-0191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191 [ 13 ] CVE-2010-0192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192 [ 14 ] CVE-2010-0193 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193 [ 15 ] CVE-2010-0194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194 [ 16 ] CVE-2010-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195 [ 17 ] CVE-2010-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196 [ 18 ] CVE-2010-0197 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197 [ 19 ] CVE-2010-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198 [ 20 ] CVE-2010-0199 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199 [ 21 ] CVE-2010-0201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201 [ 22 ] CVE-2010-0202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202 [ 23 ] CVE-2010-0203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203 [ 24 ] CVE-2010-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204 [ 25 ] CVE-2010-1241 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241 [ 26 ] CVE-2010-1285 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285 [ 27 ] CVE-2010-1295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295 [ 28 ] CVE-2010-1297 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297 [ 29 ] CVE-2010-2168 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168 [ 30 ] CVE-2010-2201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201 [ 31 ] CVE-2010-2202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202 [ 32 ] CVE-2010-2203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203 [ 33 ] CVE-2010-2204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204 [ 34 ] CVE-2010-2205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205 [ 35 ] CVE-2010-2206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206 [ 36 ] CVE-2010-2207 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207 [ 37 ] CVE-2010-2208 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208 [ 38 ] CVE-2010-2209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209 [ 39 ] CVE-2010-2210 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210 [ 40 ] CVE-2010-2211 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211 [ 41 ] CVE-2010-2212 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201009-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. ----------------------------------------------------------------------
Secunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management
Free webinars
http://secunia.com/vulnerability_scanning/corporate/webinars/
TITLE: Adobe Flash Player Unspecified Code Execution Vulnerability
SECUNIA ADVISORY ID: SA40026
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/40026/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=40026
RELEASE DATE: 2010-06-05
DISCUSS ADVISORY: http://secunia.com/advisories/40026/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/40026/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=40026
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an unspecified error. No more information is currently available.
The vulnerability is reported in version 10.0.45.2 and prior 10.0.x and 9.0.x versions for Windows, Macintosh, Linux, and Solaris.
NOTE: The vulnerability is reportedly being actively exploited.
SOLUTION: Reportedly, the latest version 10.1 Release Candidate is not affected.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day.
ORIGINAL ADVISORY: Adobe: http://www.adobe.com/support/security/advisories/apsa10-01.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA10-159A
Adobe Flash, Reader, and Acrobat Vulnerability
Original release date: June 08, 2010 Last revised: -- Source: US-CERT
Systems Affected
* Adobe Flash Player 10.0.45.2 and earlier 10.x versions
* Adobe Flash Player 9.0.262 and earlier 9.x versions
* Adobe Reader 9.3.2 and earlier 9.x versions
* Adobe Acrobat 9.3.2 and earlier 9.x versions
Other Adobe products that support Flash may also be vulnerable. This
vulnerability affects Flash Player, Reader, Acrobat, and possibly other products that support Flash.
I. It may also affect other products that independently support Flash, such as Photoshop, Photoshop Lightroom, Freehand MX, and Fireworks.
An attacker could exploit this vulnerability by convincing a user to open specially crafted Flash content. Flash content is commonly hosted on a web page, but it can also be embedded in PDF and other documents or provided as a stand-alone file.
II.
III. Solution
Update
Adobe Security Advisory APSA10-01 suggests updating to the release candidate of Flash Player 10.1.
Disable Flash in your web browser
Uninstall Flash or restrict which sites are allowed to run Flash. To the extent possible, only run trusted Flash content on trusted domains. For more information, see Securing Your Web Browser.
Disable Flash in Adobe Reader and Acrobat
Disabling Flash in Adobe Reader will mitigate attacks that rely on Flash content embedded in a PDF file. Disabling 3D & Multimedia support does not directly address the vulnerability, but it does provide additional mitigation and results in a more user-friendly error message instead of a crash. To disable Flash and 3D & Multimedia support in Adobe Reader 9, delete, rename, or remove access to these files:
Microsoft Windows
"%ProgramFiles%\Adobe\Reader 9.0\Reader\authplay.dll"
"%ProgramFiles%\Adobe\Reader 9.0\Reader\rt3d.dll"
Apple Mac OS X
"/Applications/Adobe Reader 9/Adobe
Reader.app/Contents/Frameworks/AuthPlayLib.bundle"
"/Applications/Adobe Reader 9/Adobe
Reader.app/Contents/Frameworks/Adobe3D.framework"
GNU/Linux (locations may vary among distributions)
"/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so"
"/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so"
File locations may be different for Adobe Acrobat or other Adobe products that include Flash and 3D & Multimedia support. Disabling these plugins will reduce functionality and will not protect against Flash content hosted on websites. Depending on the update schedule for products other than Flash Player, consider leaving Flash and 3D & Multimedia support disabled unless they are absolutely required.
Prevent Internet Explorer from automatically opening PDF documents
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7]
"EditFlags"=hex:00,00,00,00
Disable the display of PDF documents in the web browser
Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF documents from automatically being opened in a web browser, do the following:
1.
2. Open the Edit menu.
3. Choose the Preferences option.
4. Choose the Internet section.
5. Uncheck the "Display PDF in browser" checkbox.
Disable JavaScript in Adobe Reader and Acrobat
Disabling JavaScript provides some additional protection against attacks. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Enable DEP in Microsoft Windows
Consider enabling Data Execution Prevention (DEP) in supported versions of Windows. DEP should not be treated as a complete workaround, but it can mitigate the execution of attacker-supplied code in some cases. Microsoft has published detailed technical information about DEP in Security Research & Defense blog posts "Understanding DEP as a mitigation technology" part 1 and part 2. Use of DEP should be considered in conjunction with the application of patches or other mitigations described in this document.
Do not access PDF documents from untrusted sources
Do not open unfamiliar or unexpected PDF documents, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. References
-
Security Advisory for Flash Player, Adobe Reader and Acrobat - http://www.adobe.com/support/security/advisories/apsa10-01.html
-
Adobe Labs - Flash Player 10 pre-release - http://labs.adobe.com/technologies/flashplayer10/
-
US-CERT Vulnerability Note VU#486225 - http://www.kb.cert.org/vuls/id/486225
-
Securing Your Web Browser - http://www.us-cert.gov/reading_room/securing_browser/
-
Understanding DEP as a mitigation technology part 1 - http://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx
-
Understanding DEP as a mitigation technology part 2 - http://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA10-159A.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA10-159A Feedback VU#486225" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
June 08, 2010: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBTA65yT6pPKYJORa3AQLS9wf/fh+7IwRtBvoPgn8pYeOsVheLkbVLWC3W miWUnY1acuPTwZzG5JcAldRHksFkx1j0mMEvp4PhtiTr51JFPi4XgDfrG4cEcVaw nuAqEV+hLAWZkMex/jWxBV+85tZqKN0kiUr3bq5DPsdkhjV7c2MFfS8BSxLXLuPm OFAXPT+XFldq6MJhYUOtWT1CIz6PNPfo68KmZaUThjdqkkBW3HQu90OSRf2c6M/u V6KBQf7QuhpPqYUqAZU6ZUNEfL/7g2BwvuPjUMlgE5N+Z8EYnhyhu0qDtZeLUcXA 2gH31VEr79DUHJqpb9jk61bi5Dm4gjHeLHoTAwu0IrduZzXvWncfIg== =ZPZM -----END PGP SIGNATURE----- .
SOLUTION: Delete, rename, or remove access to authplay.dll to prevent running SWF content in PDF files
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201006-1247",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.4.z (server)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "BID",
"id": "41238"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001711"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-483"
},
{
"db": "NVD",
"id": "CVE-2010-2205"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001711"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alin Rad Pop of Secunia Research",
"sources": [
{
"db": "BID",
"id": "41238"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-483"
}
],
"trust": 0.9
},
"cve": "CVE-2010-2205",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-2205",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CARNEGIE MELLON",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 9.0,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 7.0,
"exploitability": "PROOF-OF-CONCEPT",
"exploitabilityScore": 8.6,
"id": "VU#486225",
"impactScore": 9.5,
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "OFFICIAL FIX",
"reportConfidence": "CONFIRMED",
"severity": "HIGH",
"targetDistribution": "NOT DEFINED",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-44810",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-2205",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#486225",
"trust": 0.8,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2010-2205",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201006-483",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-44810",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44810"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001711"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-483"
},
{
"db": "NVD",
"id": "CVE-2010-2205"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, access uninitialized memory, which allows attackers to execute arbitrary code via unspecified vectors. Adobe Flash contains a vulnerability in the handling of the ActionScript newfunction instruction, which can allow a remote, unauthenticated attacker to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple remote vulnerabilities. \nAttackers can exploit these issues to execute arbitrary code or cause denial-of-service conditions. \nAdobe Reader and Acrobat versions prior to and including 9.3.2 and 8.2.2 are affected. \nThis BID is being retired. The following individual records exist to better document the issues:\n41230 Adobe Acrobat and Reader CVE-2010-1295 Remote Memory Corruption Vulnerability\n41231 Adobe Acrobat and Reader CoolType Typography Engine Remote Denial of Service Vulnerability\n41232 Adobe Acrobat andReader CVE-2010-1285 Remote Code Execution Vulnerability\n41234 Adobe Acrobat and Reader CVE-2010-2202 Remote Memory Corruption Vulnerability\n41235 Adobe Acrobat and Reader CVE-2010-2203 Remote Memory Corruption Vulnerability\n41236 Adobe Acrobat and Reader CVE-2010-2168 Remote Code Execution Vulnerability\n41237 Adobe Acrobat and Reader CVE-2010-2201 Remote Code Execution Vulnerability\n41238 Adobe Acrobat and Reader CVE-2010-2205 Remote Code Execution Vulnerability\n41239 Adobe Acrobat and Reader CVE-2010-2207 Remote Memory Corruption Vulnerability\n41240 Adobe Acrobat and Reader CVE-2010-2209 Remote Memory Corruption Vulnerability\n41241 Adobe Acrobat and Reader CVE-2010-2206 Remote Code Execution Vulnerability\n41242 Adobe Acrobat and Reader CVE-2010-2210 Remote Memory Corruption Vulnerability\n41243 Adobe Acrobat and Reader CVE-2010-2211 Remote Memory Corruption Vulnerability\n41244 Adobe Acrobat and Reader CVE-2010-2208 Remote Code Execution Vulnerability\n41245 Adobe Acrobat and Reader CVE-2010-2212 Remote Memory Corruption Vulnerability. Adobe Reader\u0027s AcroForm.api has an uninitialized memory error when parsing JPEG graphics files. Users who are tricked into opening malformed PDF files may trigger out-of-bounds memory references, resulting in arbitrary code execution. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201009-05\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: September 07, 2010\n Bugs: #297385, #306429, #313343, #322857\n ID: 201009-05\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might result in the execution\nof arbitrary code or other attacks. For further\ninformation please consult the CVE entries and the Adobe Security\nBulletins referenced below. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.3.4\"\n\nReferences\n==========\n\n [ 1 ] APSA10-01\n http://www.adobe.com/support/security/advisories/apsa10-01.html\n [ 2 ] APSB10-02\n http://www.adobe.com/support/security/bulletins/apsb10-02.html\n [ 3 ] APSB10-07\n http://www.adobe.com/support/security/bulletins/apsb10-07.html\n [ 4 ] APSB10-09\n http://www.adobe.com/support/security/bulletins/apsb10-09.html\n [ 5 ] APSB10-14\n http://www.adobe.com/support/security/bulletins/apsb10-14.html\n [ 6 ] APSB10-16\n http://www.adobe.com/support/security/bulletins/apsb10-16.html\n [ 7 ] CVE-2009-3953\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953\n [ 8 ] CVE-2009-4324\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324\n [ 9 ] CVE-2010-0186\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186\n [ 10 ] CVE-2010-0188\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188\n [ 11 ] CVE-2010-0190\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190\n [ 12 ] CVE-2010-0191\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191\n [ 13 ] CVE-2010-0192\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192\n [ 14 ] CVE-2010-0193\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193\n [ 15 ] CVE-2010-0194\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194\n [ 16 ] CVE-2010-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195\n [ 17 ] CVE-2010-0196\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196\n [ 18 ] CVE-2010-0197\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197\n [ 19 ] CVE-2010-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198\n [ 20 ] CVE-2010-0199\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199\n [ 21 ] CVE-2010-0201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201\n [ 22 ] CVE-2010-0202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202\n [ 23 ] CVE-2010-0203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203\n [ 24 ] CVE-2010-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204\n [ 25 ] CVE-2010-1241\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241\n [ 26 ] CVE-2010-1285\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285\n [ 27 ] CVE-2010-1295\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295\n [ 28 ] CVE-2010-1297\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297\n [ 29 ] CVE-2010-2168\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168\n [ 30 ] CVE-2010-2201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201\n [ 31 ] CVE-2010-2202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202\n [ 32 ] CVE-2010-2203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203\n [ 33 ] CVE-2010-2204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204\n [ 34 ] CVE-2010-2205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205\n [ 35 ] CVE-2010-2206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206\n [ 36 ] CVE-2010-2207\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207\n [ 37 ] CVE-2010-2208\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208\n [ 38 ] CVE-2010-2209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209\n [ 39 ] CVE-2010-2210\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210\n [ 40 ] CVE-2010-2211\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211\n [ 41 ] CVE-2010-2212\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201009-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. ----------------------------------------------------------------------\n\n\nSecunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management\n\nFree webinars\n\nhttp://secunia.com/vulnerability_scanning/corporate/webinars/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player Unspecified Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA40026\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/40026/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026\n\nRELEASE DATE:\n2010-06-05\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/40026/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/40026/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in Adobe Flash Player, which can be\nexploited by malicious people to compromise a user\u0027s system. \n\nThe vulnerability is caused due to an unspecified error. No more\ninformation is currently available. \n\nThe vulnerability is reported in version 10.0.45.2 and prior 10.0.x\nand 9.0.x versions for Windows, Macintosh, Linux, and Solaris. \n\nNOTE: The vulnerability is reportedly being actively exploited. \n\nSOLUTION:\nReportedly, the latest version 10.1 Release Candidate is not\naffected. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\nReported as a 0-day. \n\nORIGINAL ADVISORY:\nAdobe:\nhttp://www.adobe.com/support/security/advisories/apsa10-01.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n National Cyber Alert System\n\n Technical Cyber Security Alert TA10-159A\n\n\nAdobe Flash, Reader, and Acrobat Vulnerability\n\n Original release date: June 08, 2010\n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n * Adobe Flash Player 10.0.45.2 and earlier 10.x versions\n * Adobe Flash Player 9.0.262 and earlier 9.x versions\n * Adobe Reader 9.3.2 and earlier 9.x versions\n * Adobe Acrobat 9.3.2 and earlier 9.x versions\n\n Other Adobe products that support Flash may also be vulnerable. This\n vulnerability affects Flash Player, Reader, Acrobat, and possibly\n other products that support Flash. \n\n\nI. It may\n also affect other products that independently support Flash, such\n as Photoshop, Photoshop Lightroom, Freehand MX, and Fireworks. \n\n An attacker could exploit this vulnerability by convincing a user\n to open specially crafted Flash content. Flash content is commonly\n hosted on a web page, but it can also be embedded in PDF and other\n documents or provided as a stand-alone file. \n\n\nII. \n\n\nIII. Solution\n\n Update\n\n Adobe Security Advisory APSA10-01 suggests updating to the release\n candidate of Flash Player 10.1. \n\n Disable Flash in your web browser\n\n Uninstall Flash or restrict which sites are allowed to run Flash. \n To the extent possible, only run trusted Flash content on trusted\n domains. For more information, see Securing Your Web Browser. \n\n Disable Flash in Adobe Reader and Acrobat\n\n Disabling Flash in Adobe Reader will mitigate attacks that rely on\n Flash content embedded in a PDF file. Disabling 3D \u0026 Multimedia\n support does not directly address the vulnerability, but it does\n provide additional mitigation and results in a more user-friendly\n error message instead of a crash. To disable Flash and 3D \u0026\n Multimedia support in Adobe Reader 9, delete, rename, or remove\n access to these files:\n\n Microsoft Windows\n\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\authplay.dll\"\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\rt3d.dll\"\n\n Apple Mac OS X\n\n \"/Applications/Adobe Reader 9/Adobe\n Reader.app/Contents/Frameworks/AuthPlayLib.bundle\"\n \"/Applications/Adobe Reader 9/Adobe\n Reader.app/Contents/Frameworks/Adobe3D.framework\"\n\n\n GNU/Linux (locations may vary among distributions)\n\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so\"\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so\"\n\n File locations may be different for Adobe Acrobat or other Adobe\n products that include Flash and 3D \u0026 Multimedia support. Disabling\n these plugins will reduce functionality and will not protect\n against Flash content hosted on websites. Depending on the update\n schedule for products other than Flash Player, consider leaving\n Flash and 3D \u0026 Multimedia support disabled unless they are\n absolutely required. \n\n Prevent Internet Explorer from automatically opening PDF documents\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF documents in the web browser\n\n Preventing PDF documents from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF documents from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. \n\n Disable JavaScript in Adobe Reader and Acrobat\n\n Disabling JavaScript provides some additional protection against\n attacks. Acrobat JavaScript can be disabled using the Preferences\n menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable Acrobat\n JavaScript). \n\n Enable DEP in Microsoft Windows\n\n Consider enabling Data Execution Prevention (DEP) in supported\n versions of Windows. DEP should not be treated as a complete\n workaround, but it can mitigate the execution of attacker-supplied\n code in some cases. Microsoft has published detailed technical\n information about DEP in Security Research \u0026 Defense blog posts\n \"Understanding DEP as a mitigation technology\" part 1 and part 2. \n Use of DEP should be considered in conjunction with the application\n of patches or other mitigations described in this document. \n\n Do not access PDF documents from untrusted sources\n\n Do not open unfamiliar or unexpected PDF documents, particularly\n those hosted on websites or delivered as email attachments. Please\n see Cyber Security Tip ST04-010. \n\n\nIV. References\n\n * Security Advisory for Flash Player, Adobe Reader and Acrobat -\n \u003chttp://www.adobe.com/support/security/advisories/apsa10-01.html\u003e\n\n * Adobe Labs - Flash Player 10 pre-release -\n \u003chttp://labs.adobe.com/technologies/flashplayer10/\u003e\n\n * US-CERT Vulnerability Note VU#486225 -\n \u003chttp://www.kb.cert.org/vuls/id/486225\u003e\n\n * Securing Your Web Browser -\n \u003chttp://www.us-cert.gov/reading_room/securing_browser/\u003e\n\n * Understanding DEP as a mitigation technology part 1 -\n \u003chttp://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx\u003e\n\n * Understanding DEP as a mitigation technology part 2 -\n \u003chttp://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx\u003e\n\n ____________________________________________________________________\n\n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA10-159A.html\u003e\n ____________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-159A Feedback VU#486225\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n June 08, 2010: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBTA65yT6pPKYJORa3AQLS9wf/fh+7IwRtBvoPgn8pYeOsVheLkbVLWC3W\nmiWUnY1acuPTwZzG5JcAldRHksFkx1j0mMEvp4PhtiTr51JFPi4XgDfrG4cEcVaw\nnuAqEV+hLAWZkMex/jWxBV+85tZqKN0kiUr3bq5DPsdkhjV7c2MFfS8BSxLXLuPm\nOFAXPT+XFldq6MJhYUOtWT1CIz6PNPfo68KmZaUThjdqkkBW3HQu90OSRf2c6M/u\nV6KBQf7QuhpPqYUqAZU6ZUNEfL/7g2BwvuPjUMlgE5N+Z8EYnhyhu0qDtZeLUcXA\n2gH31VEr79DUHJqpb9jk61bi5Dm4gjHeLHoTAwu0IrduZzXvWncfIg==\n=ZPZM\n-----END PGP SIGNATURE-----\n. \n\nSOLUTION:\nDelete, rename, or remove access to authplay.dll to prevent running\nSWF content in PDF files",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-2205"
},
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001711"
},
{
"db": "BID",
"id": "41238"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "VULHUB",
"id": "VHN-44810"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "90321"
}
],
"trust": 3.33
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.kb.cert.org/vuls/id/486225",
"trust": 0.8,
"type": "poc"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-2205",
"trust": 2.9
},
{
"db": "VUPEN",
"id": "ADV-2010-1636",
"trust": 1.9
},
{
"db": "BID",
"id": "41238",
"trust": 1.2
},
{
"db": "SECTRACK",
"id": "1024159",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "40026",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#486225",
"trust": 0.9
},
{
"db": "USCERT",
"id": "TA10-159A",
"trust": 0.9
},
{
"db": "USCERT",
"id": "SA10-162A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "TA10-162A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA10-159A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001711",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201006-483",
"trust": 0.7
},
{
"db": "BID",
"id": "41130",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-44810",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "93607",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90322",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90516",
"trust": 0.1
},
{
"db": "SECUNIA",
"id": "40034",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90321",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44810"
},
{
"db": "BID",
"id": "41238"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001711"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "90321"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-483"
},
{
"db": "NVD",
"id": "CVE-2010-2205"
}
]
},
"id": "VAR-201006-1247",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-44810"
}
],
"trust": 0.01
},
"last_update_date": "2024-09-09T22:08:12.286000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-15",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"
},
{
"title": "APSB10-15",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-15.html"
},
{
"title": "RHSA-2010:0503",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0503.html"
},
{
"title": "TA10-159A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-159a.html"
},
{
"title": "TA10-162A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-162a.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001711"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.9
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44810"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001711"
},
{
"db": "NVD",
"id": "CVE-2010-2205"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"
},
{
"trust": 1.9,
"url": "http://www.vupen.com/english/advisories/2010/1636"
},
{
"trust": 1.8,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7070"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1024159"
},
{
"trust": 0.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2205"
},
{
"trust": 0.8,
"url": "http://www.adobe.com/devnet/actionscript/articles/avm2overview.pdf"
},
{
"trust": 0.8,
"url": "http://labs.adobe.com/technologies/flashplayer10/"
},
{
"trust": 0.8,
"url": "http://blog.zynamics.com/2010/06/09/analyzing-the-currently-exploited-0-day-for-adobe-reader-and-adobe-flash/"
},
{
"trust": 0.8,
"url": "http://www.symantec.com/connect/blogs/analysis-zero-day-exploit-adobe-flash-and-reader"
},
{
"trust": 0.8,
"url": "http://community.websense.com/blogs/securitylabs/archive/2010/06/09/having-fun-with-adobe-0-day-exploits.aspx"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/40026"
},
{
"trust": 0.8,
"url": "http://www.f-secure.com/weblog/archives/00001962.html"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20100611-adobe.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100015.txt"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100017.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-159a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-162a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-16"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2205"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/41238"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-159a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-162a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-159a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-162a.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://secunia.com/secunia_research/2010-74/"
},
{
"trust": 0.3,
"url": "/archive/1/512093"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/webinars/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2203"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2209"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0188"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0199"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201009-05.xml"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2211"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1285"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0199"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0190"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2210"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0188"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0198"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-07.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1297"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1241"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1295"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2208"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0190"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0198"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2207"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2168"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2201"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-16.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0186"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2212"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40026/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40026/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/486225\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-159a.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx\u003e"
},
{
"trust": 0.1,
"url": "http://labs.adobe.com/technologies/flashplayer10/\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/reading_room/securing_browser/\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx\u003e"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40034/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40034"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40034/#comments"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44810"
},
{
"db": "BID",
"id": "41238"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001711"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "90321"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-483"
},
{
"db": "NVD",
"id": "CVE-2010-2205"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44810"
},
{
"db": "BID",
"id": "41238"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001711"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "90321"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-483"
},
{
"db": "NVD",
"id": "CVE-2010-2205"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-06-07T00:00:00",
"db": "CERT/CC",
"id": "VU#486225"
},
{
"date": "2010-06-30T00:00:00",
"db": "VULHUB",
"id": "VHN-44810"
},
{
"date": "2010-06-29T00:00:00",
"db": "BID",
"id": "41238"
},
{
"date": "2010-06-24T00:00:00",
"db": "BID",
"id": "41130"
},
{
"date": "2010-07-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001711"
},
{
"date": "2010-09-08T05:23:46",
"db": "PACKETSTORM",
"id": "93607"
},
{
"date": "2010-06-07T11:14:28",
"db": "PACKETSTORM",
"id": "90322"
},
{
"date": "2010-06-12T04:47:27",
"db": "PACKETSTORM",
"id": "90516"
},
{
"date": "2010-06-07T11:14:25",
"db": "PACKETSTORM",
"id": "90321"
},
{
"date": "2010-06-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-483"
},
{
"date": "2010-06-30T18:30:01.647000",
"db": "NVD",
"id": "CVE-2010-2205"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-03-28T00:00:00",
"db": "CERT/CC",
"id": "VU#486225"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-44810"
},
{
"date": "2015-03-19T09:03:00",
"db": "BID",
"id": "41238"
},
{
"date": "2010-06-29T22:08:00",
"db": "BID",
"id": "41130"
},
{
"date": "2010-07-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001711"
},
{
"date": "2010-07-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-483"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2010-2205"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-483"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash ActionScript AVM2 newfunction vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201006-483"
}
],
"trust": 0.6
}
}
var-201004-0122
Vulnerability from variot
Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0194, CVE-2010-0197, and CVE-2010-0201. Adobe Reader and Acrobat There is a service disruption (DoS) A vulnerability exists that could lead to a condition or arbitrary code execution. This vulnerability CVE-2010-0194 , CVE-2010-0197 and CVE-2010-0201 Is a different vulnerability.Denial of service by attacker (DoS) Could be put into a state or execute arbitrary code. Adobe released an advisory addressing multiple issues in Reader and Acrobat. Attackers can exploit these issues to steal cookie-based authentication credentials, cause a denial-of-service, or execute arbitrary code in the context of the user running an affected application.
I. These vulnerabilities affect Reader and Acrobat 9.3.1 and earlier 9.x versions, and 8.2.1 and earlier versions.
An attacker could exploit these vulnerabilities by convincing a user to open a specially crafted PDF file. The Adobe Reader browser plug-in is available for multiple web browsers and operating systems, which can automatically open PDF documents hosted on a website.
II.
III. For a fresh installation, first install Adobe Reader 9.3.0 or 8.2.0 and then use the automatic update feature or install the appropriate update referenced in APSB10-09. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Adobe provides a framework to blacklist specific JavaScipt APIs. If JavaScript must be enabled, this feature may be useful when specific APIs are known to be vulnerable or used in attacks.
Prevent Internet Explorer from automatically opening PDF documents
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7] "EditFlags"=hex:00,00,00,00
Disable the display of PDF documents in the web browser
Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF documents from automatically being opened in a web browser, do the following:
- Open the Edit menu.
- Choose the Preferences option.
- Choose the Internet section.
- Uncheck the "Display PDF in browser" checkbox.
Do not access PDF documents from untrusted sources
Do not open unfamiliar or unexpected PDF documents, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. Please send email to cert@cert.org with "TA10-103C Feedback VU#352598" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
April 13, 2010: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBS8TuRj6pPKYJORa3AQJfzggAj8p3s/TrJT16ceFtRzLR31QBgRq6GxYr h8WnsGlj2WR71XjH219XaWx9Mj3KBWVxbAsNPmK0tEir7KA+n4DwZCewTDYRqfYs 8N7G9MOI68Z87+7zBiZAo0j5/lQuxLWyTF9PqWbX8gCWLqJWW46cEZCqg7OGRbYt w8coxdMXU6tM3WGoWAIKwLRtpQUdubcITPTrE7RATyLJ1422B9dkTSeSCuHHZs5d eXSPYzTQ1EOwHpuA5/a/or2SjeRPLQcpxb/8WKelSqwW3hpK4zviEnPt4cYyeNqW BQY06OQMTKch/nmniuEDuiwe69m0gTw7Tw2Dm6xrg6BLBy3A6GAwkQ== =CQ6i -----END PGP SIGNATURE----- . For further information please consult the CVE entries and the Adobe Security Bulletins referenced below.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.3.4"
References
[ 1 ] APSA10-01 http://www.adobe.com/support/security/advisories/apsa10-01.html [ 2 ] APSB10-02 http://www.adobe.com/support/security/bulletins/apsb10-02.html [ 3 ] APSB10-07 http://www.adobe.com/support/security/bulletins/apsb10-07.html [ 4 ] APSB10-09 http://www.adobe.com/support/security/bulletins/apsb10-09.html [ 5 ] APSB10-14 http://www.adobe.com/support/security/bulletins/apsb10-14.html [ 6 ] APSB10-16 http://www.adobe.com/support/security/bulletins/apsb10-16.html [ 7 ] CVE-2009-3953 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953 [ 8 ] CVE-2009-4324 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324 [ 9 ] CVE-2010-0186 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186 [ 10 ] CVE-2010-0188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188 [ 11 ] CVE-2010-0190 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190 [ 12 ] CVE-2010-0191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191 [ 13 ] CVE-2010-0192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192 [ 14 ] CVE-2010-0193 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193 [ 15 ] CVE-2010-0194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194 [ 16 ] CVE-2010-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195 [ 17 ] CVE-2010-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196 [ 18 ] CVE-2010-0197 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197 [ 19 ] CVE-2010-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198 [ 20 ] CVE-2010-0199 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199 [ 21 ] CVE-2010-0201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201 [ 22 ] CVE-2010-0202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202 [ 23 ] CVE-2010-0203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203 [ 24 ] CVE-2010-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204 [ 25 ] CVE-2010-1241 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241 [ 26 ] CVE-2010-1285 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285 [ 27 ] CVE-2010-1295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295 [ 28 ] CVE-2010-1297 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297 [ 29 ] CVE-2010-2168 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168 [ 30 ] CVE-2010-2201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201 [ 31 ] CVE-2010-2202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202 [ 32 ] CVE-2010-2203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203 [ 33 ] CVE-2010-2204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204 [ 34 ] CVE-2010-2205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205 [ 35 ] CVE-2010-2206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206 [ 36 ] CVE-2010-2207 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207 [ 37 ] CVE-2010-2208 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208 [ 38 ] CVE-2010-2209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209 [ 39 ] CVE-2010-2210 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210 [ 40 ] CVE-2010-2211 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211 [ 41 ] CVE-2010-2212 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201009-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201004-0122",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.4.z (server)"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "39522"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001359"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-257"
},
{
"db": "NVD",
"id": "CVE-2010-0204"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001359"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Billy Rios and Microsoft Vulnerability Research (MSVR), Aki Helin of Oulu University Secure Programming Group, Microsoft Vulnerability Research Program (MSVR), Bing Liu of Fortinet\u0027s FortiGuard Labs, an anonymous researcher reported through TippingPoint\u0026a",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-257"
}
],
"trust": 0.6
},
"cve": "CVE-2010-0204",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-0204",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-42809",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-0204",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2010-0204",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201004-257",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-42809",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42809"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001359"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-257"
},
{
"db": "NVD",
"id": "CVE-2010-0204"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0194, CVE-2010-0197, and CVE-2010-0201. Adobe Reader and Acrobat There is a service disruption (DoS) A vulnerability exists that could lead to a condition or arbitrary code execution. This vulnerability CVE-2010-0194 , CVE-2010-0197 and CVE-2010-0201 Is a different vulnerability.Denial of service by attacker (DoS) Could be put into a state or execute arbitrary code. Adobe released an advisory addressing multiple issues in Reader and Acrobat. \nAttackers can exploit these issues to steal cookie-based authentication credentials, cause a denial-of-service, or execute arbitrary code in the context of the user running an affected application. \n\n\nI. These\n vulnerabilities affect Reader and Acrobat 9.3.1 and earlier 9.x\n versions, and 8.2.1 and earlier versions. \n\n An attacker could exploit these vulnerabilities by convincing a\n user to open a specially crafted PDF file. The Adobe Reader browser\n plug-in is available for multiple web browsers and operating\n systems, which can automatically open PDF documents hosted on a\n website. \n\n\nII. \n\n\nIII. For a fresh installation, first install\n Adobe Reader 9.3.0 or 8.2.0 and then use the automatic update\n feature or install the appropriate update referenced in APSB10-09. Acrobat JavaScript can be disabled using the\n Preferences menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable\n Acrobat JavaScript). \n\n Adobe provides a framework to blacklist specific JavaScipt APIs. If\n JavaScript must be enabled, this feature may be useful when\n specific APIs are known to be vulnerable or used in attacks. \n\n Prevent Internet Explorer from automatically opening PDF documents\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF documents in the web browser\n\n Preventing PDF documents from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF documents from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. \n\n Do not access PDF documents from untrusted sources\n\n Do not open unfamiliar or unexpected PDF documents, particularly\n those hosted on websites or delivered as email attachments. Please\n see Cyber Security Tip ST04-010. \n\n\nIV. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-103C Feedback VU#352598\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n April 13, 2010: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBS8TuRj6pPKYJORa3AQJfzggAj8p3s/TrJT16ceFtRzLR31QBgRq6GxYr\nh8WnsGlj2WR71XjH219XaWx9Mj3KBWVxbAsNPmK0tEir7KA+n4DwZCewTDYRqfYs\n8N7G9MOI68Z87+7zBiZAo0j5/lQuxLWyTF9PqWbX8gCWLqJWW46cEZCqg7OGRbYt\nw8coxdMXU6tM3WGoWAIKwLRtpQUdubcITPTrE7RATyLJ1422B9dkTSeSCuHHZs5d\neXSPYzTQ1EOwHpuA5/a/or2SjeRPLQcpxb/8WKelSqwW3hpK4zviEnPt4cYyeNqW\nBQY06OQMTKch/nmniuEDuiwe69m0gTw7Tw2Dm6xrg6BLBy3A6GAwkQ==\n=CQ6i\n-----END PGP SIGNATURE-----\n. For further\ninformation please consult the CVE entries and the Adobe Security\nBulletins referenced below. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.3.4\"\n\nReferences\n==========\n\n [ 1 ] APSA10-01\n http://www.adobe.com/support/security/advisories/apsa10-01.html\n [ 2 ] APSB10-02\n http://www.adobe.com/support/security/bulletins/apsb10-02.html\n [ 3 ] APSB10-07\n http://www.adobe.com/support/security/bulletins/apsb10-07.html\n [ 4 ] APSB10-09\n http://www.adobe.com/support/security/bulletins/apsb10-09.html\n [ 5 ] APSB10-14\n http://www.adobe.com/support/security/bulletins/apsb10-14.html\n [ 6 ] APSB10-16\n http://www.adobe.com/support/security/bulletins/apsb10-16.html\n [ 7 ] CVE-2009-3953\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953\n [ 8 ] CVE-2009-4324\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324\n [ 9 ] CVE-2010-0186\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186\n [ 10 ] CVE-2010-0188\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188\n [ 11 ] CVE-2010-0190\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190\n [ 12 ] CVE-2010-0191\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191\n [ 13 ] CVE-2010-0192\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192\n [ 14 ] CVE-2010-0193\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193\n [ 15 ] CVE-2010-0194\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194\n [ 16 ] CVE-2010-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195\n [ 17 ] CVE-2010-0196\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196\n [ 18 ] CVE-2010-0197\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197\n [ 19 ] CVE-2010-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198\n [ 20 ] CVE-2010-0199\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199\n [ 21 ] CVE-2010-0201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201\n [ 22 ] CVE-2010-0202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202\n [ 23 ] CVE-2010-0203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203\n [ 24 ] CVE-2010-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204\n [ 25 ] CVE-2010-1241\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241\n [ 26 ] CVE-2010-1285\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285\n [ 27 ] CVE-2010-1295\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295\n [ 28 ] CVE-2010-1297\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297\n [ 29 ] CVE-2010-2168\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168\n [ 30 ] CVE-2010-2201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201\n [ 31 ] CVE-2010-2202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202\n [ 32 ] CVE-2010-2203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203\n [ 33 ] CVE-2010-2204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204\n [ 34 ] CVE-2010-2205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205\n [ 35 ] CVE-2010-2206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206\n [ 36 ] CVE-2010-2207\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207\n [ 37 ] CVE-2010-2208\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208\n [ 38 ] CVE-2010-2209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209\n [ 39 ] CVE-2010-2210\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210\n [ 40 ] CVE-2010-2211\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211\n [ 41 ] CVE-2010-2212\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201009-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-0204"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001359"
},
{
"db": "BID",
"id": "39522"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "VULHUB",
"id": "VHN-42809"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-0204",
"trust": 2.9
},
{
"db": "USCERT",
"id": "TA10-103C",
"trust": 2.6
},
{
"db": "VUPEN",
"id": "ADV-2010-0873",
"trust": 2.5
},
{
"db": "BID",
"id": "39522",
"trust": 2.2
},
{
"db": "BID",
"id": "39329",
"trust": 2.0
},
{
"db": "XF",
"id": "57711",
"trust": 1.4
},
{
"db": "USCERT",
"id": "SA10-103C",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001359",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201004-257",
"trust": 0.7
},
{
"db": "CERT/CC",
"id": "TA10-103C",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-42809",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88345",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "93607",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42809"
},
{
"db": "BID",
"id": "39522"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001359"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-257"
},
{
"db": "NVD",
"id": "CVE-2010-0204"
}
]
},
"id": "VAR-201004-0122",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-42809"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:05:04.432000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-09",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"title": "APSB10-09",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-09.html"
},
{
"title": "RHSA-2010:0349",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0349.html"
},
{
"title": "TA10-103C",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-103c.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001359"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42809"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001359"
},
{
"db": "NVD",
"id": "CVE-2010-0204"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-103c.html"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2010/0873"
},
{
"trust": 2.4,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/39522"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/39329"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/57711"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7387"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57711"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0204"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100009.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-103c/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-13/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0204"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-103c.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/index.html#topics"
},
{
"trust": 0.6,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-103c.html\u003e"
},
{
"trust": 0.1,
"url": "http://kb2.adobe.com/cps/504/cpsid_50431.html\u003e"
},
{
"trust": 0.1,
"url": "http://blogs.adobe.com/adobereader/2010/04/upcoming_adobe_reader_and_acro.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2203"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2209"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0188"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0199"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201009-05.xml"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2205"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2211"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1285"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0199"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0190"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0202"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2210"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0188"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0198"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-07.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1297"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1241"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1295"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2208"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0190"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0198"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2207"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2168"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2201"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-16.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0186"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2212"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42809"
},
{
"db": "BID",
"id": "39522"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001359"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-257"
},
{
"db": "NVD",
"id": "CVE-2010-0204"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-42809"
},
{
"db": "BID",
"id": "39522"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001359"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-257"
},
{
"db": "NVD",
"id": "CVE-2010-0204"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-14T00:00:00",
"db": "VULHUB",
"id": "VHN-42809"
},
{
"date": "2010-04-13T00:00:00",
"db": "BID",
"id": "39522"
},
{
"date": "2010-04-08T00:00:00",
"db": "BID",
"id": "39329"
},
{
"date": "2010-04-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001359"
},
{
"date": "2010-04-14T07:04:22",
"db": "PACKETSTORM",
"id": "88345"
},
{
"date": "2010-09-08T05:23:46",
"db": "PACKETSTORM",
"id": "93607"
},
{
"date": "2010-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-257"
},
{
"date": "2010-04-14T16:00:01.367000",
"db": "NVD",
"id": "CVE-2010-0204"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-42809"
},
{
"date": "2010-09-07T21:12:00",
"db": "BID",
"id": "39522"
},
{
"date": "2010-04-16T15:53:00",
"db": "BID",
"id": "39329"
},
{
"date": "2010-04-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001359"
},
{
"date": "2010-04-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-257"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2010-0204"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "39522"
},
{
"db": "BID",
"id": "39329"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001359"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "39522"
},
{
"db": "BID",
"id": "39329"
}
],
"trust": 0.6
}
}
var-201505-0415
Vulnerability from variot
Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unknown vectors. Adobe Reader and Acrobat are prone to a remote buffer-overflow vulnerability. Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts likely result in denial-of-service conditions. The affected products are: Adobe Reader 11.x versions prior to 11.0.11 Adobe Reader 10.x versions prior to 10.1.14 Adobe Acrobat 11.x versions prior to 11.0.11 Adobe Acrobat 10.x versions prior to 10.1.14. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201505-0415",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
}
],
"sources": [
{
"db": "BID",
"id": "74603"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002626"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-161"
},
{
"db": "NVD",
"id": "CVE-2015-3048"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002626"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Xiaoning Li of Intel Labs and Haifei Li of McAfee Labs IPS Team.",
"sources": [
{
"db": "BID",
"id": "74603"
}
],
"trust": 0.3
},
"cve": "CVE-2015-3048",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3048",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-81009",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3048",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-3048",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-161",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-81009",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81009"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002626"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-161"
},
{
"db": "NVD",
"id": "CVE-2015-3048"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unknown vectors. Adobe Reader and Acrobat are prone to a remote buffer-overflow vulnerability. \nAttackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts likely result in denial-of-service conditions. \nThe affected products are:\nAdobe Reader 11.x versions prior to 11.0.11\nAdobe Reader 10.x versions prior to 10.1.14\nAdobe Acrobat 11.x versions prior to 11.0.11\nAdobe Acrobat 10.x versions prior to 10.1.14. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3048"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002626"
},
{
"db": "BID",
"id": "74603"
},
{
"db": "VULHUB",
"id": "VHN-81009"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3048",
"trust": 2.8
},
{
"db": "BID",
"id": "74603",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1032284",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002626",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201505-161",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-81009",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81009"
},
{
"db": "BID",
"id": "74603"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002626"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-161"
},
{
"db": "NVD",
"id": "CVE-2015-3048"
}
]
},
"id": "VAR-201505-0415",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81009"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:34:06.996000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb15-10.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150514.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002626"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81009"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002626"
},
{
"db": "NVD",
"id": "CVE-2015-3048"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/74603"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032284"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3048"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150513-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3048"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=16279"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/reader/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81009"
},
{
"db": "BID",
"id": "74603"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002626"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-161"
},
{
"db": "NVD",
"id": "CVE-2015-3048"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-81009"
},
{
"db": "BID",
"id": "74603"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002626"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-161"
},
{
"db": "NVD",
"id": "CVE-2015-3048"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-81009"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74603"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002626"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-161"
},
{
"date": "2015-05-13T10:59:44.980000",
"db": "NVD",
"id": "CVE-2015-3048"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-05T00:00:00",
"db": "VULHUB",
"id": "VHN-81009"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74603"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002626"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-161"
},
{
"date": "2017-01-05T20:09:36.993000",
"db": "NVD",
"id": "CVE-2015-3048"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-161"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002626"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-161"
}
],
"trust": 0.6
}
}
var-201204-0111
Vulnerability from variot
The JavaScript API in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 on Mac OS X and Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. Adobe Flash contains a vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Adobe Flash Player, Reader, Acrobat, and other products that include Flash support are affected. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: acroread security update Advisory ID: RHSA-2012:0469-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-0469.html Issue date: 2012-04-10 CVE Names: CVE-2012-0774 CVE-2012-0775 CVE-2012-0777 =====================================================================
- Summary:
Updated acroread packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
Adobe Reader allows users to view and print documents in Portable Document Format (PDF). These flaws are detailed on the Adobe security page APSB12-08, listed in the References section. Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
810397 - CVE-2012-0774 CVE-2012-0775 CVE-2012-0777 acroread: multiple unspecified flaws (APSB12-08)
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: acroread-9.5.1-1.el5.i386.rpm acroread-plugin-9.5.1-1.el5.i386.rpm
x86_64: acroread-9.5.1-1.el5.i386.rpm acroread-plugin-9.5.1-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: acroread-9.5.1-1.el5.i386.rpm acroread-plugin-9.5.1-1.el5.i386.rpm
x86_64: acroread-9.5.1-1.el5.i386.rpm acroread-plugin-9.5.1-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: acroread-9.5.1-1.el6_2.i686.rpm acroread-plugin-9.5.1-1.el6_2.i686.rpm
x86_64: acroread-9.5.1-1.el6_2.i686.rpm acroread-plugin-9.5.1-1.el6_2.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: acroread-9.5.1-1.el6_2.i686.rpm acroread-plugin-9.5.1-1.el6_2.i686.rpm
x86_64: acroread-9.5.1-1.el6_2.i686.rpm acroread-plugin-9.5.1-1.el6_2.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: acroread-9.5.1-1.el6_2.i686.rpm acroread-plugin-9.5.1-1.el6_2.i686.rpm
x86_64: acroread-9.5.1-1.el6_2.i686.rpm acroread-plugin-9.5.1-1.el6_2.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2012-0774.html https://www.redhat.com/security/data/cve/CVE-2012-0775.html https://www.redhat.com/security/data/cve/CVE-2012-0777.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb12-08.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch
TITLE: Red Hat update for acroread
SECUNIA ADVISORY ID: SA48756
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/48756/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=48756
RELEASE DATE: 2012-04-11
DISCUSS ADVISORY: http://secunia.com/advisories/48756/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/48756/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=48756
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Red Hat has issued an update for acroread. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Awareness System
Technical Cyber Security Alert TA12-101B
Adobe Reader and Acrobat Security Updates and Architectural Improvements
Original release date: April 10, 2012 Last revised: -- Source: US-CERT
Systems Affected
- Adobe Reader X (10.1.2) and earlier 10.x versions for Windows and Macintosh
- Adobe Reader 9.5 and earlier 9.x versions for Windows, Macintosh, and UNIX
- Adobe Acrobat X (10.1.2) and earlier 10.x versions for Windows and Macintosh
- Adobe Acrobat 9.5 and earlier 9.x versions for Windows and Macintosh
Overview
Adobe has released Security Bulletin APSB12-08, which describes multiple vulnerabilities affecting Adobe Reader and Acrobat. In addition, Reader and Acrobat now disable the rendering of 3D content by default. These vulnerabilities affect Adobe Reader and Acrobat versions 9.x through 9.5, and Reader X and Acrobat X versions prior to 10.1.3.
The Adobe ASSET blog provides additional details on new security architecture changes to Adobe Reader and Acrobat. This change helps limit the number of out-of-date, vulnerable Flash runtimes available to an attacker. Adobe Reader and Acrobat 9.5.1 also now disable rendering of 3D content by default because the 3D rendering components have a history of vulnerabilities.
An attacker could exploit these vulnerabilities by convincing a user to open a specially crafted PDF file. This can happen automatically as the result of viewing a webpage.
Solution
Update Reader
Adobe has released updates to address this issue. Users are encouraged to read Adobe Security Bulletin APSB12-08 and update vulnerable versions of Adobe Reader and Acrobat.
In addition to updating, please consider the following mitigations.
Disable JavaScript in Adobe Reader and Acrobat
Disabling JavaScript may prevent some exploits from resulting in code execution. You can disable Acrobat JavaScript using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Adobe provides a framework to blacklist specific JavaScipt APIs. If JavaScript must be enabled, this framework may be useful when specific APIs are known to be vulnerable or used in attacks.
Prevent Internet Explorer from automatically opening PDF files
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7] "EditFlags"=hex:00,00,00,00
Disable the display of PDF files in the web browser
Preventing PDF files from opening inside a web browser will partially mitigate this vulnerability. Applying this workaround may also mitigate future vulnerabilities.
To prevent PDF files from automatically being opened in a web browser, do the following:
- Open the Edit menu.
- Choose the Preferences option.
- Choose the Internet section.
- Uncheck the "Display PDF in browser" checkbox.
Do not access PDF files from untrusted sources
Do not open unfamiliar or unexpected PDF files, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010. Please send email to cert@cert.org with "TA12-101B Feedback VU#124663" in the subject.
Produced by US-CERT, a government organization.
This product is provided subject to the Notification as indicated here: http://www.us-cert.gov/legal.html#notify
This document can also be found at http://www.us-cert.gov/cas/techalerts/TA12-101B.html
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBT4St0z/GkGVXE7GMAQK56gf+N4gfsTH8ssv6GzNqliZtpkgx5MI/Vo71 bx/DERpK2AtQaNk3genyZ1vShMjfKUk7GmVQCeDvcTxhc+yNSSi3hSGyX7FQbl9E 6p9mMLRD9OwJ63xq3fGmydNsgQnUTsjjRxkxC1DdojtlJL3HRsYYBXxguKQaPI1p UiPoMDu5W7LJ/9f+zrMbc4Hf15366YY7XGMmFL68OpwbxOT3aRrfLC/v6FErqHli UUg79tEm8FpemBrIzusqePviNYkci2M3K5fByp9opGrttPhTZAL8ddYJKfCSm+Xg lFs5dAwD0SCI3SQxG5B8RhGgLLCz87O+ifE1Q2UjFAvB6XWQifYDwA== =5dGp -----END PGP SIGNATURE----- . The Adobe Flash browser plugin is available for multiple web browsers and operating systems, any of which could be affected.
This vulnerability is being actively exploited.
II.
III. Solution
These vulnerabilities can be mitigated by disabling the Flash plugin or by using the NoScript extension for Mozilla Firefox or SeaMonkey to whitelist websites that can access the Flash plugin. For more information about securely configuring web browsers, please see the Securing Your Web Browser document. US-CERT Vulnerability Note VU#259425 has additional details, as well as information about mitigating the PDF document attack vector.
Thanks to Department of Defense Cyber Crime Center/DCISE for information used in this document.
IV.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability intelligence source on the market.
Implement it through Secunia.
SOLUTION: Do not browse untrusted websites or follow untrusted links.
Updates will reportedly be available for Windows, Macintosh, and Linux versions by July 30.
PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day.
ORIGINAL ADVISORY: Adobe: http://www.adobe.com/support/security/advisories/apsa09-03.html
OTHER REFERENCES: US-CERT VU#259425: http://www.kb.cert.org/vuls/id/259425
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201206-14
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: June 22, 2012 Bugs: #405949, #411499 ID: 201206-14
Synopsis
Multiple vulnerabilities in Adobe Reader might allow remote attackers to execute arbitrary code or conduct various other attacks.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.5.1 >= 9.5.1
Description
Multiple vulnerabilities have been found in Adobe Reader, including an integer overflow in TrueType Font handling (CVE-2012-0774) and multiple unspecified errors which could cause memory corruption.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.5.1"
References
[ 1 ] CVE-2011-4370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4370 [ 2 ] CVE-2011-4371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4371 [ 3 ] CVE-2011-4372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4372 [ 4 ] CVE-2011-4373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4373 [ 5 ] CVE-2012-0774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0774 [ 6 ] CVE-2012-0775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0775 [ 7 ] CVE-2012-0776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0776 [ 8 ] CVE-2012-0777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0777
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201206-14.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201204-0111",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5 9.x (windows and macintosh)"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.2) 10.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.6 9.x (linux)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5 9.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.2) 10.x (windows and macintosh)"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional extended",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#259425"
},
{
"db": "BID",
"id": "52950"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002042"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-134"
},
{
"db": "NVD",
"id": "CVE-2012-0777"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002042"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "James Quirk, Los Alamos",
"sources": [
{
"db": "BID",
"id": "52950"
}
],
"trust": 0.3
},
"cve": "CVE-2012-0777",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2012-0777",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2012-0777",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-54058",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-0777",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#259425",
"trust": 0.8,
"value": "35.34"
},
{
"author": "NVD",
"id": "CVE-2012-0777",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201204-134",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-54058",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#259425"
},
{
"db": "VULHUB",
"id": "VHN-54058"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002042"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-134"
},
{
"db": "NVD",
"id": "CVE-2012-0777"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The JavaScript API in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 on Mac OS X and Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. Adobe Flash contains a vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Adobe Flash Player, Reader, Acrobat, and other products that include Flash support are affected. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: acroread security update\nAdvisory ID: RHSA-2012:0469-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2012-0469.html\nIssue date: 2012-04-10\nCVE Names: CVE-2012-0774 CVE-2012-0775 CVE-2012-0777 \n=====================================================================\n\n1. Summary:\n\nUpdated acroread packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nAdobe Reader allows users to view and print documents in Portable Document\nFormat (PDF). These flaws are\ndetailed on the Adobe security page APSB12-08, listed in the References\nsection. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n810397 - CVE-2012-0774 CVE-2012-0775 CVE-2012-0777 acroread: multiple unspecified flaws (APSB12-08)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nacroread-9.5.1-1.el5.i386.rpm\nacroread-plugin-9.5.1-1.el5.i386.rpm\n\nx86_64:\nacroread-9.5.1-1.el5.i386.rpm\nacroread-plugin-9.5.1-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nacroread-9.5.1-1.el5.i386.rpm\nacroread-plugin-9.5.1-1.el5.i386.rpm\n\nx86_64:\nacroread-9.5.1-1.el5.i386.rpm\nacroread-plugin-9.5.1-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nacroread-9.5.1-1.el6_2.i686.rpm\nacroread-plugin-9.5.1-1.el6_2.i686.rpm\n\nx86_64:\nacroread-9.5.1-1.el6_2.i686.rpm\nacroread-plugin-9.5.1-1.el6_2.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nacroread-9.5.1-1.el6_2.i686.rpm\nacroread-plugin-9.5.1-1.el6_2.i686.rpm\n\nx86_64:\nacroread-9.5.1-1.el6_2.i686.rpm\nacroread-plugin-9.5.1-1.el6_2.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nacroread-9.5.1-1.el6_2.i686.rpm\nacroread-plugin-9.5.1-1.el6_2.i686.rpm\n\nx86_64:\nacroread-9.5.1-1.el6_2.i686.rpm\nacroread-plugin-9.5.1-1.el6_2.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2012-0774.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-0775.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-0777.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb12-08.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2012 Red Hat, Inc. ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nRed Hat update for acroread\n\nSECUNIA ADVISORY ID:\nSA48756\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/48756/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48756\n\nRELEASE DATE:\n2012-04-11\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/48756/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/48756/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48756\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nRed Hat has issued an update for acroread. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n National Cyber Awareness System\n\n Technical Cyber Security Alert TA12-101B\n\n\nAdobe Reader and Acrobat Security Updates and Architectural Improvements\n\n Original release date: April 10, 2012\n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n * Adobe Reader X (10.1.2) and earlier 10.x versions for Windows and Macintosh\n * Adobe Reader 9.5 and earlier 9.x versions for Windows, Macintosh, and UNIX\n * Adobe Acrobat X (10.1.2) and earlier 10.x versions for Windows and Macintosh\n * Adobe Acrobat 9.5 and earlier 9.x versions for Windows and Macintosh\n\n\nOverview\n\n Adobe has released Security Bulletin APSB12-08, which describes\n multiple vulnerabilities affecting Adobe Reader and Acrobat. In addition, Reader and Acrobat now disable the\n rendering of 3D content by default. These\n vulnerabilities affect Adobe Reader and Acrobat versions 9.x\n through 9.5, and Reader X and Acrobat X versions prior to 10.1.3. \n\n The Adobe ASSET blog provides additional details on new security\n architecture changes to Adobe Reader and Acrobat. This change helps limit\n the number of out-of-date, vulnerable Flash runtimes available to\n an attacker. Adobe Reader and Acrobat 9.5.1 also now disable\n rendering of 3D content by default because the 3D rendering\n components have a history of vulnerabilities. \n\n An attacker could exploit these vulnerabilities by convincing a\n user to open a specially crafted PDF file. This can happen\n automatically as the result of viewing a webpage. \n\n\nSolution\n\n Update Reader\n\n Adobe has released updates to address this issue. Users are\n encouraged to read Adobe Security Bulletin APSB12-08 and update\n vulnerable versions of Adobe Reader and Acrobat. \n\n In addition to updating, please consider the following mitigations. \n\n Disable JavaScript in Adobe Reader and Acrobat\n\n Disabling JavaScript may prevent some exploits from resulting in\n code execution. You can disable Acrobat JavaScript using the\n Preferences menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable\n Acrobat JavaScript). \n\n Adobe provides a framework to blacklist specific JavaScipt APIs. If\n JavaScript must be enabled, this framework may be useful when\n specific APIs are known to be vulnerable or used in attacks. \n\n Prevent Internet Explorer from automatically opening PDF files\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF files in the web browser\n\n Preventing PDF files from opening inside a web browser will\n partially mitigate this vulnerability. Applying this workaround may\n also mitigate future vulnerabilities. \n\n To prevent PDF files from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. \n\n Do not access PDF files from untrusted sources\n\n Do not open unfamiliar or unexpected PDF files, particularly those\n hosted on websites or delivered as email attachments. Please see\n Cyber Security Tip ST04-010. Please send\n email to \u003ccert@cert.org\u003e with \"TA12-101B Feedback VU#124663\" in\n the subject. \n ____________________________________________________________________\n\n Produced by US-CERT, a government organization. \n ____________________________________________________________________\n\nThis product is provided subject to the Notification as indicated here: \nhttp://www.us-cert.gov/legal.html#notify\n\nThis document can also be found at\nhttp://www.us-cert.gov/cas/techalerts/TA12-101B.html\n\nFor instructions on subscribing to or unsubscribing from this \nmailing list, visit http://www.us-cert.gov/cas/signup.html\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBT4St0z/GkGVXE7GMAQK56gf+N4gfsTH8ssv6GzNqliZtpkgx5MI/Vo71\nbx/DERpK2AtQaNk3genyZ1vShMjfKUk7GmVQCeDvcTxhc+yNSSi3hSGyX7FQbl9E\n6p9mMLRD9OwJ63xq3fGmydNsgQnUTsjjRxkxC1DdojtlJL3HRsYYBXxguKQaPI1p\nUiPoMDu5W7LJ/9f+zrMbc4Hf15366YY7XGMmFL68OpwbxOT3aRrfLC/v6FErqHli\nUUg79tEm8FpemBrIzusqePviNYkci2M3K5fByp9opGrttPhTZAL8ddYJKfCSm+Xg\nlFs5dAwD0SCI3SQxG5B8RhGgLLCz87O+ifE1Q2UjFAvB6XWQifYDwA==\n=5dGp\n-----END PGP SIGNATURE-----\n. The\n Adobe Flash browser plugin is available for multiple web browsers\n and operating systems, any of which could be affected. \n \n This vulnerability is being actively exploited. \n\n\nII. \n\n\nIII. Solution\n\n These vulnerabilities can be mitigated by disabling the Flash\n plugin or by using the NoScript extension for Mozilla Firefox or\n SeaMonkey to whitelist websites that can access the Flash plugin. \n For more information about securely configuring web browsers,\n please see the Securing Your Web Browser document. US-CERT\n Vulnerability Note VU#259425 has additional details, as well as\n information about mitigating the PDF document attack vector. \n \n Thanks to Department of Defense Cyber Crime Center/DCISE for\n information used in this document. \n\n\nIV. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management) \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nSOLUTION:\nDo not browse untrusted websites or follow untrusted links. \n\nUpdates will reportedly be available for Windows, Macintosh, and\nLinux versions by July 30. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported as a 0-day. \n\nORIGINAL ADVISORY:\nAdobe:\nhttp://www.adobe.com/support/security/advisories/apsa09-03.html\n\nOTHER REFERENCES:\nUS-CERT VU#259425:\nhttp://www.kb.cert.org/vuls/id/259425\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201206-14\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: June 22, 2012\n Bugs: #405949, #411499\n ID: 201206-14\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might allow remote attackers\nto execute arbitrary code or conduct various other attacks. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/acroread \u003c 9.5.1 \u003e= 9.5.1\n\nDescription\n===========\n\nMultiple vulnerabilities have been found in Adobe Reader, including an\ninteger overflow in TrueType Font handling (CVE-2012-0774) and multiple\nunspecified errors which could cause memory corruption. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.5.1\"\n\nReferences\n==========\n\n[ 1 ] CVE-2011-4370\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4370\n[ 2 ] CVE-2011-4371\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4371\n[ 3 ] CVE-2011-4372\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4372\n[ 4 ] CVE-2011-4373\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4373\n[ 5 ] CVE-2012-0774\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0774\n[ 6 ] CVE-2012-0775\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0775\n[ 7 ] CVE-2012-0776\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0776\n[ 8 ] CVE-2012-0777\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0777\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201206-14.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-0777"
},
{
"db": "CERT/CC",
"id": "VU#259425"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002042"
},
{
"db": "BID",
"id": "52950"
},
{
"db": "VULHUB",
"id": "VHN-54058"
},
{
"db": "PACKETSTORM",
"id": "111733"
},
{
"db": "PACKETSTORM",
"id": "111768"
},
{
"db": "PACKETSTORM",
"id": "111760"
},
{
"db": "PACKETSTORM",
"id": "111927"
},
{
"db": "PACKETSTORM",
"id": "79569"
},
{
"db": "PACKETSTORM",
"id": "79567"
},
{
"db": "PACKETSTORM",
"id": "114069"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-0777",
"trust": 3.0
},
{
"db": "USCERT",
"id": "TA12-101B",
"trust": 2.6
},
{
"db": "BID",
"id": "52950",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "48846",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "48756",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1026908",
"trust": 1.7
},
{
"db": "CERT/CC",
"id": "VU#259425",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002042",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201204-134",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "35948",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-60038",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-54058",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "111733",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "111768",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "111760",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "111927",
"trust": 0.1
},
{
"db": "USCERT",
"id": "TA09-204A",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "79569",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "79567",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "114069",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#259425"
},
{
"db": "VULHUB",
"id": "VHN-54058"
},
{
"db": "BID",
"id": "52950"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002042"
},
{
"db": "PACKETSTORM",
"id": "111733"
},
{
"db": "PACKETSTORM",
"id": "111768"
},
{
"db": "PACKETSTORM",
"id": "111760"
},
{
"db": "PACKETSTORM",
"id": "111927"
},
{
"db": "PACKETSTORM",
"id": "79569"
},
{
"db": "PACKETSTORM",
"id": "79567"
},
{
"db": "PACKETSTORM",
"id": "114069"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-134"
},
{
"db": "NVD",
"id": "CVE-2012-0777"
}
]
},
"id": "VAR-201204-0111",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-54058"
}
],
"trust": 0.01
},
"last_update_date": "2024-09-19T20:55:41.664000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB12-08",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-08.html"
},
{
"title": "APSB12-08 (cpsid_93413)",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/934/cpsid_93413.html"
},
{
"title": "APSB12-08",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb12-08.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20120412.html"
},
{
"title": "AdbeRdrUpd951_all_incr",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=42860"
},
{
"title": "AcrobatUpd951_all_incr",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=42868"
},
{
"title": "AdbeRdrUpd1013",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=42859"
},
{
"title": "AcrobatUpd1013",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=42867"
},
{
"title": "AdbeRdrUpd951_all_i386",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=42862"
},
{
"title": "AcroProUpd951_all",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=42870"
},
{
"title": "AdbeRdrUpd1013",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=42861"
},
{
"title": "AcrobatUpd1013",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=42869"
},
{
"title": "AdbeRdr9.5.1-1_i486linux_enu",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=42864"
},
{
"title": "AdbeRdr9.5.1-1_i486linux_enu",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=42863"
},
{
"title": "AdbeRdr9.5.1-1_i486linux_enu",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=42866"
},
{
"title": "AdbeRdr9.5.1-1_i386linux_enu",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=42865"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002042"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-134"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54058"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002042"
},
{
"db": "NVD",
"id": "CVE-2012-0777"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.us-cert.gov/cas/techalerts/ta12-101b.html"
},
{
"trust": 2.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-08.html"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2012-0469.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00013.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/52950"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1026908"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/48756"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/48846"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00016.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00017.html"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74735"
},
{
"trust": 0.9,
"url": "http://www.adobe.com/support/security/advisories/apsa09-03.html"
},
{
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb09-10.html"
},
{
"trust": 0.8,
"url": "http://blogs.adobe.com/psirt/2009/07/potential_adobe_reader_and_fla.html"
},
{
"trust": 0.8,
"url": "http://blogs.adobe.com/psirt/2009/07/update_on_adobe_reader_acrobat.html"
},
{
"trust": 0.8,
"url": "http://bugs.adobe.com/jira/browse/fp-1265"
},
{
"trust": 0.8,
"url": "http://www.symantec.com/connect/blogs/next-generation-flash-vulnerability"
},
{
"trust": 0.8,
"url": "http://kb2.adobe.com/cps/141/tn_14157.html"
},
{
"trust": 0.8,
"url": "http://blog.fireeye.com/research/2009/07/actionscript_heap_spray.html"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0777"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2012/at120013.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta12-101b/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-0777"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.3,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.3,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0777"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0775"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0774"
},
{
"trust": 0.2,
"url": "http://secunia.com/psi_30_beta_launch"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://www.kb.cert.org/vuls/id/259425\u003e"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0777.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0775.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0774.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/48756/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/48756/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48756"
},
{
"trust": 0.1,
"url": "http://blogs.adobe.com/asset/2012/04/background-on-security-bulletin-apsb12-08.html\u003e"
},
{
"trust": 0.1,
"url": "https://www.adobe.com/support/security/bulletins/apsb11-30.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html#notify"
},
{
"trust": 0.1,
"url": "http://get.adobe.com/flashplayer/\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html"
},
{
"trust": 0.1,
"url": "http://kb2.adobe.com/cps/504/cpsid_50431.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/bypublished?searchview\u0026amp;query=rt3d.dll\u003e"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/48846/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/48846/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48846"
},
{
"trust": 0.1,
"url": "https://addons.mozilla.org/addon/722\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta09-204a.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/reading_room/securing_browser/\u003e"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa09-03.html\u003e"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/35948/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/259425"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-4370"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0775"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-4371"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0776"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4373"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4371"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0776"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0774"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201206-14.xml"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-4372"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0777"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4370"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4372"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-4373"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#259425"
},
{
"db": "VULHUB",
"id": "VHN-54058"
},
{
"db": "BID",
"id": "52950"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002042"
},
{
"db": "PACKETSTORM",
"id": "111733"
},
{
"db": "PACKETSTORM",
"id": "111768"
},
{
"db": "PACKETSTORM",
"id": "111760"
},
{
"db": "PACKETSTORM",
"id": "111927"
},
{
"db": "PACKETSTORM",
"id": "79569"
},
{
"db": "PACKETSTORM",
"id": "79567"
},
{
"db": "PACKETSTORM",
"id": "114069"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-134"
},
{
"db": "NVD",
"id": "CVE-2012-0777"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#259425"
},
{
"db": "VULHUB",
"id": "VHN-54058"
},
{
"db": "BID",
"id": "52950"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002042"
},
{
"db": "PACKETSTORM",
"id": "111733"
},
{
"db": "PACKETSTORM",
"id": "111768"
},
{
"db": "PACKETSTORM",
"id": "111760"
},
{
"db": "PACKETSTORM",
"id": "111927"
},
{
"db": "PACKETSTORM",
"id": "79569"
},
{
"db": "PACKETSTORM",
"id": "79567"
},
{
"db": "PACKETSTORM",
"id": "114069"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-134"
},
{
"db": "NVD",
"id": "CVE-2012-0777"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#259425"
},
{
"date": "2012-04-10T00:00:00",
"db": "VULHUB",
"id": "VHN-54058"
},
{
"date": "2012-04-10T00:00:00",
"db": "BID",
"id": "52950"
},
{
"date": "2012-04-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002042"
},
{
"date": "2012-04-11T14:18:39",
"db": "PACKETSTORM",
"id": "111733"
},
{
"date": "2012-04-11T07:09:51",
"db": "PACKETSTORM",
"id": "111768"
},
{
"date": "2012-04-11T15:20:24",
"db": "PACKETSTORM",
"id": "111760"
},
{
"date": "2012-04-17T11:24:12",
"db": "PACKETSTORM",
"id": "111927"
},
{
"date": "2009-07-23T22:33:27",
"db": "PACKETSTORM",
"id": "79569"
},
{
"date": "2009-07-23T14:30:39",
"db": "PACKETSTORM",
"id": "79567"
},
{
"date": "2012-06-22T20:23:37",
"db": "PACKETSTORM",
"id": "114069"
},
{
"date": "2012-04-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201204-134"
},
{
"date": "2012-04-10T23:55:01.137000",
"db": "NVD",
"id": "CVE-2012-0777"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-08-07T00:00:00",
"db": "CERT/CC",
"id": "VU#259425"
},
{
"date": "2022-12-14T00:00:00",
"db": "VULHUB",
"id": "VHN-54058"
},
{
"date": "2013-06-20T09:41:00",
"db": "BID",
"id": "52950"
},
{
"date": "2012-04-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002042"
},
{
"date": "2022-12-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201204-134"
},
{
"date": "2022-12-14T19:04:22.233000",
"db": "NVD",
"id": "CVE-2012-0777"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "114069"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-134"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash vulnerability affects Flash Player and other Adobe products",
"sources": [
{
"db": "CERT/CC",
"id": "VU#259425"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201204-134"
}
],
"trust": 0.6
}
}
var-201409-0437
Vulnerability from variot
Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on OS X allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS).". Adobe Acrobat and Reader are prone to an unspecified cross-site scripting. An attacker may leverage this issue to execute arbitrary script code in an unsuspecting user's browser in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 11.0.08 and earlier and 10.1.11 and earlier for Windows, Adobe Reader 11.0.07 and earlier for OS X and 10.1.10 and earlier for Windows Adobe Acrobat 11.0.08 and earlier versions and 10.1.11 and earlier versions on the platform, and Adobe Acrobat 11.0.07 and earlier versions and 10.1.10 and earlier versions on the OS X platform
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201409-0437",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.09)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.12)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.12)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.09)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (macintosh)"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-004241"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-581"
},
{
"db": "NVD",
"id": "CVE-2014-0562"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-004241"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Frans Rosen of Detectify",
"sources": [
{
"db": "BID",
"id": "69822"
}
],
"trust": 0.3
},
"cve": "CVE-2014-0562",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2014-0562",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-68055",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-0562",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-0562",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201409-581",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-68055",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68055"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004241"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-581"
},
{
"db": "NVD",
"id": "CVE-2014-0562"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on OS X allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka \"Universal XSS (UXSS).\". Adobe Acrobat and Reader are prone to an unspecified cross-site scripting. \nAn attacker may leverage this issue to execute arbitrary script code in an unsuspecting user\u0027s browser in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 11.0.08 and earlier and 10.1.11 and earlier for Windows, Adobe Reader 11.0.07 and earlier for OS X and 10.1.10 and earlier for Windows Adobe Acrobat 11.0.08 and earlier versions and 10.1.11 and earlier versions on the platform, and Adobe Acrobat 11.0.07 and earlier versions and 10.1.10 and earlier versions on the OS X platform",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0562"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004241"
},
{
"db": "BID",
"id": "69822"
},
{
"db": "VULHUB",
"id": "VHN-68055"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0562",
"trust": 2.8
},
{
"db": "BID",
"id": "69822",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1030853",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004241",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201409-581",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-68055",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68055"
},
{
"db": "BID",
"id": "69822"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004241"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-581"
},
{
"db": "NVD",
"id": "CVE-2014-0562"
}
]
},
"id": "VAR-201409-0437",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-68055"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:52.968000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB14-20",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-20.html"
},
{
"title": "APSB14-20",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb14-20.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20140918.html"
},
{
"title": "AdbeRdrUpd11009",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51674"
},
{
"title": "AcrobatUpd11009",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51678"
},
{
"title": "AdbeRdrUpd10112",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51673"
},
{
"title": "AcrobatUpd10112",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51677"
},
{
"title": "AdbeRdrUpd11009",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51676"
},
{
"title": "AcrobatUpd11009",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51680"
},
{
"title": "AdbeRdrUpd10112",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51675"
},
{
"title": "AcrobatUpd10112",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51679"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-004241"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-581"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68055"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004241"
},
{
"db": "NVD",
"id": "CVE-2014-0562"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-20.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/69822"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1030853"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95997"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0562"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20140917-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140036.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0562"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=14605"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68055"
},
{
"db": "BID",
"id": "69822"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004241"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-581"
},
{
"db": "NVD",
"id": "CVE-2014-0562"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-68055"
},
{
"db": "BID",
"id": "69822"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004241"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-581"
},
{
"db": "NVD",
"id": "CVE-2014-0562"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-09-17T00:00:00",
"db": "VULHUB",
"id": "VHN-68055"
},
{
"date": "2014-09-16T00:00:00",
"db": "BID",
"id": "69822"
},
{
"date": "2014-09-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-004241"
},
{
"date": "2014-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201409-581"
},
{
"date": "2014-09-17T10:55:06.683000",
"db": "NVD",
"id": "CVE-2014-0562"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-68055"
},
{
"date": "2014-09-16T00:00:00",
"db": "BID",
"id": "69822"
},
{
"date": "2014-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-004241"
},
{
"date": "2014-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201409-581"
},
{
"date": "2017-08-29T01:34:12.530000",
"db": "NVD",
"id": "CVE-2014-0562"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201409-581"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mac OS X Run on Adobe Reader and Acrobat Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-004241"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201409-581"
}
],
"trust": 0.6
}
}
var-201510-0096
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to bypass intended sandbox restrictions and obtain sensitive PDF information by launching a print job on a remote printer, a different vulnerability than CVE-2015-6705, CVE-2015-6706, and CVE-2015-7624. This vulnerability CVE-2015-6705 , CVE-2015-6706 ,and CVE-2015-7624 Is a different vulnerability.An attacker can run a print job on a remote printer, bypassing sandbox restrictions and PDF Information may be obtained. This vulnerability allows local attackers to disclose arbitrary PDF files on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within Acrobat Reader printing. Adobe Reader and Acrobat are prone to multiple unspecified security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and gain access to sensitive information, which may aid in further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Security flaws exist in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0096",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-468"
},
{
"db": "BID",
"id": "77070"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005238"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-194"
},
{
"db": "NVD",
"id": "CVE-2015-5583"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005238"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri and Jasiel Spelman of HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-468"
}
],
"trust": 0.7
},
"cve": "CVE-2015-5583",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-5583",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 2.5,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-83544",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-5583",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-5583",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2015-5583",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-194",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-83544",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-468"
},
{
"db": "VULHUB",
"id": "VHN-83544"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005238"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-194"
},
{
"db": "NVD",
"id": "CVE-2015-5583"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to bypass intended sandbox restrictions and obtain sensitive PDF information by launching a print job on a remote printer, a different vulnerability than CVE-2015-6705, CVE-2015-6706, and CVE-2015-7624. This vulnerability CVE-2015-6705 , CVE-2015-6706 ,and CVE-2015-7624 Is a different vulnerability.An attacker can run a print job on a remote printer, bypassing sandbox restrictions and PDF Information may be obtained. This vulnerability allows local attackers to disclose arbitrary PDF files on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within Acrobat Reader printing. Adobe Reader and Acrobat are prone to multiple unspecified security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and gain access to sensitive information, which may aid in further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Security flaws exist in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-5583"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005238"
},
{
"db": "ZDI",
"id": "ZDI-15-468"
},
{
"db": "BID",
"id": "77070"
},
{
"db": "VULHUB",
"id": "VHN-83544"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-5583",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-468",
"trust": 2.4
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005238",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2893",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-194",
"trust": 0.7
},
{
"db": "BID",
"id": "77070",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-83544",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-468"
},
{
"db": "VULHUB",
"id": "VHN-83544"
},
{
"db": "BID",
"id": "77070"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005238"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-194"
},
{
"db": "NVD",
"id": "CVE-2015-5583"
}
]
},
"id": "VAR-201510-0096",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-83544"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:37.109000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58043"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-468"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005238"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-194"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83544"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005238"
},
{
"db": "NVD",
"id": "CVE-2015-5583"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-468"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5583"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-5583"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-468"
},
{
"db": "VULHUB",
"id": "VHN-83544"
},
{
"db": "BID",
"id": "77070"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005238"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-194"
},
{
"db": "NVD",
"id": "CVE-2015-5583"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-468"
},
{
"db": "VULHUB",
"id": "VHN-83544"
},
{
"db": "BID",
"id": "77070"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005238"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-194"
},
{
"db": "NVD",
"id": "CVE-2015-5583"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-468"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-83544"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77070"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005238"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-194"
},
{
"date": "2015-10-14T23:59:01.717000",
"db": "NVD",
"id": "CVE-2015-5583"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-468"
},
{
"date": "2020-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-83544"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77070"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005238"
},
{
"date": "2020-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-194"
},
{
"date": "2021-09-08T17:19:31.387000",
"db": "NVD",
"id": "CVE-2015-5583"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-194"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to bypassing sandbox restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005238"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-194"
}
],
"trust": 0.6
}
}
var-201405-0213
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0523, CVE-2014-0524, and CVE-2014-0526. Adobe Acrobat and Reader are prone to an unspecified memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. The following products are affected: Adobe Reader 11.x versions prior to 11.0.07 Adobe Reader 10.x versions prior to 10.1.10 Adobe Acrobat 11.x versions prior to 11.0.07 Adobe Acrobat 10.x versions prior to 10.1.10. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201405-0213",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.07)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.10)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.07)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.10)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "67360"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002482"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-247"
},
{
"db": "NVD",
"id": "CVE-2014-0522"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002482"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wei Lei and Wu Hongjun of Nanyang Technological University",
"sources": [
{
"db": "BID",
"id": "67360"
}
],
"trust": 0.3
},
"cve": "CVE-2014-0522",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-0522",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-68015",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-0522",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-0522",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201405-247",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-68015",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2014-0522",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68015"
},
{
"db": "VULMON",
"id": "CVE-2014-0522"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002482"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-247"
},
{
"db": "NVD",
"id": "CVE-2014-0522"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0523, CVE-2014-0524, and CVE-2014-0526. Adobe Acrobat and Reader are prone to an unspecified memory-corruption vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. \nThe following products are affected:\nAdobe Reader 11.x versions prior to 11.0.07\nAdobe Reader 10.x versions prior to 10.1.10\nAdobe Acrobat 11.x versions prior to 11.0.07\nAdobe Acrobat 10.x versions prior to 10.1.10. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0522"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002482"
},
{
"db": "BID",
"id": "67360"
},
{
"db": "VULHUB",
"id": "VHN-68015"
},
{
"db": "VULMON",
"id": "CVE-2014-0522"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0522",
"trust": 2.9
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002482",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201405-247",
"trust": 0.7
},
{
"db": "BID",
"id": "67360",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-68015",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2014-0522",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68015"
},
{
"db": "VULMON",
"id": "CVE-2014-0522"
},
{
"db": "BID",
"id": "67360"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002482"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-247"
},
{
"db": "NVD",
"id": "CVE-2014-0522"
}
]
},
"id": "VAR-201405-0213",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-68015"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T15:19:10.354000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB14-15",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-15.html"
},
{
"title": "APSB14-15",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb14-15.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20140515.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002482"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68015"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002482"
},
{
"db": "NVD",
"id": "CVE-2014-0522"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-15.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0522"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20140514-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140023.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0522"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=13798"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68015"
},
{
"db": "VULMON",
"id": "CVE-2014-0522"
},
{
"db": "BID",
"id": "67360"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002482"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-247"
},
{
"db": "NVD",
"id": "CVE-2014-0522"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-68015"
},
{
"db": "VULMON",
"id": "CVE-2014-0522"
},
{
"db": "BID",
"id": "67360"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002482"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-247"
},
{
"db": "NVD",
"id": "CVE-2014-0522"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-05-14T00:00:00",
"db": "VULHUB",
"id": "VHN-68015"
},
{
"date": "2014-05-14T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0522"
},
{
"date": "2014-05-13T00:00:00",
"db": "BID",
"id": "67360"
},
{
"date": "2014-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002482"
},
{
"date": "2014-05-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-247"
},
{
"date": "2014-05-14T11:13:05.130000",
"db": "NVD",
"id": "CVE-2014-0522"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-05-14T00:00:00",
"db": "VULHUB",
"id": "VHN-68015"
},
{
"date": "2014-05-14T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0522"
},
{
"date": "2014-05-13T00:00:00",
"db": "BID",
"id": "67360"
},
{
"date": "2014-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002482"
},
{
"date": "2014-05-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-247"
},
{
"date": "2014-05-14T13:29:43.443000",
"db": "NVD",
"id": "CVE-2014-0522"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201405-247"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002482"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201405-247"
}
],
"trust": 0.6
}
}
var-201510-0341
Vulnerability from variot
The ANSendForApproval method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the ANSendForApproval method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the ANSendForApproval method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0341",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-495"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005281"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-237"
},
{
"db": "NVD",
"id": "CVE-2015-6724"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005281"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Matt Molinyawe and Jasiel Spelman of HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-495"
}
],
"trust": 0.7
},
"cve": "CVE-2015-6724",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6724",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.7,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-6724",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84685",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6724",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6724",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-6724",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-237",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-84685",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-495"
},
{
"db": "VULHUB",
"id": "VHN-84685"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005281"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-237"
},
{
"db": "NVD",
"id": "CVE-2015-6724"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The ANSendForApproval method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the ANSendForApproval method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the ANSendForApproval method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6724"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005281"
},
{
"db": "ZDI",
"id": "ZDI-15-495"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "VULHUB",
"id": "VHN-84685"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6724",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-495",
"trust": 2.4
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005281",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3079",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-237",
"trust": 0.7
},
{
"db": "BID",
"id": "77074",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84685",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-495"
},
{
"db": "VULHUB",
"id": "VHN-84685"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005281"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-237"
},
{
"db": "NVD",
"id": "CVE-2015-6724"
}
]
},
"id": "VAR-201510-0341",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84685"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:31.784000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product Privilege License and Access Control Vulnerability Fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58086"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-495"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005281"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-237"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84685"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005281"
},
{
"db": "NVD",
"id": "CVE-2015-6724"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-495"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6724"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6724"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-495"
},
{
"db": "VULHUB",
"id": "VHN-84685"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005281"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-237"
},
{
"db": "NVD",
"id": "CVE-2015-6724"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-495"
},
{
"db": "VULHUB",
"id": "VHN-84685"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005281"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-237"
},
{
"db": "NVD",
"id": "CVE-2015-6724"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-495"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84685"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005281"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-237"
},
{
"date": "2015-10-14T23:59:45.870000",
"db": "NVD",
"id": "CVE-2015-6724"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-495"
},
{
"date": "2020-05-18T00:00:00",
"db": "VULHUB",
"id": "VHN-84685"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005281"
},
{
"date": "2020-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-237"
},
{
"date": "2021-09-08T17:19:32.433000",
"db": "NVD",
"id": "CVE-2015-6724"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-237"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of ANSendForApproval In the method JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005281"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-237"
}
],
"trust": 0.6
}
}
var-201601-0604
Vulnerability from variot
Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X mishandle the Global object, which allows attackers to bypass JavaScript API execution restrictions via unspecified vectors. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the Global object. By creating a specially crafted PDF with specific JavaScript instructions, it is possible to bypass the JavaScript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Reader and Acrobat are prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A security vulnerability exists in several Adobe products due to the program's improper handling of Global objects
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201601-0604",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.14 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30119 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20056 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30119 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20056 (windows/macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.14 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.13"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-012"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001045"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-243"
},
{
"db": "NVD",
"id": "CVE-2016-0943"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001045"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HPE Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-012"
}
],
"trust": 0.7
},
"cve": "CVE-2016-0943",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0943",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 2.5,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-88453",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2016-0943",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-0943",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-0943",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2016-0943",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-243",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-88453",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-012"
},
{
"db": "VULHUB",
"id": "VHN-88453"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001045"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-243"
},
{
"db": "NVD",
"id": "CVE-2016-0943"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X mishandle the Global object, which allows attackers to bypass JavaScript API execution restrictions via unspecified vectors. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the Global object. By creating a specially crafted PDF with specific JavaScript instructions, it is possible to bypass the JavaScript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Reader and Acrobat are prone to a security-bypass vulnerability. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A security vulnerability exists in several Adobe products due to the program\u0027s improper handling of Global objects",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0943"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001045"
},
{
"db": "ZDI",
"id": "ZDI-16-012"
},
{
"db": "BID",
"id": "80360"
},
{
"db": "VULHUB",
"id": "VHN-88453"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0943",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-16-012",
"trust": 2.4
},
{
"db": "SECTRACK",
"id": "1034646",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001045",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3362",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201601-243",
"trust": 0.7
},
{
"db": "BID",
"id": "80360",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-88453",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-012"
},
{
"db": "VULHUB",
"id": "VHN-88453"
},
{
"db": "BID",
"id": "80360"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001045"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-243"
},
{
"db": "NVD",
"id": "CVE-2016-0943"
}
]
},
"id": "VAR-201601-0604",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88453"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:32:57.997000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-02",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
},
{
"title": "APSB16-02",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb16-02.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160114.html"
},
{
"title": "Multiple Adobe Product Privilege License and Access Control Vulnerability Fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59590"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-012"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001045"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-243"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88453"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001045"
},
{
"db": "NVD",
"id": "CVE-2016-0943"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
},
{
"trust": 1.7,
"url": "http://zerodayinitiative.com/advisories/zdi-16-012"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1034646"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0943"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160113-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160003.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0943"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17575"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-012"
},
{
"db": "VULHUB",
"id": "VHN-88453"
},
{
"db": "BID",
"id": "80360"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001045"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-243"
},
{
"db": "NVD",
"id": "CVE-2016-0943"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-16-012"
},
{
"db": "VULHUB",
"id": "VHN-88453"
},
{
"db": "BID",
"id": "80360"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001045"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-243"
},
{
"db": "NVD",
"id": "CVE-2016-0943"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-12T00:00:00",
"db": "ZDI",
"id": "ZDI-16-012"
},
{
"date": "2016-01-14T00:00:00",
"db": "VULHUB",
"id": "VHN-88453"
},
{
"date": "2016-01-12T00:00:00",
"db": "BID",
"id": "80360"
},
{
"date": "2016-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001045"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-243"
},
{
"date": "2016-01-14T05:59:11.953000",
"db": "NVD",
"id": "CVE-2016-0943"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-12T00:00:00",
"db": "ZDI",
"id": "ZDI-16-012"
},
{
"date": "2016-12-07T00:00:00",
"db": "VULHUB",
"id": "VHN-88453"
},
{
"date": "2016-01-14T23:58:00",
"db": "BID",
"id": "80360"
},
{
"date": "2016-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001045"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-243"
},
{
"date": "2016-12-07T23:42:36.510000",
"db": "NVD",
"id": "CVE-2016-0943"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-243"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat In Javascript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001045"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-243"
}
],
"trust": 0.6
}
}
var-201510-0364
Vulnerability from variot
The signatureSetSeedValue method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted arguments, a different vulnerability than CVE-2015-6685, CVE-2015-6686, CVE-2015-6694, CVE-2015-6695, and CVE-2015-7622. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the signatureSetSeedValue method. Specially crafted arguments passed to signatureSetSeedValue can force a dangling pointer to be reused after it has been freed. Adobe Acrobat and Reader are prone to multiple memory-corruption vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A security vulnerability exists in the signatureSetSeedValue method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0364",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat pro dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-473"
},
{
"db": "BID",
"id": "77069"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005250"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-206"
},
{
"db": "NVD",
"id": "CVE-2015-6693"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005250"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-473"
}
],
"trust": 0.7
},
"cve": "CVE-2015-6693",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6693",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.7,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-6693",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84654",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6693",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6693",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-6693",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-206",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-84654",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-473"
},
{
"db": "VULHUB",
"id": "VHN-84654"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005250"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-206"
},
{
"db": "NVD",
"id": "CVE-2015-6693"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The signatureSetSeedValue method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted arguments, a different vulnerability than CVE-2015-6685, CVE-2015-6686, CVE-2015-6694, CVE-2015-6695, and CVE-2015-7622. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the signatureSetSeedValue method. Specially crafted arguments passed to signatureSetSeedValue can force a dangling pointer to be reused after it has been freed. Adobe Acrobat and Reader are prone to multiple memory-corruption vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A security vulnerability exists in the signatureSetSeedValue method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6693"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005250"
},
{
"db": "ZDI",
"id": "ZDI-15-473"
},
{
"db": "BID",
"id": "77069"
},
{
"db": "VULHUB",
"id": "VHN-84654"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6693",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-473",
"trust": 2.7
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005250",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3017",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-206",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-15-471",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-466",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-472",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-467",
"trust": 0.3
},
{
"db": "BID",
"id": "77069",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84654",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-473"
},
{
"db": "VULHUB",
"id": "VHN-84654"
},
{
"db": "BID",
"id": "77069"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005250"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-206"
},
{
"db": "NVD",
"id": "CVE-2015-6693"
}
]
},
"id": "VAR-201510-0364",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84654"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:36.127000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product Buffer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58055"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-473"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005250"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-206"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84654"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005250"
},
{
"db": "NVD",
"id": "CVE-2015-6693"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-473"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6693"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6693"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-467/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-466/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-473/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-471/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-472/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-473"
},
{
"db": "VULHUB",
"id": "VHN-84654"
},
{
"db": "BID",
"id": "77069"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005250"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-206"
},
{
"db": "NVD",
"id": "CVE-2015-6693"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-473"
},
{
"db": "VULHUB",
"id": "VHN-84654"
},
{
"db": "BID",
"id": "77069"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005250"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-206"
},
{
"db": "NVD",
"id": "CVE-2015-6693"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-473"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84654"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77069"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005250"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-206"
},
{
"date": "2015-10-14T23:59:15.050000",
"db": "NVD",
"id": "CVE-2015-6693"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-473"
},
{
"date": "2020-05-18T00:00:00",
"db": "VULHUB",
"id": "VHN-84654"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77069"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005250"
},
{
"date": "2020-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-206"
},
{
"date": "2021-09-08T17:19:31.690000",
"db": "NVD",
"id": "CVE-2015-6693"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-206"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of signatureSetSeedValue Vulnerability in arbitrary code execution in method",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005250"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-206"
}
],
"trust": 0.6
}
}
var-201510-0040
Vulnerability from variot
Use-after-free vulnerability in a SaveAs feature in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5586, CVE-2015-6683, CVE-2015-6684, CVE-2015-6687, CVE-2015-6688, CVE-2015-6689, CVE-2015-6690, CVE-2015-6691, CVE-2015-7617, and CVE-2015-7621. This vulnerability CVE-2015-5586 , CVE-2015-6683 , CVE-2015-6684 , CVE-2015-6687 , CVE-2015-6688 , CVE-2015-6689 , CVE-2015-6690 , CVE-2015-6691 , CVE-2015-7617 ,and CVE-2015-7621 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of PDF documents with media content. When trying to save a specially crafted PDF document, a dangling pointer can be forced to be reused after it has been freed. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A use-after-free vulnerability exists in the SaveAs function of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0040",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-493"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005294"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-240"
},
{
"db": "NVD",
"id": "CVE-2015-7615"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005294"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-493"
}
],
"trust": 0.7
},
"cve": "CVE-2015-7615",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-7615",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.7,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-7615",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-85576",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-7615",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-7615",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-7615",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-240",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-85576",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-493"
},
{
"db": "VULHUB",
"id": "VHN-85576"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005294"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-240"
},
{
"db": "NVD",
"id": "CVE-2015-7615"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in a SaveAs feature in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5586, CVE-2015-6683, CVE-2015-6684, CVE-2015-6687, CVE-2015-6688, CVE-2015-6689, CVE-2015-6690, CVE-2015-6691, CVE-2015-7617, and CVE-2015-7621. This vulnerability CVE-2015-5586 , CVE-2015-6683 , CVE-2015-6684 , CVE-2015-6687 , CVE-2015-6688 , CVE-2015-6689 , CVE-2015-6690 , CVE-2015-6691 , CVE-2015-7617 ,and CVE-2015-7621 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of PDF documents with media content. When trying to save a specially crafted PDF document, a dangling pointer can be forced to be reused after it has been freed. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A use-after-free vulnerability exists in the SaveAs function of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7615"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005294"
},
{
"db": "ZDI",
"id": "ZDI-15-493"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "VULHUB",
"id": "VHN-85576"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-7615",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-493",
"trust": 2.7
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005294",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3069",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-240",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-15-508",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-470",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-469",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-474",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-492",
"trust": 0.3
},
{
"db": "BID",
"id": "77064",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-85576",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-493"
},
{
"db": "VULHUB",
"id": "VHN-85576"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005294"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-240"
},
{
"db": "NVD",
"id": "CVE-2015-7615"
}
]
},
"id": "VAR-201510-0040",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-85576"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:36.834000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Remediation measures for reusing vulnerabilities after product release",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58089"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-493"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005294"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-240"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85576"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005294"
},
{
"db": "NVD",
"id": "CVE-2015-7615"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-493"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7615"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7615"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-469/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-470/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-474/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-492/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-493/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-508/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-493"
},
{
"db": "VULHUB",
"id": "VHN-85576"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005294"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-240"
},
{
"db": "NVD",
"id": "CVE-2015-7615"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-493"
},
{
"db": "VULHUB",
"id": "VHN-85576"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005294"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-240"
},
{
"db": "NVD",
"id": "CVE-2015-7615"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-493"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-85576"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77064"
},
{
"date": "2015-10-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005294"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-240"
},
{
"date": "2015-10-14T23:59:48.963000",
"db": "NVD",
"id": "CVE-2015-7615"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-493"
},
{
"date": "2020-05-18T00:00:00",
"db": "VULHUB",
"id": "VHN-85576"
},
{
"date": "2015-10-26T17:00:00",
"db": "BID",
"id": "77064"
},
{
"date": "2015-10-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005294"
},
{
"date": "2020-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-240"
},
{
"date": "2021-09-08T17:19:32.493000",
"db": "NVD",
"id": "CVE-2015-7615"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-240"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of SaveAs Vulnerability to execute arbitrary code in function",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005294"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-240"
}
],
"trust": 0.6
}
}
var-201208-0442
Vulnerability from variot
Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE-2012-4150, CVE-2012-4151, CVE-2012-4152, CVE-2012-4153, CVE-2012-4155, CVE-2012-4156, CVE-2012-4157, CVE-2012-4158, CVE-2012-4159, and CVE-2012-4160. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201308-03
http://security.gentoo.org/
Severity: High Title: Adobe Reader: Multiple vulnerabilities Date: August 22, 2013 Bugs: #431732, #451058, #469960 ID: 201308-03
Synopsis
Multiple vulnerabilities have been found in Adobe Reader, including potential remote execution of arbitrary code and local privilege escalation.
Background
Adobe Reader is a closed-source PDF reader.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.5.5 >= 9.5.5
Description
Multiple vulnerabilities have been discovered in Adobe Reader. Please review the CVE identifiers referenced below for details. A local attacker could gain privileges via unspecified vectors.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.5.5"
References
[ 1 ] CVE-2012-1525 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525 [ 2 ] CVE-2012-1530 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530 [ 3 ] CVE-2012-2049 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049 [ 4 ] CVE-2012-2050 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050 [ 5 ] CVE-2012-2051 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051 [ 6 ] CVE-2012-4147 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147 [ 7 ] CVE-2012-4148 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748 [ 8 ] CVE-2012-4149 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149 [ 9 ] CVE-2012-4150 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150 [ 10 ] CVE-2012-4151 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151 [ 11 ] CVE-2012-4152 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152 [ 12 ] CVE-2012-4153 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153 [ 13 ] CVE-2012-4154 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154 [ 14 ] CVE-2012-4155 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155 [ 15 ] CVE-2012-4156 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156 [ 16 ] CVE-2012-4157 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157 [ 17 ] CVE-2012-4158 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158 [ 18 ] CVE-2012-4159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159 [ 19 ] CVE-2012-4160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160 [ 20 ] CVE-2012-4363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363 [ 21 ] CVE-2013-0601 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601 [ 22 ] CVE-2013-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602 [ 23 ] CVE-2013-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603 [ 24 ] CVE-2013-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604 [ 25 ] CVE-2013-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605 [ 26 ] CVE-2013-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606 [ 27 ] CVE-2013-0607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607 [ 28 ] CVE-2013-0608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608 [ 29 ] CVE-2013-0609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609 [ 30 ] CVE-2013-0610 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610 [ 31 ] CVE-2013-0611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611 [ 32 ] CVE-2013-0612 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612 [ 33 ] CVE-2013-0613 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613 [ 34 ] CVE-2013-0614 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614 [ 35 ] CVE-2013-0615 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615 [ 36 ] CVE-2013-0616 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616 [ 37 ] CVE-2013-0617 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617 [ 38 ] CVE-2013-0618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618 [ 39 ] CVE-2013-0619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619 [ 40 ] CVE-2013-0620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620 [ 41 ] CVE-2013-0621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621 [ 42 ] CVE-2013-0622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622 [ 43 ] CVE-2013-0623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623 [ 44 ] CVE-2013-0624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624 [ 45 ] CVE-2013-0626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626 [ 46 ] CVE-2013-0627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627 [ 47 ] CVE-2013-0640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640 [ 48 ] CVE-2013-0641 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641 [ 49 ] CVE-2013-2549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549 [ 50 ] CVE-2013-2550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550 [ 51 ] CVE-2013-2718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718 [ 52 ] CVE-2013-2719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719 [ 53 ] CVE-2013-2720 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720 [ 54 ] CVE-2013-2721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721 [ 55 ] CVE-2013-2722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722 [ 56 ] CVE-2013-2723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723 [ 57 ] CVE-2013-2724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724 [ 58 ] CVE-2013-2725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725 [ 59 ] CVE-2013-2726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726 [ 60 ] CVE-2013-2727 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727 [ 61 ] CVE-2013-2729 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729 [ 62 ] CVE-2013-2730 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730 [ 63 ] CVE-2013-2731 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731 [ 64 ] CVE-2013-2732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732 [ 65 ] CVE-2013-2733 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733 [ 66 ] CVE-2013-2734 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734 [ 67 ] CVE-2013-2735 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735 [ 68 ] CVE-2013-2736 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736 [ 69 ] CVE-2013-2737 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737 [ 70 ] CVE-2013-3337 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337 [ 71 ] CVE-2013-3338 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338 [ 72 ] CVE-2013-3339 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339 [ 73 ] CVE-2013-3340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340 [ 74 ] CVE-2013-3341 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341 [ 75 ] CVE-2013-3342 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201308-03.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . ----------------------------------------------------------------------
The new Secunia CSI 6.0 is now available in beta! Seamless integration with your existing security solutions Sign-up to become a Beta tester: http://secunia.com/csi6beta
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50281
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50281/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
RELEASE DATE: 2012-08-14
DISCUSS ADVISORY: http://secunia.com/advisories/50281/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50281/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.
1) An unspecified error can be exploited to cause a stack-based buffer overflow.
2) An unspecified error can be exploited to cause a buffer overflow.
3) An unspecified error can be exploited to corrupt memory.
4) Another unspecified error can be exploited to corrupt memory.
5) Another unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to cause a heap-based buffer overflow.
7) Multiple unspecified errors can be exploited to corrupt memory.
8) Two unspecified errors can be exploited to corrupt memory.
Note: Vulnerability #8 affects the Macintosh platform only.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
SOLUTION: Apply updates.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1) Pavel Polischouk, TELUS Security Labs 2) An anonymous person via Beyond Security 3) Mateusz Jurczyk, Google Security Team 4, 8) James Quirk 5) John Leitch, Microsoft 6) Nicolas Gr\xe9goire via iDefense 7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team
ORIGINAL ADVISORY: http://www.adobe.com/support/security/bulletins/apsb12-16.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201208-0442",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (windows and macintosh)"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (windows and macintosh)"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "55015"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003642"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-253"
},
{
"db": "NVD",
"id": "CVE-2012-4154"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003642"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mateusz Jurczyk and Gynvael Coldwind, of the Google Security Team",
"sources": [
{
"db": "BID",
"id": "55015"
}
],
"trust": 0.3
},
"cve": "CVE-2012-4154",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2012-4154",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-57435",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-4154",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2012-4154",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201208-253",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-57435",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57435"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003642"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-253"
},
{
"db": "NVD",
"id": "CVE-2012-4154"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE-2012-4150, CVE-2012-4151, CVE-2012-4152, CVE-2012-4153, CVE-2012-4155, CVE-2012-4156, CVE-2012-4157, CVE-2012-4158, CVE-2012-4159, and CVE-2012-4160. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201308-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Adobe Reader: Multiple vulnerabilities\n Date: August 22, 2013\n Bugs: #431732, #451058, #469960\n ID: 201308-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Adobe Reader, including\npotential remote execution of arbitrary code and local privilege\nescalation. \n\nBackground\n==========\n\nAdobe Reader is a closed-source PDF reader. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/acroread \u003c 9.5.5 \u003e= 9.5.5\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Adobe Reader. Please\nreview the CVE identifiers referenced below for details. A local attacker could gain privileges via\nunspecified vectors. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.5.5\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-1525\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525\n[ 2 ] CVE-2012-1530\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530\n[ 3 ] CVE-2012-2049\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049\n[ 4 ] CVE-2012-2050\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050\n[ 5 ] CVE-2012-2051\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051\n[ 6 ] CVE-2012-4147\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147\n[ 7 ] CVE-2012-4148\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748\n[ 8 ] CVE-2012-4149\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149\n[ 9 ] CVE-2012-4150\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150\n[ 10 ] CVE-2012-4151\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151\n[ 11 ] CVE-2012-4152\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152\n[ 12 ] CVE-2012-4153\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153\n[ 13 ] CVE-2012-4154\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154\n[ 14 ] CVE-2012-4155\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155\n[ 15 ] CVE-2012-4156\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156\n[ 16 ] CVE-2012-4157\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157\n[ 17 ] CVE-2012-4158\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158\n[ 18 ] CVE-2012-4159\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159\n[ 19 ] CVE-2012-4160\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160\n[ 20 ] CVE-2012-4363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363\n[ 21 ] CVE-2013-0601\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601\n[ 22 ] CVE-2013-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602\n[ 23 ] CVE-2013-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603\n[ 24 ] CVE-2013-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604\n[ 25 ] CVE-2013-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605\n[ 26 ] CVE-2013-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606\n[ 27 ] CVE-2013-0607\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607\n[ 28 ] CVE-2013-0608\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608\n[ 29 ] CVE-2013-0609\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609\n[ 30 ] CVE-2013-0610\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610\n[ 31 ] CVE-2013-0611\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611\n[ 32 ] CVE-2013-0612\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612\n[ 33 ] CVE-2013-0613\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613\n[ 34 ] CVE-2013-0614\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614\n[ 35 ] CVE-2013-0615\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615\n[ 36 ] CVE-2013-0616\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616\n[ 37 ] CVE-2013-0617\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617\n[ 38 ] CVE-2013-0618\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618\n[ 39 ] CVE-2013-0619\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619\n[ 40 ] CVE-2013-0620\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620\n[ 41 ] CVE-2013-0621\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621\n[ 42 ] CVE-2013-0622\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622\n[ 43 ] CVE-2013-0623\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623\n[ 44 ] CVE-2013-0624\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624\n[ 45 ] CVE-2013-0626\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626\n[ 46 ] CVE-2013-0627\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627\n[ 47 ] CVE-2013-0640\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640\n[ 48 ] CVE-2013-0641\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641\n[ 49 ] CVE-2013-2549\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549\n[ 50 ] CVE-2013-2550\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550\n[ 51 ] CVE-2013-2718\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718\n[ 52 ] CVE-2013-2719\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719\n[ 53 ] CVE-2013-2720\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720\n[ 54 ] CVE-2013-2721\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721\n[ 55 ] CVE-2013-2722\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722\n[ 56 ] CVE-2013-2723\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723\n[ 57 ] CVE-2013-2724\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724\n[ 58 ] CVE-2013-2725\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725\n[ 59 ] CVE-2013-2726\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726\n[ 60 ] CVE-2013-2727\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727\n[ 61 ] CVE-2013-2729\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729\n[ 62 ] CVE-2013-2730\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730\n[ 63 ] CVE-2013-2731\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731\n[ 64 ] CVE-2013-2732\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732\n[ 65 ] CVE-2013-2733\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733\n[ 66 ] CVE-2013-2734\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734\n[ 67 ] CVE-2013-2735\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735\n[ 68 ] CVE-2013-2736\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736\n[ 69 ] CVE-2013-2737\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737\n[ 70 ] CVE-2013-3337\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337\n[ 71 ] CVE-2013-3338\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338\n[ 72 ] CVE-2013-3339\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339\n[ 73 ] CVE-2013-3340\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340\n[ 74 ] CVE-2013-3341\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341\n[ 75 ] CVE-2013-3342\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201308-03.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ----------------------------------------------------------------------\n\nThe new Secunia CSI 6.0 is now available in beta!\nSeamless integration with your existing security solutions Sign-up to \nbecome a Beta tester: http://secunia.com/csi6beta\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50281\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50281/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nRELEASE DATE:\n2012-08-14\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50281/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50281/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader and Adobe\nAcrobat, which can be exploited by malicious people to compromise a\nuser\u0027s system. \n\n1) An unspecified error can be exploited to cause a stack-based\nbuffer overflow. \n\n2) An unspecified error can be exploited to cause a buffer overflow. \n\n3) An unspecified error can be exploited to corrupt memory. \n\n4) Another unspecified error can be exploited to corrupt memory. \n\n5) Another unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to cause a heap-based buffer\noverflow. \n\n7) Multiple unspecified errors can be exploited to corrupt memory. \n\n8) Two unspecified errors can be exploited to corrupt memory. \n\nNote: Vulnerability #8 affects the Macintosh platform only. \n\nSuccessful exploitation of the vulnerabilities may allow execution of\narbitrary code. \n\nSOLUTION:\nApply updates. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1) Pavel Polischouk, TELUS Security Labs\n2) An anonymous person via Beyond Security\n3) Mateusz Jurczyk, Google Security Team\n4, 8) James Quirk\n5) John Leitch, Microsoft\n6) Nicolas Gr\\xe9goire via iDefense\n7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team\n\nORIGINAL ADVISORY:\nhttp://www.adobe.com/support/security/bulletins/apsb12-16.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4154"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003642"
},
{
"db": "BID",
"id": "55015"
},
{
"db": "VULHUB",
"id": "VHN-57435"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-4154",
"trust": 2.9
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003642",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201208-253",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "50281",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "20340",
"trust": 0.6
},
{
"db": "BID",
"id": "55015",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-57435",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "122930",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "115524",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57435"
},
{
"db": "BID",
"id": "55015"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003642"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-253"
},
{
"db": "NVD",
"id": "CVE-2012-4154"
}
]
},
"id": "VAR-201208-0442",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-57435"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:07:26.700000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"title": "APSB12-16 (cq08100817)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/acrobat/kb/cq08100817.html"
},
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb12-16.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20120816.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003642"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57435"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003642"
},
{
"db": "NVD",
"id": "CVE-2012-4154"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"trust": 1.2,
"url": "http://security.gentoo.org/glsa/glsa-201308-03.xml"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a15479"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4154"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2012/at120023.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4154"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50281"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/20340"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3338"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4147"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4155"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4152"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2729"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2718"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0611"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2719"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2722"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4147"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4152"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0620"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2725"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2721"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1525"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4153"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0607"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0617"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4151"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0615"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0601"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1525"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2735"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2726"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2737"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2549"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4154"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2727"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0608"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4157"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1530"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2734"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4157"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4153"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4150"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3342"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0641"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0610"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2731"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0623"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2049"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2733"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2736"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3337"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2050"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2720"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0614"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1530"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2730"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0616"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4151"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0619"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4150"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4154"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3341"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2550"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0640"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4155"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2049"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2732"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2724"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0612"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0613"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2723"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2050"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0621"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0601"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/"
},
{
"trust": 0.1,
"url": "http://secunia.com/csi6beta"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57435"
},
{
"db": "BID",
"id": "55015"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003642"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-253"
},
{
"db": "NVD",
"id": "CVE-2012-4154"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-57435"
},
{
"db": "BID",
"id": "55015"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003642"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-253"
},
{
"db": "NVD",
"id": "CVE-2012-4154"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-15T00:00:00",
"db": "VULHUB",
"id": "VHN-57435"
},
{
"date": "2012-08-14T00:00:00",
"db": "BID",
"id": "55015"
},
{
"date": "2012-08-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003642"
},
{
"date": "2013-08-23T06:29:02",
"db": "PACKETSTORM",
"id": "122930"
},
{
"date": "2012-08-14T04:36:45",
"db": "PACKETSTORM",
"id": "115524"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-253"
},
{
"date": "2012-08-15T10:31:41.477000",
"db": "NVD",
"id": "CVE-2012-4154"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-57435"
},
{
"date": "2013-08-26T00:16:00",
"db": "BID",
"id": "55015"
},
{
"date": "2012-08-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003642"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-253"
},
{
"date": "2017-09-19T01:35:16.933000",
"db": "NVD",
"id": "CVE-2012-4154"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-253"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X upper Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003642"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-253"
}
],
"trust": 0.6
}
}
var-201505-0290
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3046, CVE-2015-3049, CVE-2015-3050, CVE-2015-3051, CVE-2015-3052, CVE-2015-3056, CVE-2015-3070, and CVE-2015-3076. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of Doc objects. The issue lies in the failure to properly initialize a variable prior to using it, leading to memory corruption. Adobe Reader and Acrobat are prone to multiple memory-corruption vulnerabilities. Failed exploit attempts will likely result in denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201505-0290",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-210"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002635"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-170"
},
{
"db": "NVD",
"id": "CVE-2015-3057"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002635"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-210"
}
],
"trust": 0.7
},
"cve": "CVE-2015-3057",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3057",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-3057",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-81018",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3057",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-3057",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-3057",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-170",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-81018",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-210"
},
{
"db": "VULHUB",
"id": "VHN-81018"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002635"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-170"
},
{
"db": "NVD",
"id": "CVE-2015-3057"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3046, CVE-2015-3049, CVE-2015-3050, CVE-2015-3051, CVE-2015-3052, CVE-2015-3056, CVE-2015-3070, and CVE-2015-3076. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of Doc objects. The issue lies in the failure to properly initialize a variable prior to using it, leading to memory corruption. Adobe Reader and Acrobat are prone to multiple memory-corruption vulnerabilities. Failed exploit attempts will likely result in denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3057"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002635"
},
{
"db": "ZDI",
"id": "ZDI-15-210"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "VULHUB",
"id": "VHN-81018"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3057",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-210",
"trust": 1.8
},
{
"db": "BID",
"id": "74600",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1032284",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002635",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2713",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201505-170",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-81018",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-210"
},
{
"db": "VULHUB",
"id": "VHN-81018"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002635"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-170"
},
{
"db": "NVD",
"id": "CVE-2015-3057"
}
]
},
"id": "VAR-201505-0290",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81018"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:34:03.117000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-10",
"trust": 1.5,
"url": "http://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb15-10.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150514.html"
},
{
"title": "AdbeRdrUpd11011",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55535"
},
{
"title": "AcrobatUpd11011",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55539"
},
{
"title": "AdbeRdrUpd10114",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55534"
},
{
"title": "AcrobatUpd10114",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55538"
},
{
"title": "AdbeRdrUpd11011",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55533"
},
{
"title": "AcrobatUpd11011",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55537"
},
{
"title": "AdbeRdrUpd10114",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55532"
},
{
"title": "AcrobatUpd10114",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55536"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-210"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002635"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-170"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81018"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002635"
},
{
"db": "NVD",
"id": "CVE-2015-3057"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/74600"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-210"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032284"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3057"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150513-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3057"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=16279"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-210"
},
{
"db": "VULHUB",
"id": "VHN-81018"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002635"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-170"
},
{
"db": "NVD",
"id": "CVE-2015-3057"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-210"
},
{
"db": "VULHUB",
"id": "VHN-81018"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002635"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-170"
},
{
"db": "NVD",
"id": "CVE-2015-3057"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-210"
},
{
"date": "2015-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-81018"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74600"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002635"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-170"
},
{
"date": "2015-05-13T10:59:52.903000",
"db": "NVD",
"id": "CVE-2015-3057"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-210"
},
{
"date": "2017-01-03T00:00:00",
"db": "VULHUB",
"id": "VHN-81018"
},
{
"date": "2015-07-15T01:02:00",
"db": "BID",
"id": "74600"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002635"
},
{
"date": "2015-05-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-170"
},
{
"date": "2017-01-03T19:46:38.063000",
"db": "NVD",
"id": "CVE-2015-3057"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-170"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002635"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-170"
}
],
"trust": 0.6
}
}
var-201505-0297
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3068, CVE-2015-3069, CVE-2015-3072, CVE-2015-3073, and CVE-2015-3074. This vulnerability CVE-2015-3060 , CVE-2015-3061 , CVE-2015-3062 , CVE-2015-3063 , CVE-2015-3064 , CVE-2015-3065 , CVE-2015-3066 , CVE-2015-3067 , CVE-2015-3068 , CVE-2015-3069 , CVE-2015-3072 , CVE-2015-3073 and CVE-2015-3074 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlBy the attacker, JavaScript API May limit the execution limit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within WDAnnotEnumerator. By creating a specially crafted PDF with specific JavaScript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Reader and Acrobat are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201505-0297",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-195"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002649"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-184"
},
{
"db": "NVD",
"id": "CVE-2015-3071"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002649"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-195"
}
],
"trust": 0.7
},
"cve": "CVE-2015-3071",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3071",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-3071",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-81032",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3071",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-3071",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-3071",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-184",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-81032",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-195"
},
{
"db": "VULHUB",
"id": "VHN-81032"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002649"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-184"
},
{
"db": "NVD",
"id": "CVE-2015-3071"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3068, CVE-2015-3069, CVE-2015-3072, CVE-2015-3073, and CVE-2015-3074. This vulnerability CVE-2015-3060 , CVE-2015-3061 , CVE-2015-3062 , CVE-2015-3063 , CVE-2015-3064 , CVE-2015-3065 , CVE-2015-3066 , CVE-2015-3067 , CVE-2015-3068 , CVE-2015-3069 , CVE-2015-3072 , CVE-2015-3073 and CVE-2015-3074 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlBy the attacker, JavaScript API May limit the execution limit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within WDAnnotEnumerator. By creating a specially crafted PDF with specific JavaScript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Reader and Acrobat are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3071"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002649"
},
{
"db": "ZDI",
"id": "ZDI-15-195"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "VULHUB",
"id": "VHN-81032"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3071",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-195",
"trust": 1.8
},
{
"db": "BID",
"id": "74604",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1032284",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002649",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2663",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201505-184",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-81032",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-195"
},
{
"db": "VULHUB",
"id": "VHN-81032"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002649"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-184"
},
{
"db": "NVD",
"id": "CVE-2015-3071"
}
]
},
"id": "VAR-201505-0297",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81032"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:34:02.782000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-10",
"trust": 1.5,
"url": "http://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb15-10.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150514.html"
},
{
"title": "AdbeRdrUpd10114",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55534"
},
{
"title": "AcrobatUpd10114",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55538"
},
{
"title": "AdbeRdrUpd11011",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55533"
},
{
"title": "AcrobatUpd11011",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55537"
},
{
"title": "AdbeRdrUpd10114",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55532"
},
{
"title": "AcrobatUpd10114",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55536"
},
{
"title": "AdbeRdrUpd11011",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55535"
},
{
"title": "AcrobatUpd11011",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55539"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-195"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002649"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-184"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-284",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81032"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002649"
},
{
"db": "NVD",
"id": "CVE-2015-3071"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/74604"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-195"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032284"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3071"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150513-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3071"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=16279"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-195"
},
{
"db": "VULHUB",
"id": "VHN-81032"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002649"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-184"
},
{
"db": "NVD",
"id": "CVE-2015-3071"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-195"
},
{
"db": "VULHUB",
"id": "VHN-81032"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002649"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-184"
},
{
"db": "NVD",
"id": "CVE-2015-3071"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-195"
},
{
"date": "2015-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-81032"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74604"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002649"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-184"
},
{
"date": "2015-05-13T11:00:05.530000",
"db": "NVD",
"id": "CVE-2015-3071"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-195"
},
{
"date": "2017-01-05T00:00:00",
"db": "VULHUB",
"id": "VHN-81032"
},
{
"date": "2015-05-15T01:17:00",
"db": "BID",
"id": "74604"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002649"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-184"
},
{
"date": "2017-01-05T20:14:46.037000",
"db": "NVD",
"id": "CVE-2015-3071"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-184"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat In JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002649"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "74604"
}
],
"trust": 0.3
}
}
var-201208-0432
Vulnerability from variot
Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE-2012-4150, CVE-2012-4152, CVE-2012-4153, CVE-2012-4154, CVE-2012-4155, CVE-2012-4156, CVE-2012-4157, CVE-2012-4158, CVE-2012-4159, and CVE-2012-4160. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201308-03
http://security.gentoo.org/
Severity: High Title: Adobe Reader: Multiple vulnerabilities Date: August 22, 2013 Bugs: #431732, #451058, #469960 ID: 201308-03
Synopsis
Multiple vulnerabilities have been found in Adobe Reader, including potential remote execution of arbitrary code and local privilege escalation.
Background
Adobe Reader is a closed-source PDF reader.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.5.5 >= 9.5.5
Description
Multiple vulnerabilities have been discovered in Adobe Reader. Please review the CVE identifiers referenced below for details. A local attacker could gain privileges via unspecified vectors.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.5.5"
References
[ 1 ] CVE-2012-1525 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525 [ 2 ] CVE-2012-1530 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530 [ 3 ] CVE-2012-2049 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049 [ 4 ] CVE-2012-2050 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050 [ 5 ] CVE-2012-2051 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051 [ 6 ] CVE-2012-4147 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147 [ 7 ] CVE-2012-4148 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748 [ 8 ] CVE-2012-4149 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149 [ 9 ] CVE-2012-4150 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150 [ 10 ] CVE-2012-4151 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151 [ 11 ] CVE-2012-4152 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152 [ 12 ] CVE-2012-4153 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153 [ 13 ] CVE-2012-4154 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154 [ 14 ] CVE-2012-4155 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155 [ 15 ] CVE-2012-4156 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156 [ 16 ] CVE-2012-4157 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157 [ 17 ] CVE-2012-4158 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158 [ 18 ] CVE-2012-4159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159 [ 19 ] CVE-2012-4160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160 [ 20 ] CVE-2012-4363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363 [ 21 ] CVE-2013-0601 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601 [ 22 ] CVE-2013-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602 [ 23 ] CVE-2013-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603 [ 24 ] CVE-2013-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604 [ 25 ] CVE-2013-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605 [ 26 ] CVE-2013-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606 [ 27 ] CVE-2013-0607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607 [ 28 ] CVE-2013-0608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608 [ 29 ] CVE-2013-0609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609 [ 30 ] CVE-2013-0610 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610 [ 31 ] CVE-2013-0611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611 [ 32 ] CVE-2013-0612 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612 [ 33 ] CVE-2013-0613 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613 [ 34 ] CVE-2013-0614 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614 [ 35 ] CVE-2013-0615 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615 [ 36 ] CVE-2013-0616 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616 [ 37 ] CVE-2013-0617 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617 [ 38 ] CVE-2013-0618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618 [ 39 ] CVE-2013-0619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619 [ 40 ] CVE-2013-0620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620 [ 41 ] CVE-2013-0621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621 [ 42 ] CVE-2013-0622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622 [ 43 ] CVE-2013-0623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623 [ 44 ] CVE-2013-0624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624 [ 45 ] CVE-2013-0626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626 [ 46 ] CVE-2013-0627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627 [ 47 ] CVE-2013-0640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640 [ 48 ] CVE-2013-0641 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641 [ 49 ] CVE-2013-2549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549 [ 50 ] CVE-2013-2550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550 [ 51 ] CVE-2013-2718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718 [ 52 ] CVE-2013-2719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719 [ 53 ] CVE-2013-2720 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720 [ 54 ] CVE-2013-2721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721 [ 55 ] CVE-2013-2722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722 [ 56 ] CVE-2013-2723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723 [ 57 ] CVE-2013-2724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724 [ 58 ] CVE-2013-2725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725 [ 59 ] CVE-2013-2726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726 [ 60 ] CVE-2013-2727 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727 [ 61 ] CVE-2013-2729 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729 [ 62 ] CVE-2013-2730 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730 [ 63 ] CVE-2013-2731 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731 [ 64 ] CVE-2013-2732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732 [ 65 ] CVE-2013-2733 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733 [ 66 ] CVE-2013-2734 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734 [ 67 ] CVE-2013-2735 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735 [ 68 ] CVE-2013-2736 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736 [ 69 ] CVE-2013-2737 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737 [ 70 ] CVE-2013-3337 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337 [ 71 ] CVE-2013-3338 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338 [ 72 ] CVE-2013-3339 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339 [ 73 ] CVE-2013-3340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340 [ 74 ] CVE-2013-3341 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341 [ 75 ] CVE-2013-3342 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201308-03.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . ----------------------------------------------------------------------
The new Secunia CSI 6.0 is now available in beta! Seamless integration with your existing security solutions Sign-up to become a Beta tester: http://secunia.com/csi6beta
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50281
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50281/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
RELEASE DATE: 2012-08-14
DISCUSS ADVISORY: http://secunia.com/advisories/50281/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50281/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50281
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.
1) An unspecified error can be exploited to cause a stack-based buffer overflow.
2) An unspecified error can be exploited to cause a buffer overflow.
3) An unspecified error can be exploited to corrupt memory.
4) Another unspecified error can be exploited to corrupt memory.
5) Another unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to cause a heap-based buffer overflow.
7) Multiple unspecified errors can be exploited to corrupt memory.
8) Two unspecified errors can be exploited to corrupt memory.
Note: Vulnerability #8 affects the Macintosh platform only.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
SOLUTION: Apply updates.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1) Pavel Polischouk, TELUS Security Labs 2) An anonymous person via Beyond Security 3) Mateusz Jurczyk, Google Security Team 4, 8) James Quirk 5) John Leitch, Microsoft 6) Nicolas Gr\xe9goire via iDefense 7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team
ORIGINAL ADVISORY: http://www.adobe.com/support/security/bulletins/apsb12-16.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201208-0432",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (windows and macintosh)"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.5.1 9.x (windows and macintosh)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.3) 10.x (windows and macintosh)"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "55010"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003639"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-250"
},
{
"db": "NVD",
"id": "CVE-2012-4151"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003639"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mateusz Jurczyk and Gynvael Coldwind, of the Google Security Team",
"sources": [
{
"db": "BID",
"id": "55010"
}
],
"trust": 0.3
},
"cve": "CVE-2012-4151",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2012-4151",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-57432",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-4151",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2012-4151",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201208-250",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-57432",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2012-4151",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57432"
},
{
"db": "VULMON",
"id": "CVE-2012-4151"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003639"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-250"
},
{
"db": "NVD",
"id": "CVE-2012-4151"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE-2012-4150, CVE-2012-4152, CVE-2012-4153, CVE-2012-4154, CVE-2012-4155, CVE-2012-4156, CVE-2012-4157, CVE-2012-4158, CVE-2012-4159, and CVE-2012-4160. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201308-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Adobe Reader: Multiple vulnerabilities\n Date: August 22, 2013\n Bugs: #431732, #451058, #469960\n ID: 201308-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Adobe Reader, including\npotential remote execution of arbitrary code and local privilege\nescalation. \n\nBackground\n==========\n\nAdobe Reader is a closed-source PDF reader. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/acroread \u003c 9.5.5 \u003e= 9.5.5\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Adobe Reader. Please\nreview the CVE identifiers referenced below for details. A local attacker could gain privileges via\nunspecified vectors. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.5.5\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-1525\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1525\n[ 2 ] CVE-2012-1530\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1530\n[ 3 ] CVE-2012-2049\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2049\n[ 4 ] CVE-2012-2050\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2050\n[ 5 ] CVE-2012-2051\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2051\n[ 6 ] CVE-2012-4147\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4147\n[ 7 ] CVE-2012-4148\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4748\n[ 8 ] CVE-2012-4149\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4149\n[ 9 ] CVE-2012-4150\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4150\n[ 10 ] CVE-2012-4151\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4151\n[ 11 ] CVE-2012-4152\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4152\n[ 12 ] CVE-2012-4153\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4153\n[ 13 ] CVE-2012-4154\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4154\n[ 14 ] CVE-2012-4155\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4155\n[ 15 ] CVE-2012-4156\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4156\n[ 16 ] CVE-2012-4157\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4157\n[ 17 ] CVE-2012-4158\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4158\n[ 18 ] CVE-2012-4159\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4159\n[ 19 ] CVE-2012-4160\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4160\n[ 20 ] CVE-2012-4363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4363\n[ 21 ] CVE-2013-0601\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0601\n[ 22 ] CVE-2013-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0602\n[ 23 ] CVE-2013-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0603\n[ 24 ] CVE-2013-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0604\n[ 25 ] CVE-2013-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0605\n[ 26 ] CVE-2013-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0606\n[ 27 ] CVE-2013-0607\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0607\n[ 28 ] CVE-2013-0608\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0608\n[ 29 ] CVE-2013-0609\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0609\n[ 30 ] CVE-2013-0610\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0610\n[ 31 ] CVE-2013-0611\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0611\n[ 32 ] CVE-2013-0612\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0612\n[ 33 ] CVE-2013-0613\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0613\n[ 34 ] CVE-2013-0614\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0614\n[ 35 ] CVE-2013-0615\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0615\n[ 36 ] CVE-2013-0616\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0616\n[ 37 ] CVE-2013-0617\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0617\n[ 38 ] CVE-2013-0618\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0618\n[ 39 ] CVE-2013-0619\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0619\n[ 40 ] CVE-2013-0620\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0620\n[ 41 ] CVE-2013-0621\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0621\n[ 42 ] CVE-2013-0622\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0622\n[ 43 ] CVE-2013-0623\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0623\n[ 44 ] CVE-2013-0624\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0624\n[ 45 ] CVE-2013-0626\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0626\n[ 46 ] CVE-2013-0627\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0627\n[ 47 ] CVE-2013-0640\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0640\n[ 48 ] CVE-2013-0641\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0641\n[ 49 ] CVE-2013-2549\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2549\n[ 50 ] CVE-2013-2550\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2550\n[ 51 ] CVE-2013-2718\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2718\n[ 52 ] CVE-2013-2719\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2719\n[ 53 ] CVE-2013-2720\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2720\n[ 54 ] CVE-2013-2721\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2721\n[ 55 ] CVE-2013-2722\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2722\n[ 56 ] CVE-2013-2723\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2723\n[ 57 ] CVE-2013-2724\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2724\n[ 58 ] CVE-2013-2725\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2725\n[ 59 ] CVE-2013-2726\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2726\n[ 60 ] CVE-2013-2727\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2727\n[ 61 ] CVE-2013-2729\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2729\n[ 62 ] CVE-2013-2730\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2730\n[ 63 ] CVE-2013-2731\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2731\n[ 64 ] CVE-2013-2732\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2732\n[ 65 ] CVE-2013-2733\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2733\n[ 66 ] CVE-2013-2734\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2734\n[ 67 ] CVE-2013-2735\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2735\n[ 68 ] CVE-2013-2736\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2736\n[ 69 ] CVE-2013-2737\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2737\n[ 70 ] CVE-2013-3337\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3337\n[ 71 ] CVE-2013-3338\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3338\n[ 72 ] CVE-2013-3339\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3339\n[ 73 ] CVE-2013-3340\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3340\n[ 74 ] CVE-2013-3341\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3341\n[ 75 ] CVE-2013-3342\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3342\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201308-03.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ----------------------------------------------------------------------\n\nThe new Secunia CSI 6.0 is now available in beta!\nSeamless integration with your existing security solutions Sign-up to \nbecome a Beta tester: http://secunia.com/csi6beta\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50281\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50281/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nRELEASE DATE:\n2012-08-14\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50281/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50281/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader and Adobe\nAcrobat, which can be exploited by malicious people to compromise a\nuser\u0027s system. \n\n1) An unspecified error can be exploited to cause a stack-based\nbuffer overflow. \n\n2) An unspecified error can be exploited to cause a buffer overflow. \n\n3) An unspecified error can be exploited to corrupt memory. \n\n4) Another unspecified error can be exploited to corrupt memory. \n\n5) Another unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to cause a heap-based buffer\noverflow. \n\n7) Multiple unspecified errors can be exploited to corrupt memory. \n\n8) Two unspecified errors can be exploited to corrupt memory. \n\nNote: Vulnerability #8 affects the Macintosh platform only. \n\nSuccessful exploitation of the vulnerabilities may allow execution of\narbitrary code. \n\nSOLUTION:\nApply updates. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1) Pavel Polischouk, TELUS Security Labs\n2) An anonymous person via Beyond Security\n3) Mateusz Jurczyk, Google Security Team\n4, 8) James Quirk\n5) John Leitch, Microsoft\n6) Nicolas Gr\\xe9goire via iDefense\n7) Mateusz Jurczyk and Gynvael Coldwind, Google Security Team\n\nORIGINAL ADVISORY:\nhttp://www.adobe.com/support/security/bulletins/apsb12-16.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4151"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003639"
},
{
"db": "BID",
"id": "55010"
},
{
"db": "VULHUB",
"id": "VHN-57432"
},
{
"db": "VULMON",
"id": "CVE-2012-4151"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-4151",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003639",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "50281",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "20344",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201208-250",
"trust": 0.6
},
{
"db": "BID",
"id": "55010",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-57432",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2012-4151",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "122930",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "115524",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57432"
},
{
"db": "VULMON",
"id": "CVE-2012-4151"
},
{
"db": "BID",
"id": "55010"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003639"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-250"
},
{
"db": "NVD",
"id": "CVE-2012-4151"
}
]
},
"id": "VAR-201208-0432",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-57432"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:10:03.437000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"title": "APSB12-16 (cq08100817)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/acrobat/kb/cq08100817.html"
},
{
"title": "APSB12-16",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb12-16.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20120816.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003639"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57432"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003639"
},
{
"db": "NVD",
"id": "CVE-2012-4151"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
},
{
"trust": 1.3,
"url": "http://security.gentoo.org/glsa/glsa-201308-03.xml"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16243"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4151"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2012/at120023.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4151"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50281"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/20344"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3338"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4147"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4155"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0626"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4152"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2729"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2718"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0611"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2719"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2722"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4147"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4152"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0620"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2725"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2721"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1525"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4153"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0607"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0617"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4151"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0615"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0601"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1525"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2735"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0618"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2726"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2737"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2549"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4154"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2727"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0608"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0602"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4157"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1530"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0622"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2734"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4157"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4153"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4150"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4156"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3342"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0641"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0610"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2731"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0623"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2049"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4149"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2733"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2736"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4748"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3337"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2050"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2720"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0614"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1530"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2730"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0616"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4151"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0608"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0619"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4150"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4154"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0609"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3341"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2550"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0604"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0640"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4155"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2049"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2732"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2724"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0612"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0613"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2723"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2050"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0621"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0601"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50281/"
},
{
"trust": 0.1,
"url": "http://secunia.com/csi6beta"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50281"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57432"
},
{
"db": "VULMON",
"id": "CVE-2012-4151"
},
{
"db": "BID",
"id": "55010"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003639"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-250"
},
{
"db": "NVD",
"id": "CVE-2012-4151"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-57432"
},
{
"db": "VULMON",
"id": "CVE-2012-4151"
},
{
"db": "BID",
"id": "55010"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003639"
},
{
"db": "PACKETSTORM",
"id": "122930"
},
{
"db": "PACKETSTORM",
"id": "115524"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-250"
},
{
"db": "NVD",
"id": "CVE-2012-4151"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-15T00:00:00",
"db": "VULHUB",
"id": "VHN-57432"
},
{
"date": "2012-08-15T00:00:00",
"db": "VULMON",
"id": "CVE-2012-4151"
},
{
"date": "2012-08-14T00:00:00",
"db": "BID",
"id": "55010"
},
{
"date": "2012-08-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003639"
},
{
"date": "2013-08-23T06:29:02",
"db": "PACKETSTORM",
"id": "122930"
},
{
"date": "2012-08-14T04:36:45",
"db": "PACKETSTORM",
"id": "115524"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-250"
},
{
"date": "2012-08-15T10:31:41.350000",
"db": "NVD",
"id": "CVE-2012-4151"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-57432"
},
{
"date": "2017-09-19T00:00:00",
"db": "VULMON",
"id": "CVE-2012-4151"
},
{
"date": "2013-08-26T06:14:00",
"db": "BID",
"id": "55010"
},
{
"date": "2012-08-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003639"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-250"
},
{
"date": "2017-09-19T01:35:16.713000",
"db": "NVD",
"id": "CVE-2012-4151"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-250"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X upper Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003639"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-250"
}
],
"trust": 0.6
}
}
var-201412-0506
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow remote attackers to bypass the Same Origin Policy via unspecified vectors. Adobe Reader and Acrobat are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain same-origin policy restrictions, which may aid in further attacks. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201412-0506",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.02"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.06"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.01"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.03"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.07"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.04"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.13)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.13)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.10)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.10)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "71557"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005928"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-228"
},
{
"db": "NVD",
"id": "CVE-2014-8453"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005928"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alex Inf\u00fchr of Cure53.de",
"sources": [
{
"db": "BID",
"id": "71557"
}
],
"trust": 0.3
},
"cve": "CVE-2014-8453",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-8453",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-76398",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-8453",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-8453",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201412-228",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-76398",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76398"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005928"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-228"
},
{
"db": "NVD",
"id": "CVE-2014-8453"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow remote attackers to bypass the Same Origin Policy via unspecified vectors. Adobe Reader and Acrobat are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain same-origin policy restrictions, which may aid in further attacks. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8453"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005928"
},
{
"db": "BID",
"id": "71557"
},
{
"db": "VULHUB",
"id": "VHN-76398"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-8453",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005928",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201412-228",
"trust": 0.7
},
{
"db": "BID",
"id": "71557",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-76398",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76398"
},
{
"db": "BID",
"id": "71557"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005928"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-228"
},
{
"db": "NVD",
"id": "CVE-2014-8453"
}
]
},
"id": "VAR-201412-0506",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-76398"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T15:39:55.388000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb14-28.html"
},
{
"title": "AcrobatUpd11010",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52693"
},
{
"title": "AcrobatUpd10113",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52692"
},
{
"title": "AdbeRdrUpd11010",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52691"
},
{
"title": "AdbeRdrUpd10113",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52690"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005928"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-228"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76398"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005928"
},
{
"db": "NVD",
"id": "CVE-2014-8453"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8453"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20141210-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140053.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8453"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=15071"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/reader/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76398"
},
{
"db": "BID",
"id": "71557"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005928"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-228"
},
{
"db": "NVD",
"id": "CVE-2014-8453"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-76398"
},
{
"db": "BID",
"id": "71557"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005928"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-228"
},
{
"db": "NVD",
"id": "CVE-2014-8453"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-10T00:00:00",
"db": "VULHUB",
"id": "VHN-76398"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71557"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005928"
},
{
"date": "2014-12-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-228"
},
{
"date": "2014-12-10T21:59:24.383000",
"db": "NVD",
"id": "CVE-2014-8453"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-76398"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71557"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005928"
},
{
"date": "2014-12-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-228"
},
{
"date": "2014-12-12T01:26:15.370000",
"db": "NVD",
"id": "CVE-2014-8453"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-228"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerabilities that bypass the same origin policy",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005928"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-228"
}
],
"trust": 0.6
}
}
var-201505-0312
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073, and CVE-2015-3074. This vulnerability CVE-2015-3060 , CVE-2015-3062 , CVE-2015-3063 , CVE-2015-3064 , CVE-2015-3065 , CVE-2015-3066 , CVE-2015-3067 , CVE-2015-3068 , CVE-2015-3069 , CVE-2015-3071 , CVE-2015-3072 , CVE-2015-3073 and CVE-2015-3074 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlBy the attacker, JavaScript API May limit the execution limit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the ANMatchString method. By creating a specially crafted PDF with specific JavaScript instructions, it is possible to bypass the JavaScript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Reader and Acrobat are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201505-0312",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-206"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002639"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-174"
},
{
"db": "NVD",
"id": "CVE-2015-3061"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002639"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Brian Gorenc - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-206"
}
],
"trust": 0.7
},
"cve": "CVE-2015-3061",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3061",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-3061",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-81022",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3061",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-3061",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-3061",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-174",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-81022",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-206"
},
{
"db": "VULHUB",
"id": "VHN-81022"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002639"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-174"
},
{
"db": "NVD",
"id": "CVE-2015-3061"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073, and CVE-2015-3074. This vulnerability CVE-2015-3060 , CVE-2015-3062 , CVE-2015-3063 , CVE-2015-3064 , CVE-2015-3065 , CVE-2015-3066 , CVE-2015-3067 , CVE-2015-3068 , CVE-2015-3069 , CVE-2015-3071 , CVE-2015-3072 , CVE-2015-3073 and CVE-2015-3074 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlBy the attacker, JavaScript API May limit the execution limit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the ANMatchString method. By creating a specially crafted PDF with specific JavaScript instructions, it is possible to bypass the JavaScript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Reader and Acrobat are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3061"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002639"
},
{
"db": "ZDI",
"id": "ZDI-15-206"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "VULHUB",
"id": "VHN-81022"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3061",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-206",
"trust": 1.8
},
{
"db": "BID",
"id": "74604",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1032284",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002639",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2704",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201505-174",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-81022",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-206"
},
{
"db": "VULHUB",
"id": "VHN-81022"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002639"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-174"
},
{
"db": "NVD",
"id": "CVE-2015-3061"
}
]
},
"id": "VAR-201505-0312",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81022"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:34:02.898000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-10",
"trust": 1.5,
"url": "http://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb15-10.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150514.html"
},
{
"title": "AdbeRdrUpd10114",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55534"
},
{
"title": "AcrobatUpd10114",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55538"
},
{
"title": "AdbeRdrUpd11011",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55533"
},
{
"title": "AcrobatUpd11011",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55537"
},
{
"title": "AdbeRdrUpd10114",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55532"
},
{
"title": "AcrobatUpd10114",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55536"
},
{
"title": "AdbeRdrUpd11011",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55535"
},
{
"title": "AcrobatUpd11011",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=55539"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-206"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002639"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-174"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-284",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81022"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002639"
},
{
"db": "NVD",
"id": "CVE-2015-3061"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/74604"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-206"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032284"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3061"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150513-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3061"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=16279"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-206"
},
{
"db": "VULHUB",
"id": "VHN-81022"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002639"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-174"
},
{
"db": "NVD",
"id": "CVE-2015-3061"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-206"
},
{
"db": "VULHUB",
"id": "VHN-81022"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002639"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-174"
},
{
"db": "NVD",
"id": "CVE-2015-3061"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-206"
},
{
"date": "2015-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-81022"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74604"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002639"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-174"
},
{
"date": "2015-05-13T10:59:56.357000",
"db": "NVD",
"id": "CVE-2015-3061"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-206"
},
{
"date": "2017-01-05T00:00:00",
"db": "VULHUB",
"id": "VHN-81022"
},
{
"date": "2015-05-15T01:17:00",
"db": "BID",
"id": "74604"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002639"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-174"
},
{
"date": "2017-01-05T19:53:23.940000",
"db": "NVD",
"id": "CVE-2015-3061"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-174"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat In JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002639"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "74604"
}
],
"trust": 0.3
}
}
var-201510-0366
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2015-5583, CVE-2015-6705, and CVE-2015-7624. This vulnerability CVE-2015-5583 , CVE-2015-6705 ,and CVE-2015-7624 Is a different vulnerability.An attacker could bypass access restrictions and obtain important information. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Security flaws exist in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0366",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "BID",
"id": "77070"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005263"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-219"
},
{
"db": "NVD",
"id": "CVE-2015-6706"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005263"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Joel Brewer, Alex Inf\u00fchr of Cure53.de, AbdulAziz Hariri and Jasiel Spelman of HP Zero Day Initiative",
"sources": [
{
"db": "BID",
"id": "77070"
}
],
"trust": 0.3
},
"cve": "CVE-2015-6706",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-6706",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-84667",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6706",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6706",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-219",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-84667",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84667"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005263"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-219"
},
{
"db": "NVD",
"id": "CVE-2015-6706"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2015-5583, CVE-2015-6705, and CVE-2015-7624. This vulnerability CVE-2015-5583 , CVE-2015-6705 ,and CVE-2015-7624 Is a different vulnerability.An attacker could bypass access restrictions and obtain important information. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Security flaws exist in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6706"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005263"
},
{
"db": "BID",
"id": "77070"
},
{
"db": "VULHUB",
"id": "VHN-84667"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6706",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005263",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201510-219",
"trust": 0.7
},
{
"db": "BID",
"id": "77070",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84667",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84667"
},
{
"db": "BID",
"id": "77070"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005263"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-219"
},
{
"db": "NVD",
"id": "CVE-2015-6706"
}
]
},
"id": "VAR-201510-0366",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84667"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:36.085000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58068"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005263"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-219"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84667"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005263"
},
{
"db": "NVD",
"id": "CVE-2015-6706"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6706"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6706"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84667"
},
{
"db": "BID",
"id": "77070"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005263"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-219"
},
{
"db": "NVD",
"id": "CVE-2015-6706"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-84667"
},
{
"db": "BID",
"id": "77070"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005263"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-219"
},
{
"db": "NVD",
"id": "CVE-2015-6706"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84667"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77070"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005263"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-219"
},
{
"date": "2015-10-14T23:59:28.397000",
"db": "NVD",
"id": "CVE-2015-6706"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-18T00:00:00",
"db": "VULHUB",
"id": "VHN-84667"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77070"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005263"
},
{
"date": "2020-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-219"
},
{
"date": "2021-09-08T17:19:31.980000",
"db": "NVD",
"id": "CVE-2015-6706"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-219"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to access restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005263"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-219"
}
],
"trust": 0.6
}
}
var-201409-0422
Vulnerability from variot
Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0561. This vulnerability CVE-2014-0561 Is a different vulnerability.An attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the replace() JavaScript function. By creating a specially crafted string followed by a replace call with specific arguments, an attacker can force a heap buffer to overflow. Failed exploit attempts likely result in denial-of-service conditions. Both Adobe Reader and Acrobat are products of the American company Adobe. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201409-0422",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.09)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.12)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.09)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.12)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-323"
},
{
"db": "BID",
"id": "69827"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004245"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-585"
},
{
"db": "NVD",
"id": "CVE-2014-0567"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-004245"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anonymous",
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-323"
}
],
"trust": 0.7
},
"cve": "CVE-2014-0567",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-0567",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2014-0567",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-68060",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-0567",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-0567",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2014-0567",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201409-585",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-68060",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-323"
},
{
"db": "VULHUB",
"id": "VHN-68060"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004245"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-585"
},
{
"db": "NVD",
"id": "CVE-2014-0567"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0561. This vulnerability CVE-2014-0561 Is a different vulnerability.An attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the replace() JavaScript function. By creating a specially crafted string followed by a replace call with specific arguments, an attacker can force a heap buffer to overflow. Failed exploit attempts likely result in denial-of-service conditions. Both Adobe Reader and Acrobat are products of the American company Adobe. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0567"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004245"
},
{
"db": "ZDI",
"id": "ZDI-14-323"
},
{
"db": "BID",
"id": "69827"
},
{
"db": "VULHUB",
"id": "VHN-68060"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0567",
"trust": 3.5
},
{
"db": "BID",
"id": "69827",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1030853",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004245",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2432",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-14-323",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201409-585",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-68060",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-323"
},
{
"db": "VULHUB",
"id": "VHN-68060"
},
{
"db": "BID",
"id": "69827"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004245"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-585"
},
{
"db": "NVD",
"id": "CVE-2014-0567"
}
]
},
"id": "VAR-201409-0422",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-68060"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:53.287000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB14-20",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-20.html"
},
{
"title": "APSB14-20",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb14-20.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20140918.html"
},
{
"title": "Adobe has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "http://t.info.adobesystems.com//r/?id=t35c7e2bc,808fe4f,83a379a"
},
{
"title": "AdbeRdrUpd10112",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51675"
},
{
"title": "AcrobatUpd10112",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51679"
},
{
"title": "AdbeRdrUpd11009",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51674"
},
{
"title": "AcrobatUpd11009",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51678"
},
{
"title": "AdbeRdrUpd10112",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51673"
},
{
"title": "AcrobatUpd10112",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51677"
},
{
"title": "AdbeRdrUpd11009",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51676"
},
{
"title": "AcrobatUpd11009",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51680"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-323"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004245"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-585"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68060"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004245"
},
{
"db": "NVD",
"id": "CVE-2014-0567"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-20.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/69827"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1030853"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95999"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0567"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20140917-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140036.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0567"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=14605"
},
{
"trust": 0.7,
"url": "http://t.info.adobesystems.com//r/?id=t35c7e2bc,808fe4f,83a379a"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-323"
},
{
"db": "VULHUB",
"id": "VHN-68060"
},
{
"db": "BID",
"id": "69827"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004245"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-585"
},
{
"db": "NVD",
"id": "CVE-2014-0567"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-14-323"
},
{
"db": "VULHUB",
"id": "VHN-68060"
},
{
"db": "BID",
"id": "69827"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004245"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-585"
},
{
"db": "NVD",
"id": "CVE-2014-0567"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-09-16T00:00:00",
"db": "ZDI",
"id": "ZDI-14-323"
},
{
"date": "2014-09-17T00:00:00",
"db": "VULHUB",
"id": "VHN-68060"
},
{
"date": "2014-09-16T00:00:00",
"db": "BID",
"id": "69827"
},
{
"date": "2014-09-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-004245"
},
{
"date": "2014-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201409-585"
},
{
"date": "2014-09-17T10:55:06.870000",
"db": "NVD",
"id": "CVE-2014-0567"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-09-16T00:00:00",
"db": "ZDI",
"id": "ZDI-14-323"
},
{
"date": "2017-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-68060"
},
{
"date": "2014-09-17T14:37:00",
"db": "BID",
"id": "69827"
},
{
"date": "2014-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-004245"
},
{
"date": "2014-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201409-585"
},
{
"date": "2017-08-29T01:34:12.840000",
"db": "NVD",
"id": "CVE-2014-0567"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201409-585"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Heap-based buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-004245"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201409-585"
}
],
"trust": 0.6
}
}
var-201510-0048
Vulnerability from variot
The ANAuthenticateResource method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, and CVE-2015-7620. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 ,and CVE-2015-7620 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the ANAuthenticateResource method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the ANAAuthenticateResource method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0048",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-510"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005286"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-248"
},
{
"db": "NVD",
"id": "CVE-2015-7623"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005286"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Matt Molinyawe - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-510"
}
],
"trust": 0.7
},
"cve": "CVE-2015-7623",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-7623",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.7,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-7623",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-85584",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-7623",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-7623",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-7623",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-248",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-85584",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-510"
},
{
"db": "VULHUB",
"id": "VHN-85584"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005286"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-248"
},
{
"db": "NVD",
"id": "CVE-2015-7623"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The ANAuthenticateResource method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, and CVE-2015-7620. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 ,and CVE-2015-7620 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the ANAuthenticateResource method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the ANAAuthenticateResource method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7623"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005286"
},
{
"db": "ZDI",
"id": "ZDI-15-510"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "VULHUB",
"id": "VHN-85584"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-7623",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-510",
"trust": 2.4
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005286",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3117",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-248",
"trust": 0.7
},
{
"db": "BID",
"id": "77074",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-85584",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-510"
},
{
"db": "VULHUB",
"id": "VHN-85584"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005286"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-248"
},
{
"db": "NVD",
"id": "CVE-2015-7623"
}
]
},
"id": "VAR-201510-0048",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-85584"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:32.576000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product Privilege License and Access Control Vulnerability Fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58097"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-510"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005286"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-248"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85584"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005286"
},
{
"db": "NVD",
"id": "CVE-2015-7623"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-510"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7623"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7623"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-510"
},
{
"db": "VULHUB",
"id": "VHN-85584"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005286"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-248"
},
{
"db": "NVD",
"id": "CVE-2015-7623"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-510"
},
{
"db": "VULHUB",
"id": "VHN-85584"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005286"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-248"
},
{
"db": "NVD",
"id": "CVE-2015-7623"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-510"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-85584"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005286"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-248"
},
{
"date": "2015-10-14T23:59:56.840000",
"db": "NVD",
"id": "CVE-2015-7623"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-510"
},
{
"date": "2020-05-19T00:00:00",
"db": "VULHUB",
"id": "VHN-85584"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005286"
},
{
"date": "2020-05-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-248"
},
{
"date": "2021-09-08T17:19:32.680000",
"db": "NVD",
"id": "CVE-2015-7623"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-248"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of ANAuthenticateResource In the method JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005286"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-248"
}
],
"trust": 0.6
}
}
var-201510-0340
Vulnerability from variot
The ANTrustPropagateAll method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the ANTrustPropagateAll method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the ANTrustPropagateAll method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0340",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-497"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005280"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-236"
},
{
"db": "NVD",
"id": "CVE-2015-6723"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005280"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Matt Molinyawe and Jasiel Spelman - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-497"
}
],
"trust": 0.7
},
"cve": "CVE-2015-6723",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6723",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.7,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-6723",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84684",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6723",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6723",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-6723",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-236",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-84684",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-497"
},
{
"db": "VULHUB",
"id": "VHN-84684"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005280"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-236"
},
{
"db": "NVD",
"id": "CVE-2015-6723"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The ANTrustPropagateAll method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the ANTrustPropagateAll method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the ANTrustPropagateAll method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6723"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005280"
},
{
"db": "ZDI",
"id": "ZDI-15-497"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "VULHUB",
"id": "VHN-84684"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6723",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-497",
"trust": 2.4
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005280",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3081",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-236",
"trust": 0.7
},
{
"db": "BID",
"id": "77074",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84684",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-497"
},
{
"db": "VULHUB",
"id": "VHN-84684"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005280"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-236"
},
{
"db": "NVD",
"id": "CVE-2015-6723"
}
]
},
"id": "VAR-201510-0340",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84684"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:36.915000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product Privilege License and Access Control Vulnerability Fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58085"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-497"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005280"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-236"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84684"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005280"
},
{
"db": "NVD",
"id": "CVE-2015-6723"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-497"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6723"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6723"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-497"
},
{
"db": "VULHUB",
"id": "VHN-84684"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005280"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-236"
},
{
"db": "NVD",
"id": "CVE-2015-6723"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-497"
},
{
"db": "VULHUB",
"id": "VHN-84684"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005280"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-236"
},
{
"db": "NVD",
"id": "CVE-2015-6723"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-497"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84684"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005280"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-236"
},
{
"date": "2015-10-14T23:59:44.667000",
"db": "NVD",
"id": "CVE-2015-6723"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-497"
},
{
"date": "2020-05-18T00:00:00",
"db": "VULHUB",
"id": "VHN-84684"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005280"
},
{
"date": "2020-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-236"
},
{
"date": "2021-09-08T17:19:32.410000",
"db": "NVD",
"id": "CVE-2015-6723"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-236"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of ANTrustPropagateAll In the method JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005280"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-236"
}
],
"trust": 0.6
}
}
var-201006-1242
Vulnerability from variot
Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors. Adobe Flash contains a vulnerability in the handling of the ActionScript newfunction instruction, which can allow a remote, unauthenticated attacker to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple remote vulnerabilities.
Attackers can exploit these issues to execute arbitrary code or cause denial-of-service conditions.
Adobe Reader and Acrobat versions prior to and including 9.3.2 and 8.2.2 are affected.
This BID is being retired. The following individual records exist to better document the issues:
41230 Adobe Acrobat and Reader CVE-2010-1295 Remote Memory Corruption Vulnerability
41231 Adobe Acrobat and Reader CoolType Typography Engine Remote Denial of Service Vulnerability
41232 Adobe Acrobat andReader CVE-2010-1285 Remote Code Execution Vulnerability
41234 Adobe Acrobat and Reader CVE-2010-2202 Remote Memory Corruption Vulnerability
41235 Adobe Acrobat and Reader CVE-2010-2203 Remote Memory Corruption Vulnerability
41236 Adobe Acrobat and Reader CVE-2010-2168 Remote Code Execution Vulnerability
41237 Adobe Acrobat and Reader CVE-2010-2201 Remote Code Execution Vulnerability
41238 Adobe Acrobat and Reader CVE-2010-2205 Remote Code Execution Vulnerability
41239 Adobe Acrobat and Reader CVE-2010-2207 Remote Memory Corruption Vulnerability
41240 Adobe Acrobat and Reader CVE-2010-2209 Remote Memory Corruption Vulnerability
41241 Adobe Acrobat and Reader CVE-2010-2206 Remote Code Execution Vulnerability
41242 Adobe Acrobat and Reader CVE-2010-2210 Remote Memory Corruption Vulnerability
41243 Adobe Acrobat and Reader CVE-2010-2211 Remote Memory Corruption Vulnerability
41244 Adobe Acrobat and Reader CVE-2010-2208 Remote Code Execution Vulnerability
41245 Adobe Acrobat and Reader CVE-2010-2212 Remote Memory Corruption Vulnerability.
Attackers can exploit this issue to crash the affected application, denying service to legitimate users. Due to the nature of this issue, arbitrary code-execution may be possible; however this has not been confirmed. Adobe Reader software is the global standard for electronic document sharing. It is the only PDF file viewer that can open and interact with all PDF documents. The issue is triggered when the reader tries to initialize the CoolType Typography Engine (cooltype.dll). This vulnerability also affects and crashes major browsers like: Mozilla Firefox, Opera and Apple Safari. Google Chrome & IE does not crash. Talking about Blended Threat Vulnerabilities ;).
-------------------------------------------------------------------------------- (bd0.e14): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
eax=313100ee ebx=0211a722 ecx=00000031 edx=02e091a4 esi=00017e58 edi=00000000
eip=08075dc2 esp=0012d478 ebp=0012d488 iopl=0 nv up ei pl nz na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010206
CoolType!CTInit+0x2f827:
08075dc2 660fb644322c movzx ax,byte ptr [edx+esi+2Ch] ds:0023:02e21028=??
--------------------------------------------------------------------------------
Tested on: Microsoft Windows XP Professional SP3 (English)Microsoft Windows XP Professional SP2 (English)Microsoft Windows 7 UltimateGNU/Linux Ubuntu Desktop 9.10 (i386) 32-bitGNU/Linux Fedora 10 (Cambridge) / 2.6.27.41-170.2.117.fc10.i686. Remote attackers can cause denial of service or possible execution through unknown vectors. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201009-05
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: September 07, 2010 Bugs: #297385, #306429, #313343, #322857 ID: 201009-05
Synopsis
Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code or other attacks. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.3.4"
References
[ 1 ] APSA10-01 http://www.adobe.com/support/security/advisories/apsa10-01.html [ 2 ] APSB10-02 http://www.adobe.com/support/security/bulletins/apsb10-02.html [ 3 ] APSB10-07 http://www.adobe.com/support/security/bulletins/apsb10-07.html [ 4 ] APSB10-09 http://www.adobe.com/support/security/bulletins/apsb10-09.html [ 5 ] APSB10-14 http://www.adobe.com/support/security/bulletins/apsb10-14.html [ 6 ] APSB10-16 http://www.adobe.com/support/security/bulletins/apsb10-16.html [ 7 ] CVE-2009-3953 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953 [ 8 ] CVE-2009-4324 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324 [ 9 ] CVE-2010-0186 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186 [ 10 ] CVE-2010-0188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188 [ 11 ] CVE-2010-0190 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190 [ 12 ] CVE-2010-0191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191 [ 13 ] CVE-2010-0192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192 [ 14 ] CVE-2010-0193 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193 [ 15 ] CVE-2010-0194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194 [ 16 ] CVE-2010-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195 [ 17 ] CVE-2010-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196 [ 18 ] CVE-2010-0197 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197 [ 19 ] CVE-2010-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198 [ 20 ] CVE-2010-0199 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199 [ 21 ] CVE-2010-0201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201 [ 22 ] CVE-2010-0202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202 [ 23 ] CVE-2010-0203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203 [ 24 ] CVE-2010-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204 [ 25 ] CVE-2010-1241 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241 [ 26 ] CVE-2010-1285 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285 [ 27 ] CVE-2010-1295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295 [ 28 ] CVE-2010-1297 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297 [ 29 ] CVE-2010-2168 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168 [ 30 ] CVE-2010-2201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201 [ 31 ] CVE-2010-2202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202 [ 32 ] CVE-2010-2203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203 [ 33 ] CVE-2010-2204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204 [ 34 ] CVE-2010-2205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205 [ 35 ] CVE-2010-2206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206 [ 36 ] CVE-2010-2207 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207 [ 37 ] CVE-2010-2208 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208 [ 38 ] CVE-2010-2209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209 [ 39 ] CVE-2010-2210 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210 [ 40 ] CVE-2010-2211 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211 [ 41 ] CVE-2010-2212 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201009-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. ----------------------------------------------------------------------
Secunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management
Free webinars
http://secunia.com/vulnerability_scanning/corporate/webinars/
TITLE: Adobe Flash Player Unspecified Code Execution Vulnerability
SECUNIA ADVISORY ID: SA40026
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/40026/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=40026
RELEASE DATE: 2010-06-05
DISCUSS ADVISORY: http://secunia.com/advisories/40026/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/40026/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=40026
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an unspecified error. No more information is currently available.
The vulnerability is reported in version 10.0.45.2 and prior 10.0.x and 9.0.x versions for Windows, Macintosh, Linux, and Solaris.
NOTE: The vulnerability is reportedly being actively exploited.
SOLUTION: Reportedly, the latest version 10.1 Release Candidate is not affected.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day.
ORIGINAL ADVISORY: Adobe: http://www.adobe.com/support/security/advisories/apsa10-01.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA10-159A
Adobe Flash, Reader, and Acrobat Vulnerability
Original release date: June 08, 2010 Last revised: -- Source: US-CERT
Systems Affected
* Adobe Flash Player 10.0.45.2 and earlier 10.x versions
* Adobe Flash Player 9.0.262 and earlier 9.x versions
* Adobe Reader 9.3.2 and earlier 9.x versions
* Adobe Acrobat 9.3.2 and earlier 9.x versions
Other Adobe products that support Flash may also be vulnerable.
Overview
According to Adobe, there is a vulnerability in Adobe Flash. This vulnerability affects Flash Player, Reader, Acrobat, and possibly other products that support Flash.
I. It may also affect other products that independently support Flash, such as Photoshop, Photoshop Lightroom, Freehand MX, and Fireworks.
An attacker could exploit this vulnerability by convincing a user to open specially crafted Flash content. Flash content is commonly hosted on a web page, but it can also be embedded in PDF and other documents or provided as a stand-alone file.
II.
III. Solution
Update
Adobe Security Advisory APSA10-01 suggests updating to the release candidate of Flash Player 10.1.
Disable Flash in your web browser
Uninstall Flash or restrict which sites are allowed to run Flash. To the extent possible, only run trusted Flash content on trusted domains. For more information, see Securing Your Web Browser.
Disable Flash in Adobe Reader and Acrobat
Disabling Flash in Adobe Reader will mitigate attacks that rely on Flash content embedded in a PDF file. Disabling 3D & Multimedia support does not directly address the vulnerability, but it does provide additional mitigation and results in a more user-friendly error message instead of a crash. To disable Flash and 3D & Multimedia support in Adobe Reader 9, delete, rename, or remove access to these files:
Microsoft Windows
"%ProgramFiles%\Adobe\Reader 9.0\Reader\authplay.dll"
"%ProgramFiles%\Adobe\Reader 9.0\Reader\rt3d.dll"
Apple Mac OS X
"/Applications/Adobe Reader 9/Adobe
Reader.app/Contents/Frameworks/AuthPlayLib.bundle"
"/Applications/Adobe Reader 9/Adobe
Reader.app/Contents/Frameworks/Adobe3D.framework"
GNU/Linux (locations may vary among distributions)
"/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so"
"/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so"
File locations may be different for Adobe Acrobat or other Adobe products that include Flash and 3D & Multimedia support. Disabling these plugins will reduce functionality and will not protect against Flash content hosted on websites. Depending on the update schedule for products other than Flash Player, consider leaving Flash and 3D & Multimedia support disabled unless they are absolutely required.
Prevent Internet Explorer from automatically opening PDF documents
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7]
"EditFlags"=hex:00,00,00,00
Disable the display of PDF documents in the web browser
Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF documents from automatically being opened in a web browser, do the following:
1.
2. Open the Edit menu.
3. Choose the Preferences option.
4. Choose the Internet section.
5. Uncheck the "Display PDF in browser" checkbox.
Disable JavaScript in Adobe Reader and Acrobat
Disabling JavaScript provides some additional protection against attacks. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Enable DEP in Microsoft Windows
Consider enabling Data Execution Prevention (DEP) in supported versions of Windows. DEP should not be treated as a complete workaround, but it can mitigate the execution of attacker-supplied code in some cases. Microsoft has published detailed technical information about DEP in Security Research & Defense blog posts "Understanding DEP as a mitigation technology" part 1 and part 2. Use of DEP should be considered in conjunction with the application of patches or other mitigations described in this document.
Do not access PDF documents from untrusted sources
Do not open unfamiliar or unexpected PDF documents, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. References
-
Security Advisory for Flash Player, Adobe Reader and Acrobat - http://www.adobe.com/support/security/advisories/apsa10-01.html
-
Adobe Labs - Flash Player 10 pre-release - http://labs.adobe.com/technologies/flashplayer10/
-
US-CERT Vulnerability Note VU#486225 - http://www.kb.cert.org/vuls/id/486225
-
Securing Your Web Browser - http://www.us-cert.gov/reading_room/securing_browser/
-
Understanding DEP as a mitigation technology part 1 - http://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx
-
Understanding DEP as a mitigation technology part 2 - http://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA10-159A.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA10-159A Feedback VU#486225" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
June 08, 2010: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBTA65yT6pPKYJORa3AQLS9wf/fh+7IwRtBvoPgn8pYeOsVheLkbVLWC3W miWUnY1acuPTwZzG5JcAldRHksFkx1j0mMEvp4PhtiTr51JFPi4XgDfrG4cEcVaw nuAqEV+hLAWZkMex/jWxBV+85tZqKN0kiUr3bq5DPsdkhjV7c2MFfS8BSxLXLuPm OFAXPT+XFldq6MJhYUOtWT1CIz6PNPfo68KmZaUThjdqkkBW3HQu90OSRf2c6M/u V6KBQf7QuhpPqYUqAZU6ZUNEfL/7g2BwvuPjUMlgE5N+Z8EYnhyhu0qDtZeLUcXA 2gH31VEr79DUHJqpb9jk61bi5Dm4gjHeLHoTAwu0IrduZzXvWncfIg== =ZPZM -----END PGP SIGNATURE----- .
SOLUTION: Delete, rename, or remove access to authplay.dll to prevent running SWF content in PDF files
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201006-1242",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.4.z (server)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.1,
"vendor": "adobe incorporated",
"version": "9.3.1 and 9.3.2"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2010-4943"
},
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "BID",
"id": "41231"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001710"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-482"
},
{
"db": "NVD",
"id": "CVE-2010-2204"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001710"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gjoko \u0027LiquidWorm\u0027 Krstic",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201006-482"
}
],
"trust": 0.6
},
"cve": "CVE-2010-2204",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-2204",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CARNEGIE MELLON",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 9.0,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 7.0,
"exploitability": "PROOF-OF-CONCEPT",
"exploitabilityScore": 8.6,
"id": "VU#486225",
"impactScore": 9.5,
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "OFFICIAL FIX",
"reportConfidence": "CONFIRMED",
"severity": "HIGH",
"targetDistribution": "NOT DEFINED",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-44809",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-2204",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#486225",
"trust": 0.8,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2010-2204",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201006-482",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "ZSL",
"id": "ZSL-2010-4943",
"trust": 0.1,
"value": "(4/5)"
},
{
"author": "VULHUB",
"id": "VHN-44809",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2010-4943"
},
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44809"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001710"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-482"
},
{
"db": "NVD",
"id": "CVE-2010-2204"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors. Adobe Flash contains a vulnerability in the handling of the ActionScript newfunction instruction, which can allow a remote, unauthenticated attacker to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple remote vulnerabilities. \nAttackers can exploit these issues to execute arbitrary code or cause denial-of-service conditions. \nAdobe Reader and Acrobat versions prior to and including 9.3.2 and 8.2.2 are affected. \nThis BID is being retired. The following individual records exist to better document the issues:\n41230 Adobe Acrobat and Reader CVE-2010-1295 Remote Memory Corruption Vulnerability\n41231 Adobe Acrobat and Reader CoolType Typography Engine Remote Denial of Service Vulnerability\n41232 Adobe Acrobat andReader CVE-2010-1285 Remote Code Execution Vulnerability\n41234 Adobe Acrobat and Reader CVE-2010-2202 Remote Memory Corruption Vulnerability\n41235 Adobe Acrobat and Reader CVE-2010-2203 Remote Memory Corruption Vulnerability\n41236 Adobe Acrobat and Reader CVE-2010-2168 Remote Code Execution Vulnerability\n41237 Adobe Acrobat and Reader CVE-2010-2201 Remote Code Execution Vulnerability\n41238 Adobe Acrobat and Reader CVE-2010-2205 Remote Code Execution Vulnerability\n41239 Adobe Acrobat and Reader CVE-2010-2207 Remote Memory Corruption Vulnerability\n41240 Adobe Acrobat and Reader CVE-2010-2209 Remote Memory Corruption Vulnerability\n41241 Adobe Acrobat and Reader CVE-2010-2206 Remote Code Execution Vulnerability\n41242 Adobe Acrobat and Reader CVE-2010-2210 Remote Memory Corruption Vulnerability\n41243 Adobe Acrobat and Reader CVE-2010-2211 Remote Memory Corruption Vulnerability\n41244 Adobe Acrobat and Reader CVE-2010-2208 Remote Code Execution Vulnerability\n41245 Adobe Acrobat and Reader CVE-2010-2212 Remote Memory Corruption Vulnerability. \nAttackers can exploit this issue to crash the affected application, denying service to legitimate users. Due to the nature of this issue, arbitrary code-execution may be possible; however this has not been confirmed. Adobe Reader software is the global standard for electronic document sharing. It is the only PDF file viewer that can open and interact with all PDF documents. The issue is triggered when the reader tries to initialize the CoolType Typography Engine (cooltype.dll). This vulnerability also affects and crashes major browsers like: Mozilla Firefox, Opera and Apple Safari. Google Chrome \u0026amp; IE does not crash. Talking about Blended Threat Vulnerabilities ;).\u003cbr/\u003e\u003cbr/\u003e --------------------------------------------------------------------------------\u003cbr/\u003e\u003cbr/\u003e\u003ccode\u003e (bd0.e14): Access violation - code c0000005 (first chance)\u003cbr/\u003e First chance exceptions are reported before any exception handling.\u003cbr/\u003e This exception may be expected and handled.\u003cbr/\u003e eax=313100ee ebx=0211a722 ecx=00000031 edx=02e091a4 esi=00017e58 edi=00000000\u003cbr/\u003e eip=08075dc2 esp=0012d478 ebp=0012d488 iopl=0 nv up ei pl nz na pe nc\u003cbr/\u003e cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010206\u003cbr/\u003e CoolType!CTInit+0x2f827:\u003cbr/\u003e 08075dc2 660fb644322c movzx ax,byte ptr [edx+esi+2Ch] ds:0023:02e21028=??\u003cbr/\u003e\u003c/code\u003e\u003cbr/\u003e--------------------------------------------------------------------------------\u003cbr/\u003e\u003cbr/\u003eTested on: Microsoft Windows XP Professional SP3 (English)Microsoft Windows XP Professional SP2 (English)Microsoft Windows 7 UltimateGNU/Linux Ubuntu Desktop 9.10 (i386) 32-bitGNU/Linux Fedora 10 (Cambridge) / 2.6.27.41-170.2.117.fc10.i686. Remote attackers can cause denial of service or possible execution through unknown vectors. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201009-05\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: September 07, 2010\n Bugs: #297385, #306429, #313343, #322857\n ID: 201009-05\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might result in the execution\nof arbitrary code or other attacks. For further\ninformation please consult the CVE entries and the Adobe Security\nBulletins referenced below. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.3.4\"\n\nReferences\n==========\n\n [ 1 ] APSA10-01\n http://www.adobe.com/support/security/advisories/apsa10-01.html\n [ 2 ] APSB10-02\n http://www.adobe.com/support/security/bulletins/apsb10-02.html\n [ 3 ] APSB10-07\n http://www.adobe.com/support/security/bulletins/apsb10-07.html\n [ 4 ] APSB10-09\n http://www.adobe.com/support/security/bulletins/apsb10-09.html\n [ 5 ] APSB10-14\n http://www.adobe.com/support/security/bulletins/apsb10-14.html\n [ 6 ] APSB10-16\n http://www.adobe.com/support/security/bulletins/apsb10-16.html\n [ 7 ] CVE-2009-3953\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953\n [ 8 ] CVE-2009-4324\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324\n [ 9 ] CVE-2010-0186\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186\n [ 10 ] CVE-2010-0188\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188\n [ 11 ] CVE-2010-0190\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190\n [ 12 ] CVE-2010-0191\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191\n [ 13 ] CVE-2010-0192\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192\n [ 14 ] CVE-2010-0193\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193\n [ 15 ] CVE-2010-0194\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194\n [ 16 ] CVE-2010-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195\n [ 17 ] CVE-2010-0196\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196\n [ 18 ] CVE-2010-0197\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197\n [ 19 ] CVE-2010-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198\n [ 20 ] CVE-2010-0199\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199\n [ 21 ] CVE-2010-0201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201\n [ 22 ] CVE-2010-0202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202\n [ 23 ] CVE-2010-0203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203\n [ 24 ] CVE-2010-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204\n [ 25 ] CVE-2010-1241\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241\n [ 26 ] CVE-2010-1285\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285\n [ 27 ] CVE-2010-1295\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295\n [ 28 ] CVE-2010-1297\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297\n [ 29 ] CVE-2010-2168\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168\n [ 30 ] CVE-2010-2201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201\n [ 31 ] CVE-2010-2202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202\n [ 32 ] CVE-2010-2203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203\n [ 33 ] CVE-2010-2204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204\n [ 34 ] CVE-2010-2205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205\n [ 35 ] CVE-2010-2206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206\n [ 36 ] CVE-2010-2207\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207\n [ 37 ] CVE-2010-2208\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208\n [ 38 ] CVE-2010-2209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209\n [ 39 ] CVE-2010-2210\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210\n [ 40 ] CVE-2010-2211\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211\n [ 41 ] CVE-2010-2212\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201009-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. ----------------------------------------------------------------------\n\n\nSecunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management\n\nFree webinars\n\nhttp://secunia.com/vulnerability_scanning/corporate/webinars/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player Unspecified Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA40026\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/40026/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026\n\nRELEASE DATE:\n2010-06-05\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/40026/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/40026/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in Adobe Flash Player, which can be\nexploited by malicious people to compromise a user\u0027s system. \n\nThe vulnerability is caused due to an unspecified error. No more\ninformation is currently available. \n\nThe vulnerability is reported in version 10.0.45.2 and prior 10.0.x\nand 9.0.x versions for Windows, Macintosh, Linux, and Solaris. \n\nNOTE: The vulnerability is reportedly being actively exploited. \n\nSOLUTION:\nReportedly, the latest version 10.1 Release Candidate is not\naffected. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\nReported as a 0-day. \n\nORIGINAL ADVISORY:\nAdobe:\nhttp://www.adobe.com/support/security/advisories/apsa10-01.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n National Cyber Alert System\n\n Technical Cyber Security Alert TA10-159A\n\n\nAdobe Flash, Reader, and Acrobat Vulnerability\n\n Original release date: June 08, 2010\n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n * Adobe Flash Player 10.0.45.2 and earlier 10.x versions\n * Adobe Flash Player 9.0.262 and earlier 9.x versions\n * Adobe Reader 9.3.2 and earlier 9.x versions\n * Adobe Acrobat 9.3.2 and earlier 9.x versions\n\n Other Adobe products that support Flash may also be vulnerable. \n\n\nOverview\n\n According to Adobe, there is a vulnerability in Adobe Flash. This\n vulnerability affects Flash Player, Reader, Acrobat, and possibly\n other products that support Flash. \n\n\nI. It may\n also affect other products that independently support Flash, such\n as Photoshop, Photoshop Lightroom, Freehand MX, and Fireworks. \n\n An attacker could exploit this vulnerability by convincing a user\n to open specially crafted Flash content. Flash content is commonly\n hosted on a web page, but it can also be embedded in PDF and other\n documents or provided as a stand-alone file. \n\n\nII. \n\n\nIII. Solution\n\n Update\n\n Adobe Security Advisory APSA10-01 suggests updating to the release\n candidate of Flash Player 10.1. \n\n Disable Flash in your web browser\n\n Uninstall Flash or restrict which sites are allowed to run Flash. \n To the extent possible, only run trusted Flash content on trusted\n domains. For more information, see Securing Your Web Browser. \n\n Disable Flash in Adobe Reader and Acrobat\n\n Disabling Flash in Adobe Reader will mitigate attacks that rely on\n Flash content embedded in a PDF file. Disabling 3D \u0026 Multimedia\n support does not directly address the vulnerability, but it does\n provide additional mitigation and results in a more user-friendly\n error message instead of a crash. To disable Flash and 3D \u0026\n Multimedia support in Adobe Reader 9, delete, rename, or remove\n access to these files:\n\n Microsoft Windows\n\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\authplay.dll\"\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\rt3d.dll\"\n\n Apple Mac OS X\n\n \"/Applications/Adobe Reader 9/Adobe\n Reader.app/Contents/Frameworks/AuthPlayLib.bundle\"\n \"/Applications/Adobe Reader 9/Adobe\n Reader.app/Contents/Frameworks/Adobe3D.framework\"\n\n\n GNU/Linux (locations may vary among distributions)\n\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so\"\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so\"\n\n File locations may be different for Adobe Acrobat or other Adobe\n products that include Flash and 3D \u0026 Multimedia support. Disabling\n these plugins will reduce functionality and will not protect\n against Flash content hosted on websites. Depending on the update\n schedule for products other than Flash Player, consider leaving\n Flash and 3D \u0026 Multimedia support disabled unless they are\n absolutely required. \n\n Prevent Internet Explorer from automatically opening PDF documents\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF documents in the web browser\n\n Preventing PDF documents from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF documents from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. \n\n Disable JavaScript in Adobe Reader and Acrobat\n\n Disabling JavaScript provides some additional protection against\n attacks. Acrobat JavaScript can be disabled using the Preferences\n menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable Acrobat\n JavaScript). \n\n Enable DEP in Microsoft Windows\n\n Consider enabling Data Execution Prevention (DEP) in supported\n versions of Windows. DEP should not be treated as a complete\n workaround, but it can mitigate the execution of attacker-supplied\n code in some cases. Microsoft has published detailed technical\n information about DEP in Security Research \u0026 Defense blog posts\n \"Understanding DEP as a mitigation technology\" part 1 and part 2. \n Use of DEP should be considered in conjunction with the application\n of patches or other mitigations described in this document. \n\n Do not access PDF documents from untrusted sources\n\n Do not open unfamiliar or unexpected PDF documents, particularly\n those hosted on websites or delivered as email attachments. Please\n see Cyber Security Tip ST04-010. \n\n\nIV. References\n\n * Security Advisory for Flash Player, Adobe Reader and Acrobat -\n \u003chttp://www.adobe.com/support/security/advisories/apsa10-01.html\u003e\n\n * Adobe Labs - Flash Player 10 pre-release -\n \u003chttp://labs.adobe.com/technologies/flashplayer10/\u003e\n\n * US-CERT Vulnerability Note VU#486225 -\n \u003chttp://www.kb.cert.org/vuls/id/486225\u003e\n\n * Securing Your Web Browser -\n \u003chttp://www.us-cert.gov/reading_room/securing_browser/\u003e\n\n * Understanding DEP as a mitigation technology part 1 -\n \u003chttp://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx\u003e\n\n * Understanding DEP as a mitigation technology part 2 -\n \u003chttp://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx\u003e\n\n ____________________________________________________________________\n\n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA10-159A.html\u003e\n ____________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-159A Feedback VU#486225\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n June 08, 2010: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBTA65yT6pPKYJORa3AQLS9wf/fh+7IwRtBvoPgn8pYeOsVheLkbVLWC3W\nmiWUnY1acuPTwZzG5JcAldRHksFkx1j0mMEvp4PhtiTr51JFPi4XgDfrG4cEcVaw\nnuAqEV+hLAWZkMex/jWxBV+85tZqKN0kiUr3bq5DPsdkhjV7c2MFfS8BSxLXLuPm\nOFAXPT+XFldq6MJhYUOtWT1CIz6PNPfo68KmZaUThjdqkkBW3HQu90OSRf2c6M/u\nV6KBQf7QuhpPqYUqAZU6ZUNEfL/7g2BwvuPjUMlgE5N+Z8EYnhyhu0qDtZeLUcXA\n2gH31VEr79DUHJqpb9jk61bi5Dm4gjHeLHoTAwu0IrduZzXvWncfIg==\n=ZPZM\n-----END PGP SIGNATURE-----\n. \n\nSOLUTION:\nDelete, rename, or remove access to authplay.dll to prevent running\nSWF content in PDF files",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-2204"
},
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001710"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "BID",
"id": "41231"
},
{
"db": "ZSL",
"id": "ZSL-2010-4943"
},
{
"db": "VULHUB",
"id": "VHN-44809"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "90321"
}
],
"trust": 3.42
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.kb.cert.org/vuls/id/486225",
"trust": 0.8,
"type": "poc"
},
{
"reference": "https://www.zeroscience.mk/codes/acrobat_poc.txt",
"trust": 0.1,
"type": "poc"
},
{
"reference": "https://www.scap.org.cn/vuln/vhn-44809",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2010-4943"
},
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44809"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-2204",
"trust": 3.0
},
{
"db": "BID",
"id": "41231",
"trust": 2.3
},
{
"db": "VUPEN",
"id": "ADV-2010-1636",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1024159",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "40026",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#486225",
"trust": 0.9
},
{
"db": "USCERT",
"id": "TA10-159A",
"trust": 0.9
},
{
"db": "USCERT",
"id": "SA10-162A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "TA10-162A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA10-159A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001710",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201006-482",
"trust": 0.7
},
{
"db": "ZSL",
"id": "ZSL-2010-4943",
"trust": 0.5
},
{
"db": "BID",
"id": "41130",
"trust": 0.4
},
{
"db": "EXPLOIT-DB",
"id": "14121",
"trust": 0.2
},
{
"db": "SECUNIA",
"id": "40034",
"trust": 0.2
},
{
"db": "AUSCERT",
"id": "ESB-2010.0583",
"trust": 0.1
},
{
"db": "OSVDB",
"id": "65915",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "91308",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-69210",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-44809",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "93607",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90322",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90516",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90321",
"trust": 0.1
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2010-4943"
},
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44809"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "BID",
"id": "41231"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001710"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "90321"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-482"
},
{
"db": "NVD",
"id": "CVE-2010-2204"
}
]
},
"id": "VAR-201006-1242",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-44809"
}
],
"trust": 0.01
},
"last_update_date": "2024-09-09T19:45:25.533000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-15",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"
},
{
"title": "APSB10-15",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-15.html"
},
{
"title": "RHSA-2010:0503",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0503.html"
},
{
"title": "TA10-159A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-159a.html"
},
{
"title": "TA10-162A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-162a.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001710"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-2204"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"
},
{
"trust": 2.0,
"url": "http://www.securityfocus.com/bid/41231"
},
{
"trust": 2.0,
"url": "http://www.vupen.com/english/advisories/2010/1636"
},
{
"trust": 1.8,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7242"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1024159"
},
{
"trust": 0.9,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2204"
},
{
"trust": 0.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2204"
},
{
"trust": 0.8,
"url": "http://www.adobe.com/devnet/actionscript/articles/avm2overview.pdf"
},
{
"trust": 0.8,
"url": "http://labs.adobe.com/technologies/flashplayer10/"
},
{
"trust": 0.8,
"url": "http://blog.zynamics.com/2010/06/09/analyzing-the-currently-exploited-0-day-for-adobe-reader-and-adobe-flash/"
},
{
"trust": 0.8,
"url": "http://www.symantec.com/connect/blogs/analysis-zero-day-exploit-adobe-flash-and-reader"
},
{
"trust": 0.8,
"url": "http://community.websense.com/blogs/securitylabs/archive/2010/06/09/having-fun-with-adobe-0-day-exploits.aspx"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/40026"
},
{
"trust": 0.8,
"url": "http://www.f-secure.com/weblog/archives/00001962.html"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20100611-adobe.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100015.txt"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100017.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-159a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-162a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-16"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-159a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-162a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-159a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-162a.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.zeroscience.mk/en/vulnerabilities/zsl-2010-4943.php"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/webinars/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2010-2204"
},
{
"trust": 0.1,
"url": "http://www.securityfocus.com/bid/41130"
},
{
"trust": 0.1,
"url": "http://www.exploit-db.com/exploits/14121/"
},
{
"trust": 0.1,
"url": "http://securitytracker.com/alerts/2010/jun/1024159.html"
},
{
"trust": 0.1,
"url": "http://www.packetstormsecurity.org/filedesc/zsl-2010-4943.txt.html"
},
{
"trust": 0.1,
"url": "http://securityreason.com/exploitalert/8377"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40034"
},
{
"trust": 0.1,
"url": "http://www.auscert.org.au/render.html?it=13010"
},
{
"trust": 0.1,
"url": "http://www.juniper.net/security/auto/vulnerabilities/vuln41231.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=20787"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2010-0503.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2010-2204.html"
},
{
"trust": 0.1,
"url": "http://www.scip.ch/?nasldb.47164"
},
{
"trust": 0.1,
"url": "http://www.cpni.gov.uk/products/alerts/3949.aspx"
},
{
"trust": 0.1,
"url": "http://www.alertra.com/security-checks.php?id=47165"
},
{
"trust": 0.1,
"url": "http://osvdb.org/show/osvdb/65915"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2203"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2209"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0188"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0199"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201009-05.xml"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2205"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2211"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1285"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0199"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0190"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2210"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0188"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0198"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-07.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1297"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1241"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1295"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2208"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0190"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0198"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2207"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2168"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2201"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-16.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0186"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2212"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40026/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40026/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/486225\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-159a.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx\u003e"
},
{
"trust": 0.1,
"url": "http://labs.adobe.com/technologies/flashplayer10/\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/reading_room/securing_browser/\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx\u003e"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40034/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40034"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40034/#comments"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2010-4943"
},
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44809"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "BID",
"id": "41231"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001710"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "90321"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-482"
},
{
"db": "NVD",
"id": "CVE-2010-2204"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZSL",
"id": "ZSL-2010-4943"
},
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-44809"
},
{
"db": "BID",
"id": "41130"
},
{
"db": "BID",
"id": "41231"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001710"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "PACKETSTORM",
"id": "90321"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-482"
},
{
"db": "NVD",
"id": "CVE-2010-2204"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-06-29T00:00:00",
"db": "ZSL",
"id": "ZSL-2010-4943"
},
{
"date": "2010-06-07T00:00:00",
"db": "CERT/CC",
"id": "VU#486225"
},
{
"date": "2010-06-30T00:00:00",
"db": "VULHUB",
"id": "VHN-44809"
},
{
"date": "2010-06-24T00:00:00",
"db": "BID",
"id": "41130"
},
{
"date": "2010-06-29T00:00:00",
"db": "BID",
"id": "41231"
},
{
"date": "2010-07-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001710"
},
{
"date": "2010-09-08T05:23:46",
"db": "PACKETSTORM",
"id": "93607"
},
{
"date": "2010-06-07T11:14:28",
"db": "PACKETSTORM",
"id": "90322"
},
{
"date": "2010-06-12T04:47:27",
"db": "PACKETSTORM",
"id": "90516"
},
{
"date": "2010-06-07T11:14:25",
"db": "PACKETSTORM",
"id": "90321"
},
{
"date": "2010-06-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-482"
},
{
"date": "2010-06-30T18:30:01.613000",
"db": "NVD",
"id": "CVE-2010-2204"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-07-02T00:00:00",
"db": "ZSL",
"id": "ZSL-2010-4943"
},
{
"date": "2012-03-28T00:00:00",
"db": "CERT/CC",
"id": "VU#486225"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-44809"
},
{
"date": "2010-06-29T22:08:00",
"db": "BID",
"id": "41130"
},
{
"date": "2015-03-19T09:15:00",
"db": "BID",
"id": "41231"
},
{
"date": "2010-07-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001710"
},
{
"date": "2010-07-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-482"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2010-2204"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-482"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash ActionScript AVM2 newfunction vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201006-482"
}
],
"trust": 0.6
}
}
var-201505-0293
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073, and CVE-2015-3074. This vulnerability CVE-2015-3061 , CVE-2015-3062 , CVE-2015-3063 , CVE-2015-3064 , CVE-2015-3065 , CVE-2015-3066 , CVE-2015-3067 , CVE-2015-3068 , CVE-2015-3069 , CVE-2015-3071 , CVE-2015-3072 , CVE-2015-3073 and CVE-2015-3074 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlBy the attacker, JavaScript API May limit the execution limit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the indexOfNextEssential method. By creating a specially crafted PDF with specific JavaScript instructions, it is possible to bypass the JavaScript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Reader and Acrobat are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201505-0293",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-208"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002638"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-173"
},
{
"db": "NVD",
"id": "CVE-2015-3060"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002638"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Simon Zuckerbraun - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-208"
}
],
"trust": 0.7
},
"cve": "CVE-2015-3060",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3060",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-3060",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-81021",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3060",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-3060",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-3060",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-173",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-81021",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-208"
},
{
"db": "VULHUB",
"id": "VHN-81021"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002638"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-173"
},
{
"db": "NVD",
"id": "CVE-2015-3060"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073, and CVE-2015-3074. This vulnerability CVE-2015-3061 , CVE-2015-3062 , CVE-2015-3063 , CVE-2015-3064 , CVE-2015-3065 , CVE-2015-3066 , CVE-2015-3067 , CVE-2015-3068 , CVE-2015-3069 , CVE-2015-3071 , CVE-2015-3072 , CVE-2015-3073 and CVE-2015-3074 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlBy the attacker, JavaScript API May limit the execution limit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the indexOfNextEssential method. By creating a specially crafted PDF with specific JavaScript instructions, it is possible to bypass the JavaScript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Reader and Acrobat are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3060"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002638"
},
{
"db": "ZDI",
"id": "ZDI-15-208"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "VULHUB",
"id": "VHN-81021"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3060",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-208",
"trust": 1.8
},
{
"db": "BID",
"id": "74604",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1032284",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002638",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2702",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201505-173",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-81021",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-208"
},
{
"db": "VULHUB",
"id": "VHN-81021"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002638"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-173"
},
{
"db": "NVD",
"id": "CVE-2015-3060"
}
]
},
"id": "VAR-201505-0293",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81021"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:34:06.851000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-10",
"trust": 1.5,
"url": "http://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb15-10.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150514.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-208"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002638"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-284",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81021"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002638"
},
{
"db": "NVD",
"id": "CVE-2015-3060"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/74604"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-208"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032284"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3060"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150513-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3060"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=16279"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-208"
},
{
"db": "VULHUB",
"id": "VHN-81021"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002638"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-173"
},
{
"db": "NVD",
"id": "CVE-2015-3060"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-208"
},
{
"db": "VULHUB",
"id": "VHN-81021"
},
{
"db": "BID",
"id": "74604"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002638"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-173"
},
{
"db": "NVD",
"id": "CVE-2015-3060"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-208"
},
{
"date": "2015-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-81021"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74604"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002638"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-173"
},
{
"date": "2015-05-13T10:59:55.467000",
"db": "NVD",
"id": "CVE-2015-3060"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-12T00:00:00",
"db": "ZDI",
"id": "ZDI-15-208"
},
{
"date": "2017-01-03T00:00:00",
"db": "VULHUB",
"id": "VHN-81021"
},
{
"date": "2015-05-15T01:17:00",
"db": "BID",
"id": "74604"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002638"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-173"
},
{
"date": "2017-01-03T19:02:37.577000",
"db": "NVD",
"id": "CVE-2015-3060"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-173"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat In JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002638"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "74604"
}
],
"trust": 0.3
}
}
var-201004-0132
Vulnerability from variot
Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2010-0193 and CVE-2010-0196. This vulnerability CVE-2010-0193 and CVE-2010-0196 Is a different vulnerability.Service disruption by a third party (DoS) Could be put into a state or execute arbitrary code. Adobe Acrobat and Reader are prone to a denial-of-service vulnerability. Attackers can exploit this issue to crash the application, resulting in a denial-of-service condition. Due to the nature of this issue arbitrary code execution may also be possible but this has not been confirmed. The following products are affected: Adobe Reader 9.3.1 and prior for Windows, Macintosh, and UNIX Adobe Acrobat 9.3.1 and prior for Windows and Macintosh Adobe Reader 8.2.1 and prior for Windows and Macintosh Acrobat 8.2.1 and prior for Windows and Macintosh Note: This vulnerability was previously documented in BID 39329 (Adobe Acrobat and Reader April 2010 Multiple Remote Vulnerabilities) but has been given its own record to better document the issue. Attackers can exploit these issues to steal cookie-based authentication credentials, cause a denial-of-service, or execute arbitrary code in the context of the user running an affected application.
I. These vulnerabilities affect Reader and Acrobat 9.3.1 and earlier 9.x versions, and 8.2.1 and earlier versions.
An attacker could exploit these vulnerabilities by convincing a user to open a specially crafted PDF file. The Adobe Reader browser plug-in is available for multiple web browsers and operating systems, which can automatically open PDF documents hosted on a website.
II.
III. For a fresh installation, first install Adobe Reader 9.3.0 or 8.2.0 and then use the automatic update feature or install the appropriate update referenced in APSB10-09. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Adobe provides a framework to blacklist specific JavaScipt APIs. If JavaScript must be enabled, this feature may be useful when specific APIs are known to be vulnerable or used in attacks.
Prevent Internet Explorer from automatically opening PDF documents
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7] "EditFlags"=hex:00,00,00,00
Disable the display of PDF documents in the web browser
Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF documents from automatically being opened in a web browser, do the following:
- Open the Edit menu.
- Choose the Preferences option.
- Choose the Internet section.
- Uncheck the "Display PDF in browser" checkbox.
Do not access PDF documents from untrusted sources
Do not open unfamiliar or unexpected PDF documents, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. Please send email to cert@cert.org with "TA10-103C Feedback VU#352598" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
April 13, 2010: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBS8TuRj6pPKYJORa3AQJfzggAj8p3s/TrJT16ceFtRzLR31QBgRq6GxYr h8WnsGlj2WR71XjH219XaWx9Mj3KBWVxbAsNPmK0tEir7KA+n4DwZCewTDYRqfYs 8N7G9MOI68Z87+7zBiZAo0j5/lQuxLWyTF9PqWbX8gCWLqJWW46cEZCqg7OGRbYt w8coxdMXU6tM3WGoWAIKwLRtpQUdubcITPTrE7RATyLJ1422B9dkTSeSCuHHZs5d eXSPYzTQ1EOwHpuA5/a/or2SjeRPLQcpxb/8WKelSqwW3hpK4zviEnPt4cYyeNqW BQY06OQMTKch/nmniuEDuiwe69m0gTw7Tw2Dm6xrg6BLBy3A6GAwkQ== =CQ6i -----END PGP SIGNATURE----- . For further information please consult the CVE entries and the Adobe Security Bulletins referenced below.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.3.4"
References
[ 1 ] APSA10-01 http://www.adobe.com/support/security/advisories/apsa10-01.html [ 2 ] APSB10-02 http://www.adobe.com/support/security/bulletins/apsb10-02.html [ 3 ] APSB10-07 http://www.adobe.com/support/security/bulletins/apsb10-07.html [ 4 ] APSB10-09 http://www.adobe.com/support/security/bulletins/apsb10-09.html [ 5 ] APSB10-14 http://www.adobe.com/support/security/bulletins/apsb10-14.html [ 6 ] APSB10-16 http://www.adobe.com/support/security/bulletins/apsb10-16.html [ 7 ] CVE-2009-3953 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953 [ 8 ] CVE-2009-4324 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324 [ 9 ] CVE-2010-0186 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186 [ 10 ] CVE-2010-0188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188 [ 11 ] CVE-2010-0190 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190 [ 12 ] CVE-2010-0191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191 [ 13 ] CVE-2010-0192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192 [ 14 ] CVE-2010-0193 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193 [ 15 ] CVE-2010-0194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194 [ 16 ] CVE-2010-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195 [ 17 ] CVE-2010-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196 [ 18 ] CVE-2010-0197 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197 [ 19 ] CVE-2010-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198 [ 20 ] CVE-2010-0199 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199 [ 21 ] CVE-2010-0201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201 [ 22 ] CVE-2010-0202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202 [ 23 ] CVE-2010-0203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203 [ 24 ] CVE-2010-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204 [ 25 ] CVE-2010-1241 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241 [ 26 ] CVE-2010-1285 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285 [ 27 ] CVE-2010-1295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295 [ 28 ] CVE-2010-1297 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297 [ 29 ] CVE-2010-2168 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168 [ 30 ] CVE-2010-2201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201 [ 31 ] CVE-2010-2202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202 [ 32 ] CVE-2010-2203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203 [ 33 ] CVE-2010-2204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204 [ 34 ] CVE-2010-2205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205 [ 35 ] CVE-2010-2206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206 [ 36 ] CVE-2010-2207 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207 [ 37 ] CVE-2010-2208 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208 [ 38 ] CVE-2010-2209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209 [ 39 ] CVE-2010-2210 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210 [ 40 ] CVE-2010-2211 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211 [ 41 ] CVE-2010-2212 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201009-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201004-0132",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.4.z (server)"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "39523"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001348"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-245"
},
{
"db": "NVD",
"id": "CVE-2010-0192"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001348"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Billy Rios and Microsoft Vulnerability Research (MSVR), Aki Helin of Oulu University Secure Programming Group, Microsoft Vulnerability Research Program (MSVR), Bing Liu of Fortinet\u0027s FortiGuard Labs, an anonymous researcher reported through TippingPoint\u0026a",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-245"
}
],
"trust": 0.6
},
"cve": "CVE-2010-0192",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-0192",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-42797",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-0192",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2010-0192",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201004-245",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-42797",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2010-0192",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42797"
},
{
"db": "VULMON",
"id": "CVE-2010-0192"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001348"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-245"
},
{
"db": "NVD",
"id": "CVE-2010-0192"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2010-0193 and CVE-2010-0196. This vulnerability CVE-2010-0193 and CVE-2010-0196 Is a different vulnerability.Service disruption by a third party (DoS) Could be put into a state or execute arbitrary code. Adobe Acrobat and Reader are prone to a denial-of-service vulnerability. \nAttackers can exploit this issue to crash the application, resulting in a denial-of-service condition. Due to the nature of this issue arbitrary code execution may also be possible but this has not been confirmed. \nThe following products are affected:\nAdobe Reader 9.3.1 and prior for Windows, Macintosh, and UNIX\nAdobe Acrobat 9.3.1 and prior for Windows and Macintosh\nAdobe Reader 8.2.1 and prior for Windows and Macintosh\nAcrobat 8.2.1 and prior for Windows and Macintosh\nNote: This vulnerability was previously documented in BID 39329 (Adobe Acrobat and Reader April 2010 Multiple Remote Vulnerabilities) but has been given its own record to better document the issue. \nAttackers can exploit these issues to steal cookie-based authentication credentials, cause a denial-of-service, or execute arbitrary code in the context of the user running an affected application. \n\n\nI. These\n vulnerabilities affect Reader and Acrobat 9.3.1 and earlier 9.x\n versions, and 8.2.1 and earlier versions. \n\n An attacker could exploit these vulnerabilities by convincing a\n user to open a specially crafted PDF file. The Adobe Reader browser\n plug-in is available for multiple web browsers and operating\n systems, which can automatically open PDF documents hosted on a\n website. \n\n\nII. \n\n\nIII. For a fresh installation, first install\n Adobe Reader 9.3.0 or 8.2.0 and then use the automatic update\n feature or install the appropriate update referenced in APSB10-09. Acrobat JavaScript can be disabled using the\n Preferences menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable\n Acrobat JavaScript). \n\n Adobe provides a framework to blacklist specific JavaScipt APIs. If\n JavaScript must be enabled, this feature may be useful when\n specific APIs are known to be vulnerable or used in attacks. \n\n Prevent Internet Explorer from automatically opening PDF documents\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF documents in the web browser\n\n Preventing PDF documents from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF documents from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. \n\n Do not access PDF documents from untrusted sources\n\n Do not open unfamiliar or unexpected PDF documents, particularly\n those hosted on websites or delivered as email attachments. Please\n see Cyber Security Tip ST04-010. \n\n\nIV. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-103C Feedback VU#352598\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n April 13, 2010: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBS8TuRj6pPKYJORa3AQJfzggAj8p3s/TrJT16ceFtRzLR31QBgRq6GxYr\nh8WnsGlj2WR71XjH219XaWx9Mj3KBWVxbAsNPmK0tEir7KA+n4DwZCewTDYRqfYs\n8N7G9MOI68Z87+7zBiZAo0j5/lQuxLWyTF9PqWbX8gCWLqJWW46cEZCqg7OGRbYt\nw8coxdMXU6tM3WGoWAIKwLRtpQUdubcITPTrE7RATyLJ1422B9dkTSeSCuHHZs5d\neXSPYzTQ1EOwHpuA5/a/or2SjeRPLQcpxb/8WKelSqwW3hpK4zviEnPt4cYyeNqW\nBQY06OQMTKch/nmniuEDuiwe69m0gTw7Tw2Dm6xrg6BLBy3A6GAwkQ==\n=CQ6i\n-----END PGP SIGNATURE-----\n. For further\ninformation please consult the CVE entries and the Adobe Security\nBulletins referenced below. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.3.4\"\n\nReferences\n==========\n\n [ 1 ] APSA10-01\n http://www.adobe.com/support/security/advisories/apsa10-01.html\n [ 2 ] APSB10-02\n http://www.adobe.com/support/security/bulletins/apsb10-02.html\n [ 3 ] APSB10-07\n http://www.adobe.com/support/security/bulletins/apsb10-07.html\n [ 4 ] APSB10-09\n http://www.adobe.com/support/security/bulletins/apsb10-09.html\n [ 5 ] APSB10-14\n http://www.adobe.com/support/security/bulletins/apsb10-14.html\n [ 6 ] APSB10-16\n http://www.adobe.com/support/security/bulletins/apsb10-16.html\n [ 7 ] CVE-2009-3953\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953\n [ 8 ] CVE-2009-4324\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324\n [ 9 ] CVE-2010-0186\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186\n [ 10 ] CVE-2010-0188\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188\n [ 11 ] CVE-2010-0190\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190\n [ 12 ] CVE-2010-0191\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191\n [ 13 ] CVE-2010-0192\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192\n [ 14 ] CVE-2010-0193\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193\n [ 15 ] CVE-2010-0194\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194\n [ 16 ] CVE-2010-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195\n [ 17 ] CVE-2010-0196\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196\n [ 18 ] CVE-2010-0197\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197\n [ 19 ] CVE-2010-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198\n [ 20 ] CVE-2010-0199\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199\n [ 21 ] CVE-2010-0201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201\n [ 22 ] CVE-2010-0202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202\n [ 23 ] CVE-2010-0203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203\n [ 24 ] CVE-2010-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204\n [ 25 ] CVE-2010-1241\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241\n [ 26 ] CVE-2010-1285\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285\n [ 27 ] CVE-2010-1295\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295\n [ 28 ] CVE-2010-1297\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297\n [ 29 ] CVE-2010-2168\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168\n [ 30 ] CVE-2010-2201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201\n [ 31 ] CVE-2010-2202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202\n [ 32 ] CVE-2010-2203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203\n [ 33 ] CVE-2010-2204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204\n [ 34 ] CVE-2010-2205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205\n [ 35 ] CVE-2010-2206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206\n [ 36 ] CVE-2010-2207\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207\n [ 37 ] CVE-2010-2208\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208\n [ 38 ] CVE-2010-2209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209\n [ 39 ] CVE-2010-2210\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210\n [ 40 ] CVE-2010-2211\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211\n [ 41 ] CVE-2010-2212\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201009-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-0192"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001348"
},
{
"db": "BID",
"id": "39523"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "VULHUB",
"id": "VHN-42797"
},
{
"db": "VULMON",
"id": "CVE-2010-0192"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-0192",
"trust": 3.0
},
{
"db": "USCERT",
"id": "TA10-103C",
"trust": 2.7
},
{
"db": "VUPEN",
"id": "ADV-2010-0873",
"trust": 2.5
},
{
"db": "BID",
"id": "39329",
"trust": 2.1
},
{
"db": "BID",
"id": "39523",
"trust": 1.2
},
{
"db": "USCERT",
"id": "SA10-103C",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001348",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201004-245",
"trust": 0.7
},
{
"db": "CERT/CC",
"id": "TA10-103C",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-42797",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/0873",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2010-0192",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88345",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "93607",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42797"
},
{
"db": "VULMON",
"id": "CVE-2010-0192"
},
{
"db": "BID",
"id": "39523"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001348"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-245"
},
{
"db": "NVD",
"id": "CVE-2010-0192"
}
]
},
"id": "VAR-201004-0132",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-42797"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:15:18.449000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-09",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"title": "APSB10-09",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-09.html"
},
{
"title": "RHSA-2010:0349",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0349.html"
},
{
"title": "TA10-103C",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-103c.html"
},
{
"title": "Red Hat: Critical: acroread security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20100349 - Security Advisory"
},
{
"title": "RADAMSA",
"trust": 0.1,
"url": "https://github.com/StephenHaruna/RADAMSA "
},
{
"title": "radamsa",
"trust": 0.1,
"url": "https://github.com/Hwangtaewon/radamsa "
},
{
"title": "radamsa-Fuzzer",
"trust": 0.1,
"url": "https://github.com/sunzu94/radamsa-Fuzzer "
},
{
"title": "radamsa",
"trust": 0.1,
"url": "https://github.com/benoit-a/radamsa "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-0192"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001348"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-0192"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-103c.html"
},
{
"trust": 2.6,
"url": "http://www.vupen.com/english/advisories/2010/0873"
},
{
"trust": 2.5,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/39329"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7046"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0192"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100009.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-103c/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-13/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0192"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/39523"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-103c.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/index.html#topics"
},
{
"trust": 0.6,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2010:0349"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-103c.html\u003e"
},
{
"trust": 0.1,
"url": "http://kb2.adobe.com/cps/504/cpsid_50431.html\u003e"
},
{
"trust": 0.1,
"url": "http://blogs.adobe.com/adobereader/2010/04/upcoming_adobe_reader_and_acro.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2203"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2209"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0188"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0199"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201009-05.xml"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2205"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2211"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1285"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0199"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0190"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2210"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0188"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0198"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-07.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1297"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1241"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1295"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2208"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0190"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0198"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2207"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2168"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2201"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-16.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0186"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2212"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42797"
},
{
"db": "VULMON",
"id": "CVE-2010-0192"
},
{
"db": "BID",
"id": "39523"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001348"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-245"
},
{
"db": "NVD",
"id": "CVE-2010-0192"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-42797"
},
{
"db": "VULMON",
"id": "CVE-2010-0192"
},
{
"db": "BID",
"id": "39523"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001348"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-245"
},
{
"db": "NVD",
"id": "CVE-2010-0192"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-14T00:00:00",
"db": "VULHUB",
"id": "VHN-42797"
},
{
"date": "2010-04-14T00:00:00",
"db": "VULMON",
"id": "CVE-2010-0192"
},
{
"date": "2010-04-13T00:00:00",
"db": "BID",
"id": "39523"
},
{
"date": "2010-04-08T00:00:00",
"db": "BID",
"id": "39329"
},
{
"date": "2010-04-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001348"
},
{
"date": "2010-04-14T07:04:22",
"db": "PACKETSTORM",
"id": "88345"
},
{
"date": "2010-09-08T05:23:46",
"db": "PACKETSTORM",
"id": "93607"
},
{
"date": "2010-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-245"
},
{
"date": "2010-04-14T16:00:00.727000",
"db": "NVD",
"id": "CVE-2010-0192"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-42797"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2010-0192"
},
{
"date": "2015-03-19T08:16:00",
"db": "BID",
"id": "39523"
},
{
"date": "2010-04-16T15:53:00",
"db": "BID",
"id": "39329"
},
{
"date": "2010-04-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001348"
},
{
"date": "2010-04-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-245"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2010-0192"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "39523"
},
{
"db": "BID",
"id": "39329"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001348"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "39523"
},
{
"db": "BID",
"id": "39329"
}
],
"trust": 0.6
}
}
var-201004-0134
Vulnerability from variot
Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0197, CVE-2010-0201, and CVE-2010-0204. Adobe Reader and Acrobat There is a service disruption (DoS) A vulnerability exists that could lead to a condition or arbitrary code execution. This vulnerability CVE-2010-0197 , CVE-2010-0201 and CVE-2010-0204 Is a different vulnerability.Service disruption by a third party (DoS) Could be put into a state or execute arbitrary code. Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. Failed exploit attempts will result in a denial-of-service condition. The following products are affected: Adobe Reader 9.3.1 and prior for Windows, Macintosh, and UNIX Adobe Acrobat 9.3.1 and prior for Windows and Macintosh Adobe Reader 8.2.1 and prior for Windows and Macintosh Acrobat 8.2.1 and prior for Windows and Macintosh NOTE: This issue was originally documented in BID 39329 (Adobe Acrobat and Reader April 2010 Multiple Remote Vulnerabilities); it has been assigned its own BID to better document the vulnerability.
Impact:
Remote Code Execution.
Risk:
High. The vulnerable X3D component is a plugin used to display 3D material, which when present in a PDF document, can lead to exploitation (CVE-2010-0194).
* Memory corruption through heap overflow in "CoolType.dll"
(CVE-2010-1241).
The vulnerabilities are triggered when opening and rendering a PDF document. A remote attacker could craft a malicious document which exploits either one of these vulnerabilities, allowing them to compromise a system.
FortiGuard Labs released the following signatures to protect against these vulnerabilities
* "Adobe.Reader.DeviceRGB.Subtype.Stream.Memory.Corruption", previously
released as "FG-VD-10-003-Adobe" (CVE-2010-0194).
* "Adobe.Reader.Acrobat.Pro.CFF.Encodings.Handling.Heap.Overflow",
previously released as "FG-VD-10-005-Adobe" (CVE-2010-1241).
References:
* Adobe Security Bulletin:
http://www.adobe.com/support/security/bulletins/apsb10-09.html
* CVE ID: CVE-2010-0194
* CVE ID: CVE-2010-1241
Acknowledgment:
* Bing Liu of Fortinet's FortiGuard Labs (CVE-2010-0194)
* Haifei Li of Fortinet's FortiGuard Labs (CVE-2010-1241)
.
I. These vulnerabilities affect Reader and Acrobat 9.3.1 and earlier 9.x versions, and 8.2.1 and earlier versions.
An attacker could exploit these vulnerabilities by convincing a user to open a specially crafted PDF file. The Adobe Reader browser plug-in is available for multiple web browsers and operating systems, which can automatically open PDF documents hosted on a website.
II.
III. For a fresh installation, first install Adobe Reader 9.3.0 or 8.2.0 and then use the automatic update feature or install the appropriate update referenced in APSB10-09. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Adobe provides a framework to blacklist specific JavaScipt APIs. If JavaScript must be enabled, this feature may be useful when specific APIs are known to be vulnerable or used in attacks.
Prevent Internet Explorer from automatically opening PDF documents
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7] "EditFlags"=hex:00,00,00,00
Disable the display of PDF documents in the web browser
Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF documents from automatically being opened in a web browser, do the following:
- Open the Edit menu.
- Choose the Preferences option.
- Choose the Internet section.
- Uncheck the "Display PDF in browser" checkbox.
Do not access PDF documents from untrusted sources
Do not open unfamiliar or unexpected PDF documents, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. Please send email to cert@cert.org with "TA10-103C Feedback VU#352598" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
April 13, 2010: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBS8TuRj6pPKYJORa3AQJfzggAj8p3s/TrJT16ceFtRzLR31QBgRq6GxYr h8WnsGlj2WR71XjH219XaWx9Mj3KBWVxbAsNPmK0tEir7KA+n4DwZCewTDYRqfYs 8N7G9MOI68Z87+7zBiZAo0j5/lQuxLWyTF9PqWbX8gCWLqJWW46cEZCqg7OGRbYt w8coxdMXU6tM3WGoWAIKwLRtpQUdubcITPTrE7RATyLJ1422B9dkTSeSCuHHZs5d eXSPYzTQ1EOwHpuA5/a/or2SjeRPLQcpxb/8WKelSqwW3hpK4zviEnPt4cYyeNqW BQY06OQMTKch/nmniuEDuiwe69m0gTw7Tw2Dm6xrg6BLBy3A6GAwkQ== =CQ6i -----END PGP SIGNATURE----- .
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.3.4"
References
[ 1 ] APSA10-01 http://www.adobe.com/support/security/advisories/apsa10-01.html [ 2 ] APSB10-02 http://www.adobe.com/support/security/bulletins/apsb10-02.html [ 3 ] APSB10-07 http://www.adobe.com/support/security/bulletins/apsb10-07.html [ 4 ] APSB10-09 http://www.adobe.com/support/security/bulletins/apsb10-09.html [ 5 ] APSB10-14 http://www.adobe.com/support/security/bulletins/apsb10-14.html [ 6 ] APSB10-16 http://www.adobe.com/support/security/bulletins/apsb10-16.html [ 7 ] CVE-2009-3953 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953 [ 8 ] CVE-2009-4324 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324 [ 9 ] CVE-2010-0186 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186 [ 10 ] CVE-2010-0188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188 [ 11 ] CVE-2010-0190 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190 [ 12 ] CVE-2010-0191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191 [ 13 ] CVE-2010-0192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192 [ 14 ] CVE-2010-0193 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193 [ 15 ] CVE-2010-0194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194 [ 16 ] CVE-2010-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195 [ 17 ] CVE-2010-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196 [ 18 ] CVE-2010-0197 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197 [ 19 ] CVE-2010-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198 [ 20 ] CVE-2010-0199 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199 [ 21 ] CVE-2010-0201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201 [ 22 ] CVE-2010-0202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202 [ 23 ] CVE-2010-0203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203 [ 24 ] CVE-2010-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204 [ 25 ] CVE-2010-1241 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241 [ 26 ] CVE-2010-1285 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285 [ 27 ] CVE-2010-1295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295 [ 28 ] CVE-2010-1297 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297 [ 29 ] CVE-2010-2168 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168 [ 30 ] CVE-2010-2201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201 [ 31 ] CVE-2010-2202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202 [ 32 ] CVE-2010-2203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203 [ 33 ] CVE-2010-2204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204 [ 34 ] CVE-2010-2205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205 [ 35 ] CVE-2010-2206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206 [ 36 ] CVE-2010-2207 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207 [ 37 ] CVE-2010-2208 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208 [ 38 ] CVE-2010-2209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209 [ 39 ] CVE-2010-2210 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210 [ 40 ] CVE-2010-2211 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211 [ 41 ] CVE-2010-2212 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201009-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201004-0134",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 2.2,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 2.2,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 2.2,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 2.2,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.4.z (server)"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
}
],
"sources": [
{
"db": "BID",
"id": "39469"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001350"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-247"
},
{
"db": "NVD",
"id": "CVE-2010-0194"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001350"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Bing Liu of Fortinet\u0027s FortiGuard Labs",
"sources": [
{
"db": "BID",
"id": "39469"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-247"
}
],
"trust": 0.9
},
"cve": "CVE-2010-0194",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-0194",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-42799",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-0194",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2010-0194",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201004-247",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-42799",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42799"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001350"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-247"
},
{
"db": "NVD",
"id": "CVE-2010-0194"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0197, CVE-2010-0201, and CVE-2010-0204. Adobe Reader and Acrobat There is a service disruption (DoS) A vulnerability exists that could lead to a condition or arbitrary code execution. This vulnerability CVE-2010-0197 , CVE-2010-0201 and CVE-2010-0204 Is a different vulnerability.Service disruption by a third party (DoS) Could be put into a state or execute arbitrary code. Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. Failed exploit attempts will result in a denial-of-service condition. \nThe following products are affected:\nAdobe Reader 9.3.1 and prior for Windows, Macintosh, and UNIX\nAdobe Acrobat 9.3.1 and prior for Windows and Macintosh\nAdobe Reader 8.2.1 and prior for Windows and Macintosh\nAcrobat 8.2.1 and prior for Windows and Macintosh\nNOTE: This issue was originally documented in BID 39329 (Adobe Acrobat and Reader April 2010 Multiple Remote Vulnerabilities); it has been assigned its own BID to better document the vulnerability. \n\n \n\nImpact:\n\n \n\nRemote Code Execution. \n\n \n\nRisk:\n\n \n\nHigh. The vulnerable X3D component is a\nplugin used to display 3D material, which when present in a PDF document,\ncan lead to exploitation (CVE-2010-0194). \n\n * Memory corruption through heap overflow in \"CoolType.dll\"\n(CVE-2010-1241). \n\n \n\nThe vulnerabilities are triggered when opening and rendering a PDF document. \nA remote attacker could craft a malicious document which exploits either one\nof these vulnerabilities, allowing them to compromise a system. \n\n \n\nFortiGuard Labs released the following signatures to protect against these\nvulnerabilities\n\n \n\n * \"Adobe.Reader.DeviceRGB.Subtype.Stream.Memory.Corruption\", previously\nreleased as \"FG-VD-10-003-Adobe\" (CVE-2010-0194). \n\n * \"Adobe.Reader.Acrobat.Pro.CFF.Encodings.Handling.Heap.Overflow\",\npreviously released as \"FG-VD-10-005-Adobe\" (CVE-2010-1241). \n\n \n\nReferences:\n\n \n\n * Adobe Security Bulletin:\nhttp://www.adobe.com/support/security/bulletins/apsb10-09.html\n\n * CVE ID: CVE-2010-0194\n\n * CVE ID: CVE-2010-1241\n\n \n\n \n\nAcknowledgment:\n\n \n\n * Bing Liu of Fortinet\u0027s FortiGuard Labs (CVE-2010-0194)\n\n * Haifei Li of Fortinet\u0027s FortiGuard Labs (CVE-2010-1241)\n\n \n\n \n\n. \n\n\nI. These\n vulnerabilities affect Reader and Acrobat 9.3.1 and earlier 9.x\n versions, and 8.2.1 and earlier versions. \n\n An attacker could exploit these vulnerabilities by convincing a\n user to open a specially crafted PDF file. The Adobe Reader browser\n plug-in is available for multiple web browsers and operating\n systems, which can automatically open PDF documents hosted on a\n website. \n\n\nII. \n\n\nIII. For a fresh installation, first install\n Adobe Reader 9.3.0 or 8.2.0 and then use the automatic update\n feature or install the appropriate update referenced in APSB10-09. Acrobat JavaScript can be disabled using the\n Preferences menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable\n Acrobat JavaScript). \n\n Adobe provides a framework to blacklist specific JavaScipt APIs. If\n JavaScript must be enabled, this feature may be useful when\n specific APIs are known to be vulnerable or used in attacks. \n\n Prevent Internet Explorer from automatically opening PDF documents\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF documents in the web browser\n\n Preventing PDF documents from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF documents from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. \n\n Do not access PDF documents from untrusted sources\n\n Do not open unfamiliar or unexpected PDF documents, particularly\n those hosted on websites or delivered as email attachments. Please\n see Cyber Security Tip ST04-010. \n\n\nIV. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-103C Feedback VU#352598\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n April 13, 2010: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBS8TuRj6pPKYJORa3AQJfzggAj8p3s/TrJT16ceFtRzLR31QBgRq6GxYr\nh8WnsGlj2WR71XjH219XaWx9Mj3KBWVxbAsNPmK0tEir7KA+n4DwZCewTDYRqfYs\n8N7G9MOI68Z87+7zBiZAo0j5/lQuxLWyTF9PqWbX8gCWLqJWW46cEZCqg7OGRbYt\nw8coxdMXU6tM3WGoWAIKwLRtpQUdubcITPTrE7RATyLJ1422B9dkTSeSCuHHZs5d\neXSPYzTQ1EOwHpuA5/a/or2SjeRPLQcpxb/8WKelSqwW3hpK4zviEnPt4cYyeNqW\nBQY06OQMTKch/nmniuEDuiwe69m0gTw7Tw2Dm6xrg6BLBy3A6GAwkQ==\n=CQ6i\n-----END PGP SIGNATURE-----\n. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.3.4\"\n\nReferences\n==========\n\n [ 1 ] APSA10-01\n http://www.adobe.com/support/security/advisories/apsa10-01.html\n [ 2 ] APSB10-02\n http://www.adobe.com/support/security/bulletins/apsb10-02.html\n [ 3 ] APSB10-07\n http://www.adobe.com/support/security/bulletins/apsb10-07.html\n [ 4 ] APSB10-09\n http://www.adobe.com/support/security/bulletins/apsb10-09.html\n [ 5 ] APSB10-14\n http://www.adobe.com/support/security/bulletins/apsb10-14.html\n [ 6 ] APSB10-16\n http://www.adobe.com/support/security/bulletins/apsb10-16.html\n [ 7 ] CVE-2009-3953\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953\n [ 8 ] CVE-2009-4324\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324\n [ 9 ] CVE-2010-0186\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186\n [ 10 ] CVE-2010-0188\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188\n [ 11 ] CVE-2010-0190\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190\n [ 12 ] CVE-2010-0191\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191\n [ 13 ] CVE-2010-0192\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192\n [ 14 ] CVE-2010-0193\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193\n [ 15 ] CVE-2010-0194\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194\n [ 16 ] CVE-2010-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195\n [ 17 ] CVE-2010-0196\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196\n [ 18 ] CVE-2010-0197\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197\n [ 19 ] CVE-2010-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198\n [ 20 ] CVE-2010-0199\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199\n [ 21 ] CVE-2010-0201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201\n [ 22 ] CVE-2010-0202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202\n [ 23 ] CVE-2010-0203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203\n [ 24 ] CVE-2010-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204\n [ 25 ] CVE-2010-1241\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241\n [ 26 ] CVE-2010-1285\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285\n [ 27 ] CVE-2010-1295\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295\n [ 28 ] CVE-2010-1297\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297\n [ 29 ] CVE-2010-2168\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168\n [ 30 ] CVE-2010-2201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201\n [ 31 ] CVE-2010-2202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202\n [ 32 ] CVE-2010-2203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203\n [ 33 ] CVE-2010-2204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204\n [ 34 ] CVE-2010-2205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205\n [ 35 ] CVE-2010-2206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206\n [ 36 ] CVE-2010-2207\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207\n [ 37 ] CVE-2010-2208\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208\n [ 38 ] CVE-2010-2209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209\n [ 39 ] CVE-2010-2210\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210\n [ 40 ] CVE-2010-2211\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211\n [ 41 ] CVE-2010-2212\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201009-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-0194"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001350"
},
{
"db": "BID",
"id": "39469"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "VULHUB",
"id": "VHN-42799"
},
{
"db": "PACKETSTORM",
"id": "88347"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
}
],
"trust": 2.52
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-42799",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42799"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-0194",
"trust": 3.0
},
{
"db": "USCERT",
"id": "TA10-103C",
"trust": 2.6
},
{
"db": "VUPEN",
"id": "ADV-2010-0873",
"trust": 2.5
},
{
"db": "BID",
"id": "39329",
"trust": 2.0
},
{
"db": "BID",
"id": "39469",
"trust": 1.2
},
{
"db": "USCERT",
"id": "SA10-103C",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001350",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "TA10-103C",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201004-247",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "88347",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-42799",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88345",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "93607",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42799"
},
{
"db": "BID",
"id": "39469"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001350"
},
{
"db": "PACKETSTORM",
"id": "88347"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-247"
},
{
"db": "NVD",
"id": "CVE-2010-0194"
}
]
},
"id": "VAR-201004-0134",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-42799"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:58:47.722000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-09",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"title": "APSB10-09",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-09.html"
},
{
"title": "RHSA-2010:0349",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0349.html"
},
{
"title": "TA10-103C",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-103c.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001350"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42799"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001350"
},
{
"db": "NVD",
"id": "CVE-2010-0194"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-103c.html"
},
{
"trust": 2.5,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2010/0873"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/39329"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a6823"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0194"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100009.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-103c/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-13/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0194"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/39469"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-103c.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/index.html#topics"
},
{
"trust": 0.6,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.fortiguard.com/advisory/fga-2010-18.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1241"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-103c.html\u003e"
},
{
"trust": 0.1,
"url": "http://kb2.adobe.com/cps/504/cpsid_50431.html\u003e"
},
{
"trust": 0.1,
"url": "http://blogs.adobe.com/adobereader/2010/04/upcoming_adobe_reader_and_acro.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2203"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2209"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0188"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0202"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0199"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201009-05.xml"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2205"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2211"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1285"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0199"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0190"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2210"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0188"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0198"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-07.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1297"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1241"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1295"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2208"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0190"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0198"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2207"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2168"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2201"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-16.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0186"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2212"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42799"
},
{
"db": "BID",
"id": "39469"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001350"
},
{
"db": "PACKETSTORM",
"id": "88347"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-247"
},
{
"db": "NVD",
"id": "CVE-2010-0194"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-42799"
},
{
"db": "BID",
"id": "39469"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001350"
},
{
"db": "PACKETSTORM",
"id": "88347"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-247"
},
{
"db": "NVD",
"id": "CVE-2010-0194"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-14T00:00:00",
"db": "VULHUB",
"id": "VHN-42799"
},
{
"date": "2010-04-13T00:00:00",
"db": "BID",
"id": "39469"
},
{
"date": "2010-04-08T00:00:00",
"db": "BID",
"id": "39329"
},
{
"date": "2010-04-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001350"
},
{
"date": "2010-04-14T07:07:17",
"db": "PACKETSTORM",
"id": "88347"
},
{
"date": "2010-04-14T07:04:22",
"db": "PACKETSTORM",
"id": "88345"
},
{
"date": "2010-09-08T05:23:46",
"db": "PACKETSTORM",
"id": "93607"
},
{
"date": "2010-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-247"
},
{
"date": "2010-04-14T16:00:00.790000",
"db": "NVD",
"id": "CVE-2010-0194"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-42799"
},
{
"date": "2015-03-19T09:27:00",
"db": "BID",
"id": "39469"
},
{
"date": "2010-04-16T15:53:00",
"db": "BID",
"id": "39329"
},
{
"date": "2010-04-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001350"
},
{
"date": "2010-04-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-247"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2010-0194"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "88347"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-247"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001350"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-247"
}
],
"trust": 0.6
}
}
var-201601-0591
Vulnerability from variot
Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, and CVE-2016-0946. This vulnerability CVE-2016-0931 , CVE-2016-0933 , CVE-2016-0936 , CVE-2016-0938 , CVE-2016-0939 , CVE-2016-0942 , CVE-2016-0944 ,and CVE-2016-0946 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Adobe Acrobat and Reader are prone to multiple memory-corruption vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Security flaws exist in several Adobe products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201601-0591",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.14 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30119 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20056 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30119 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20056 (windows/macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.14 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.006.30097"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.009.20077"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.006.30097"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001047"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-245"
},
{
"db": "NVD",
"id": "CVE-2016-0945"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001047"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Brian Gorenc of HPE\u0027s Zero Day Initiative, Mahinthan Chandramohan, Wei Lei and Liu Yang working with iDefense\u0027s Vulnerability Contributor Program, Jaanus Kp of Clarified Security, working with HPE\u0027s Zero Day Initiative, Chris Navarrete of Fortinet\u0027s FortiG",
"sources": [
{
"db": "BID",
"id": "80361"
}
],
"trust": 0.3
},
"cve": "CVE-2016-0945",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2016-0945",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-88455",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2016-0945",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-0945",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2016-0945",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-245",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-88455",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88455"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001047"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-245"
},
{
"db": "NVD",
"id": "CVE-2016-0945"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, and CVE-2016-0946. This vulnerability CVE-2016-0931 , CVE-2016-0933 , CVE-2016-0936 , CVE-2016-0938 , CVE-2016-0939 , CVE-2016-0942 , CVE-2016-0944 ,and CVE-2016-0946 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Adobe Acrobat and Reader are prone to multiple memory-corruption vulnerabilities. \nAttackers can exploit these issues to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Security flaws exist in several Adobe products",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0945"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001047"
},
{
"db": "BID",
"id": "80361"
},
{
"db": "VULHUB",
"id": "VHN-88455"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0945",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1034646",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001047",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201601-245",
"trust": 0.6
},
{
"db": "ZDI",
"id": "ZDI-16-014",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-015",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-009",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-013",
"trust": 0.3
},
{
"db": "BID",
"id": "80361",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-88455",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88455"
},
{
"db": "BID",
"id": "80361"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001047"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-245"
},
{
"db": "NVD",
"id": "CVE-2016-0945"
}
]
},
"id": "VAR-201601-0591",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88455"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:32:57.896000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-02",
"trust": 0.8,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
},
{
"title": "APSB16-02",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb16-02.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160114.html"
},
{
"title": "Multiple Adobe Product Buffer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59592"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001047"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-245"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88455"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001047"
},
{
"db": "NVD",
"id": "CVE-2016-0945"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1034646"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0945"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160113-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160003.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0945"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17575"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
},
{
"trust": 0.3,
"url": "https://helpx.adobe.com/security/products/reader/apsb16-02.html"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-009/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-013/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-014/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-015/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88455"
},
{
"db": "BID",
"id": "80361"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001047"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-245"
},
{
"db": "NVD",
"id": "CVE-2016-0945"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-88455"
},
{
"db": "BID",
"id": "80361"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001047"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-245"
},
{
"db": "NVD",
"id": "CVE-2016-0945"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-14T00:00:00",
"db": "VULHUB",
"id": "VHN-88455"
},
{
"date": "2016-01-12T00:00:00",
"db": "BID",
"id": "80361"
},
{
"date": "2016-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001047"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-245"
},
{
"date": "2016-01-14T05:59:13.910000",
"db": "NVD",
"id": "CVE-2016-0945"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-07T00:00:00",
"db": "VULHUB",
"id": "VHN-88455"
},
{
"date": "2016-01-14T23:58:00",
"db": "BID",
"id": "80361"
},
{
"date": "2016-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001047"
},
{
"date": "2016-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-245"
},
{
"date": "2016-12-07T23:42:15.943000",
"db": "NVD",
"id": "CVE-2016-0945"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-245"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001047"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-245"
}
],
"trust": 0.6
}
}
var-201412-0449
Vulnerability from variot
Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8457 and CVE-2014-8460. This vulnerability CVE-2014-8457 and CVE-2014-8460 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts likely result in denial-of-service conditions. The affected products are: Adobe Reader 11.x versions prior to 11.0.10 Adobe Reader 10.x versions prior to 10.1.13 Adobe Acrobat 11.x versions prior to 11.0.10 Adobe Acrobat 10.x versions prior to 10.1.13. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201412-0449",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.02"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.06"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.01"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.03"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.07"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.04"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.13)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.13)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.10)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.10)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
}
],
"sources": [
{
"db": "BID",
"id": "71580"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005938"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-238"
},
{
"db": "NVD",
"id": "CVE-2014-9159"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005938"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mateusz Jurczyk of Google Project Zero and Gynvael Coldwind of Google Security Team.",
"sources": [
{
"db": "BID",
"id": "71580"
}
],
"trust": 0.3
},
"cve": "CVE-2014-9159",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-9159",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-77104",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-9159",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-9159",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201412-238",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-77104",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-77104"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005938"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-238"
},
{
"db": "NVD",
"id": "CVE-2014-9159"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8457 and CVE-2014-8460. This vulnerability CVE-2014-8457 and CVE-2014-8460 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts likely result in denial-of-service conditions. \nThe affected products are:\nAdobe Reader 11.x versions prior to 11.0.10\nAdobe Reader 10.x versions prior to 10.1.13\nAdobe Acrobat 11.x versions prior to 11.0.10\nAdobe Acrobat 10.x versions prior to 10.1.13. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-9159"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005938"
},
{
"db": "BID",
"id": "71580"
},
{
"db": "VULHUB",
"id": "VHN-77104"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-9159",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005938",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201412-238",
"trust": 0.7
},
{
"db": "BID",
"id": "71580",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-77104",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-77104"
},
{
"db": "BID",
"id": "71580"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005938"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-238"
},
{
"db": "NVD",
"id": "CVE-2014-9159"
}
]
},
"id": "VAR-201412-0449",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-77104"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T14:21:02.873000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb14-28.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005938"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-9159"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9159"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20141210-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140053.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-9159"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=15071"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-77104"
},
{
"db": "BID",
"id": "71580"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005938"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-238"
},
{
"db": "NVD",
"id": "CVE-2014-9159"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-77104"
},
{
"db": "BID",
"id": "71580"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005938"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-238"
},
{
"db": "NVD",
"id": "CVE-2014-9159"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-10T00:00:00",
"db": "VULHUB",
"id": "VHN-77104"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71580"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005938"
},
{
"date": "2014-12-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-238"
},
{
"date": "2014-12-10T21:59:33.430000",
"db": "NVD",
"id": "CVE-2014-9159"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-77104"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71580"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005938"
},
{
"date": "2014-12-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-238"
},
{
"date": "2014-12-12T01:40:55.657000",
"db": "NVD",
"id": "CVE-2014-9159"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-238"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Heap-based buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005938"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-238"
}
],
"trust": 0.6
}
}
var-201510-0351
Vulnerability from variot
The createSquareMesh function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via invalid arguments, a different vulnerability than CVE-2015-6697, CVE-2015-6699, CVE-2015-6700, CVE-2015-6701, CVE-2015-6703, and CVE-2015-6704. This vulnerability CVE-2015-6697 , CVE-2015-6699 , CVE-2015-6700 , CVE-2015-6701 , CVE-2015-6703 ,and CVE-2015-6704 Is a different vulnerability.An attacker could retrieve important information from process memory via an invalid argument. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the createSquareMesh function. The issue lies in excess values being returned in the error message when improper arguments are given. Adobe Acrobat and Reader are prone to multiple information-disclosure vulnerabilities. An attacker can exploit these issues to gain access to sensitive information that may aid in further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A security vulnerability exists in the 'createSquareMesh' function of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0351",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-480"
},
{
"db": "BID",
"id": "77067"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005259"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-215"
},
{
"db": "NVD",
"id": "CVE-2015-6702"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005259"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri and Jasiel Spelman of HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-480"
},
{
"db": "BID",
"id": "77067"
}
],
"trust": 1.0
},
"cve": "CVE-2015-6702",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6702",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-6702",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84663",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6702",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6702",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2015-6702",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-215",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-84663",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2015-6702",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-480"
},
{
"db": "VULHUB",
"id": "VHN-84663"
},
{
"db": "VULMON",
"id": "CVE-2015-6702"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005259"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-215"
},
{
"db": "NVD",
"id": "CVE-2015-6702"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The createSquareMesh function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via invalid arguments, a different vulnerability than CVE-2015-6697, CVE-2015-6699, CVE-2015-6700, CVE-2015-6701, CVE-2015-6703, and CVE-2015-6704. This vulnerability CVE-2015-6697 , CVE-2015-6699 , CVE-2015-6700 , CVE-2015-6701 , CVE-2015-6703 ,and CVE-2015-6704 Is a different vulnerability.An attacker could retrieve important information from process memory via an invalid argument. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the createSquareMesh function. The issue lies in excess values being returned in the error message when improper arguments are given. Adobe Acrobat and Reader are prone to multiple information-disclosure vulnerabilities. \nAn attacker can exploit these issues to gain access to sensitive information that may aid in further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A security vulnerability exists in the \u0027createSquareMesh\u0027 function of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6702"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005259"
},
{
"db": "ZDI",
"id": "ZDI-15-480"
},
{
"db": "BID",
"id": "77067"
},
{
"db": "VULHUB",
"id": "VHN-84663"
},
{
"db": "VULMON",
"id": "CVE-2015-6702"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6702",
"trust": 3.6
},
{
"db": "ZDI",
"id": "ZDI-15-480",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005259",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3049",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-215",
"trust": 0.7
},
{
"db": "BID",
"id": "77067",
"trust": 0.4
},
{
"db": "ZDI",
"id": "ZDI-15-481",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-475",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-482",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-479",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-478",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-477",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84663",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-6702",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-480"
},
{
"db": "VULHUB",
"id": "VHN-84663"
},
{
"db": "VULMON",
"id": "CVE-2015-6702"
},
{
"db": "BID",
"id": "77067"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005259"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-215"
},
{
"db": "NVD",
"id": "CVE-2015-6702"
}
]
},
"id": "VAR-201510-0351",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84663"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:32.495000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58064"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-480"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005259"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-215"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-772",
"trust": 1.1
},
{
"problemtype": "CWE-200",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84663"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005259"
},
{
"db": "NVD",
"id": "CVE-2015-6702"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.8,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-480"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6702"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6702"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-475/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-477/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-479/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-482/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-480/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-481/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-478/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/772.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.securityfocus.com/bid/77067"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=41495"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-480"
},
{
"db": "VULHUB",
"id": "VHN-84663"
},
{
"db": "VULMON",
"id": "CVE-2015-6702"
},
{
"db": "BID",
"id": "77067"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005259"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-215"
},
{
"db": "NVD",
"id": "CVE-2015-6702"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-480"
},
{
"db": "VULHUB",
"id": "VHN-84663"
},
{
"db": "VULMON",
"id": "CVE-2015-6702"
},
{
"db": "BID",
"id": "77067"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005259"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-215"
},
{
"db": "NVD",
"id": "CVE-2015-6702"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-480"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84663"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULMON",
"id": "CVE-2015-6702"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77067"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005259"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-215"
},
{
"date": "2015-10-14T23:59:24.740000",
"db": "NVD",
"id": "CVE-2015-6702"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-480"
},
{
"date": "2020-05-18T00:00:00",
"db": "VULHUB",
"id": "VHN-84663"
},
{
"date": "2021-09-08T00:00:00",
"db": "VULMON",
"id": "CVE-2015-6702"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77067"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005259"
},
{
"date": "2020-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-215"
},
{
"date": "2021-09-08T17:19:31.890000",
"db": "NVD",
"id": "CVE-2015-6702"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-215"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of createSquareMesh Vulnerability in function that can retrieve important information from process memory",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005259"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-215"
}
],
"trust": 0.6
}
}
var-201510-0368
Vulnerability from variot
The ANStartApproval method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the ANStartApproval method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the ANStartApproval method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0368",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-484"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005265"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-221"
},
{
"db": "NVD",
"id": "CVE-2015-6708"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005265"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-484"
}
],
"trust": 0.7
},
"cve": "CVE-2015-6708",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6708",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.7,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-6708",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84669",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6708",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6708",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-6708",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-221",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-84669",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-484"
},
{
"db": "VULHUB",
"id": "VHN-84669"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005265"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-221"
},
{
"db": "NVD",
"id": "CVE-2015-6708"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The ANStartApproval method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the ANStartApproval method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the ANStartApproval method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6708"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005265"
},
{
"db": "ZDI",
"id": "ZDI-15-484"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "VULHUB",
"id": "VHN-84669"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6708",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-484",
"trust": 2.4
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005265",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3059",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-221",
"trust": 0.7
},
{
"db": "BID",
"id": "77074",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84669",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-484"
},
{
"db": "VULHUB",
"id": "VHN-84669"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005265"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-221"
},
{
"db": "NVD",
"id": "CVE-2015-6708"
}
]
},
"id": "VAR-201510-0368",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84669"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:37.459000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product Privilege License and Access Control Vulnerability Fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58070"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-484"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005265"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-221"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84669"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005265"
},
{
"db": "NVD",
"id": "CVE-2015-6708"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-484"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6708"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6708"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-484"
},
{
"db": "VULHUB",
"id": "VHN-84669"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005265"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-221"
},
{
"db": "NVD",
"id": "CVE-2015-6708"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-484"
},
{
"db": "VULHUB",
"id": "VHN-84669"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005265"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-221"
},
{
"db": "NVD",
"id": "CVE-2015-6708"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-484"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84669"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005265"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-221"
},
{
"date": "2015-10-14T23:59:30.303000",
"db": "NVD",
"id": "CVE-2015-6708"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-484"
},
{
"date": "2020-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-84669"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005265"
},
{
"date": "2020-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-221"
},
{
"date": "2021-09-08T17:19:32.030000",
"db": "NVD",
"id": "CVE-2015-6708"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-221"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of ANStartApproval In the method JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005265"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-221"
}
],
"trust": 0.6
}
}
var-201510-0097
Vulnerability from variot
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-6683, CVE-2015-6684, CVE-2015-6687, CVE-2015-6688, CVE-2015-6689, CVE-2015-6690, CVE-2015-6691, CVE-2015-7615, CVE-2015-7617, and CVE-2015-7621. This vulnerability CVE-2015-6683 , CVE-2015-6684 , CVE-2015-6687 , CVE-2015-6688 , CVE-2015-6689 , CVE-2015-6690 , CVE-2015-6691 , CVE-2015-7615 , CVE-2015-7617 ,and CVE-2015-7621 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. Adobe Acrobat and Reader are prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A use-after-free vulnerability exists in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0097",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005239"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-195"
},
{
"db": "NVD",
"id": "CVE-2015-5586"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005239"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri of HP Zero Day Initiative, Bill Finlayson of Vectra Networks, bilou working with VeriSign iDefense Labs, James Loureiro of MWR Labs, kdot working with HP\u0027s\u0027s Zero Day Initiative, Wei Lei and Wu Hongjun of Nanyang Technological University w",
"sources": [
{
"db": "BID",
"id": "77064"
}
],
"trust": 0.3
},
"cve": "CVE-2015-5586",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-5586",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-83547",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-5586",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-5586",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-195",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-83547",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83547"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005239"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-195"
},
{
"db": "NVD",
"id": "CVE-2015-5586"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-6683, CVE-2015-6684, CVE-2015-6687, CVE-2015-6688, CVE-2015-6689, CVE-2015-6690, CVE-2015-6691, CVE-2015-7615, CVE-2015-7617, and CVE-2015-7621. This vulnerability CVE-2015-6683 , CVE-2015-6684 , CVE-2015-6687 , CVE-2015-6688 , CVE-2015-6689 , CVE-2015-6690 , CVE-2015-6691 , CVE-2015-7615 , CVE-2015-7617 ,and CVE-2015-7621 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. Adobe Acrobat and Reader are prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A use-after-free vulnerability exists in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-5586"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005239"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "VULHUB",
"id": "VHN-83547"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-5586",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005239",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201510-195",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-15-508",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-470",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-493",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-469",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-474",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-492",
"trust": 0.3
},
{
"db": "BID",
"id": "77064",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-83547",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83547"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005239"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-195"
},
{
"db": "NVD",
"id": "CVE-2015-5586"
}
]
},
"id": "VAR-201510-0097",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-83547"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:32.770000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Remediation measures for reusing vulnerabilities after product release",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58044"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005239"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-195"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83547"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005239"
},
{
"db": "NVD",
"id": "CVE-2015-5586"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5586"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-5586"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-469/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-470/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-474/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-492/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-493/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-508/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83547"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005239"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-195"
},
{
"db": "NVD",
"id": "CVE-2015-5586"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-83547"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005239"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-195"
},
{
"db": "NVD",
"id": "CVE-2015-5586"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-83547"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77064"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005239"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-195"
},
{
"date": "2015-10-14T23:59:03.453000",
"db": "NVD",
"id": "CVE-2015-5586"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-83547"
},
{
"date": "2015-10-26T17:00:00",
"db": "BID",
"id": "77064"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005239"
},
{
"date": "2020-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-195"
},
{
"date": "2021-09-08T17:19:31.413000",
"db": "NVD",
"id": "CVE-2015-5586"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-195"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005239"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-195"
}
],
"trust": 0.6
}
}
var-201510-0359
Vulnerability from variot
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via a crafted Optional Content Groups (OCG) object in a WillSave document action, a different vulnerability than CVE-2015-5586, CVE-2015-6683, CVE-2015-6684, CVE-2015-6687, CVE-2015-6689, CVE-2015-6690, CVE-2015-6691, CVE-2015-7615, CVE-2015-7617, and CVE-2015-7621. This vulnerability CVE-2015-5586 , CVE-2015-6683 , CVE-2015-6684 , CVE-2015-6687 , CVE-2015-6689 , CVE-2015-6690 , CVE-2015-6691 , CVE-2015-7615 , CVE-2015-7617 ,and CVE-2015-7621 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlBy the attacker, WillSave document Cleverly crafted in action Optional Content Groups (OCG) Arbitrary code may be executed through the object. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of OCG objects within the WillSave document action. An attacker can leverage this vulnerability to execute arbitrary code under the context of the current process. Adobe Acrobat and Reader are prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A use-after-free vulnerability exists in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0359",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat pro dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-469"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005245"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-201"
},
{
"db": "NVD",
"id": "CVE-2015-6688"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005245"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-469"
}
],
"trust": 0.7
},
"cve": "CVE-2015-6688",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6688",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.7,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-6688",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84649",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6688",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6688",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-6688",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-201",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-84649",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-469"
},
{
"db": "VULHUB",
"id": "VHN-84649"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005245"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-201"
},
{
"db": "NVD",
"id": "CVE-2015-6688"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via a crafted Optional Content Groups (OCG) object in a WillSave document action, a different vulnerability than CVE-2015-5586, CVE-2015-6683, CVE-2015-6684, CVE-2015-6687, CVE-2015-6689, CVE-2015-6690, CVE-2015-6691, CVE-2015-7615, CVE-2015-7617, and CVE-2015-7621. This vulnerability CVE-2015-5586 , CVE-2015-6683 , CVE-2015-6684 , CVE-2015-6687 , CVE-2015-6689 , CVE-2015-6690 , CVE-2015-6691 , CVE-2015-7615 , CVE-2015-7617 ,and CVE-2015-7621 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlBy the attacker, WillSave document Cleverly crafted in action Optional Content Groups (OCG) Arbitrary code may be executed through the object. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of OCG objects within the WillSave document action. An attacker can leverage this vulnerability to execute arbitrary code under the context of the current process. Adobe Acrobat and Reader are prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A use-after-free vulnerability exists in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6688"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005245"
},
{
"db": "ZDI",
"id": "ZDI-15-469"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "VULHUB",
"id": "VHN-84649"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6688",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-469",
"trust": 2.7
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005245",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2997",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-201",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-15-508",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-470",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-493",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-474",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-492",
"trust": 0.3
},
{
"db": "BID",
"id": "77064",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84649",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-469"
},
{
"db": "VULHUB",
"id": "VHN-84649"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005245"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-201"
},
{
"db": "NVD",
"id": "CVE-2015-6688"
}
]
},
"id": "VAR-201510-0359",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84649"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:36.994000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Remediation measures for reusing vulnerabilities after product release",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58050"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-469"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005245"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-201"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84649"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005245"
},
{
"db": "NVD",
"id": "CVE-2015-6688"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-469"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6688"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6688"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-469/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-470/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-474/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-492/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-493/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-508/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-469"
},
{
"db": "VULHUB",
"id": "VHN-84649"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005245"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-201"
},
{
"db": "NVD",
"id": "CVE-2015-6688"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-469"
},
{
"db": "VULHUB",
"id": "VHN-84649"
},
{
"db": "BID",
"id": "77064"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005245"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-201"
},
{
"db": "NVD",
"id": "CVE-2015-6688"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-469"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84649"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77064"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005245"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-201"
},
{
"date": "2015-10-14T23:59:09.987000",
"db": "NVD",
"id": "CVE-2015-6688"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-469"
},
{
"date": "2020-05-18T00:00:00",
"db": "VULHUB",
"id": "VHN-84649"
},
{
"date": "2015-10-26T17:00:00",
"db": "BID",
"id": "77064"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005245"
},
{
"date": "2020-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-201"
},
{
"date": "2021-09-08T17:19:31.573000",
"db": "NVD",
"id": "CVE-2015-6688"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-201"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005245"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-201"
}
],
"trust": 0.6
}
}
var-201412-0505
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456, CVE-2014-8459, CVE-2014-8461, and CVE-2014-9158. Adobe Reader and Acrobat are prone to an unspecified memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201412-0505",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.02"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.01"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.03"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.04"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.07"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.06"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.13)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.13)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.10)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.10)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "71573"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005933"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-233"
},
{
"db": "NVD",
"id": "CVE-2014-8458"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005933"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mateusz Jurczyk of Google Project Zero and Gynvael Coldwind of Google Security Team",
"sources": [
{
"db": "BID",
"id": "71573"
}
],
"trust": 0.3
},
"cve": "CVE-2014-8458",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-8458",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-76403",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-8458",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-8458",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201412-233",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-76403",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2014-8458",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76403"
},
{
"db": "VULMON",
"id": "CVE-2014-8458"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005933"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-233"
},
{
"db": "NVD",
"id": "CVE-2014-8458"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456, CVE-2014-8459, CVE-2014-8461, and CVE-2014-9158. Adobe Reader and Acrobat are prone to an unspecified memory-corruption vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8458"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005933"
},
{
"db": "BID",
"id": "71573"
},
{
"db": "VULHUB",
"id": "VHN-76403"
},
{
"db": "VULMON",
"id": "CVE-2014-8458"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-8458",
"trust": 2.9
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005933",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201412-233",
"trust": 0.7
},
{
"db": "BID",
"id": "71573",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-76403",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2014-8458",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76403"
},
{
"db": "VULMON",
"id": "CVE-2014-8458"
},
{
"db": "BID",
"id": "71573"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005933"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-233"
},
{
"db": "NVD",
"id": "CVE-2014-8458"
}
]
},
"id": "VAR-201412-0505",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-76403"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T14:52:25.696000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb14-28.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005933"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76403"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005933"
},
{
"db": "NVD",
"id": "CVE-2014-8458"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8458"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20141210-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140053.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8458"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=15071"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/94.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76403"
},
{
"db": "VULMON",
"id": "CVE-2014-8458"
},
{
"db": "BID",
"id": "71573"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005933"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-233"
},
{
"db": "NVD",
"id": "CVE-2014-8458"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-76403"
},
{
"db": "VULMON",
"id": "CVE-2014-8458"
},
{
"db": "BID",
"id": "71573"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005933"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-233"
},
{
"db": "NVD",
"id": "CVE-2014-8458"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-10T00:00:00",
"db": "VULHUB",
"id": "VHN-76403"
},
{
"date": "2014-12-10T00:00:00",
"db": "VULMON",
"id": "CVE-2014-8458"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71573"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005933"
},
{
"date": "2014-12-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-233"
},
{
"date": "2014-12-10T21:59:29.180000",
"db": "NVD",
"id": "CVE-2014-8458"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-76403"
},
{
"date": "2014-12-12T00:00:00",
"db": "VULMON",
"id": "CVE-2014-8458"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71573"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005933"
},
{
"date": "2014-12-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-233"
},
{
"date": "2014-12-12T01:35:35.757000",
"db": "NVD",
"id": "CVE-2014-8458"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-233"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005933"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-233"
}
],
"trust": 0.6
}
}
var-201102-0021
Vulnerability from variot
Unspecified vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0585. This vulnerability CVE-2011-0585 Is a different vulnerability.An attacker could execute arbitrary code. Adobe Acrobat and Reader are prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to cause the affected application to crash. Adobe Reader and Acrobat versions prior to 9.4.2 and 10.0.1 are affected.
For more information: SA43207
SOLUTION: Updated packages are available via Red Hat Network. ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA43207
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43207/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
RELEASE DATE: 2011-02-09
DISCUSS ADVISORY: http://secunia.com/advisories/43207/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43207/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader / Acrobat, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks and compromise a user's system.
2) An unspecified error can be exploited to corrupt memory.
3) An unspecified error related to file permissions in Windows-based versions can be exploited to gain escalated privileges.
5) An unspecified error when parsing images can be exploited to corrupt memory.
6) An error in AcroRd32.dll when parsing certain images can be exploited to corrupt memory.
11) An input validation error can be exploited to conduct cross-site scripting attacks.
13) An unspecified error can be exploited to corrupt memory.
14) A boundary error when decoding U3D image data in an IFF file can be exploited to cause a buffer overflow.
15) A boundary error when decoding U3D image data in a RGBA file can be exploited to cause a buffer overflow.
16) A boundary error when decoding U3D image data in a BMP file can be exploited to cause a buffer overflow.
17) A boundary error when decoding U3D image data in a PSD file can be exploited to cause a buffer overflow.
18) An input validation error when parsing fonts may allow code execution.
19) A boundary error when decoding U3D image data in a FLI file can be exploited to cause a buffer overflow.
20) An error in 2d.dll when parsing height and width values of RLE_8 compressed BMP files can be exploited to cause a heap-based buffer overflow.
21) An integer overflow in ACE.dll when parsing certain ICC data can be exploited to cause a buffer overflow.
22) A boundary error in rt3d.dll when parsing bits per pixel and number of colors if 4/8-bit RLE compressed BMP files can be exploited to cause a heap-based buffer overflow.
23) An error in the U3D implementation when handling the Parent Node count can be exploited to cause a buffer overflow.
24) A boundary error when processing JPEG files embedded in a PDF file can be exploited to corrupt heap memory.
26) An input validation error can be exploited to conduct cross-site scripting attacks.
28) A boundary error in rt3d.dll when parsing certain files can be exploited to cause a stack-based buffer overflow.
29) An integer overflow in the U3D implementation when parsing a ILBM texture file can be exploited to cause a buffer overflow.
30) Some vulnerabilities are caused due to vulnerabilities in the bundled version of Adobe Flash Player.
For more information: SA43267
The vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1 and prior, and 10.0 and prior.
SOLUTION: Update to version 8.2.6, 9.4.2, or 10.0.1.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: 2) Bing Liu, Fortinet's FortiGuard Labs. 6) Abdullah Ada via ZDI. 8) Haifei Li, Fortinet's FortiGuard Labs. 14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. 21) Sebastian Apelt via ZDI. 23) el via ZDI. 14) Sean Larsson, iDefense Labs. 28) An anonymous person via ZDI.
The vendor also credits: 1) Mitja Kolsek, ACROS Security. 3) Matthew Pun. 4, 5, 18) Tavis Ormandy, Google Security Team. 7) James Quirk. 9) Brett Gervasoni, Sense of Security. 10) Joe Schatz. 11, 26) Billy Rios, Google Security Team. 12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. 13) CESG. 25) Will Dormann, CERT. 27) Marc Schoenefeld, Red Hat Security Response Team.
ORIGINAL ADVISORY: Adobe (APSB11-03) http://www.adobe.com/support/security/bulletins/apsb11-03.html http://www.adobe.com/support/security/bulletins/apsb11-02.html
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-065/ http://www.zerodayinitiative.com/advisories/ZDI-11-066/ http://www.zerodayinitiative.com/advisories/ZDI-11-067/ http://www.zerodayinitiative.com/advisories/ZDI-11-068/ http://www.zerodayinitiative.com/advisories/ZDI-11-069/ http://www.zerodayinitiative.com/advisories/ZDI-11-070/ http://www.zerodayinitiative.com/advisories/ZDI-11-071/ http://www.zerodayinitiative.com/advisories/ZDI-11-072/ http://www.zerodayinitiative.com/advisories/ZDI-11-073/ http://www.zerodayinitiative.com/advisories/ZDI-11-074/ http://www.zerodayinitiative.com/advisories/ZDI-11-075/ http://www.zerodayinitiative.com/advisories/ZDI-11-077/
FortiGuard Labs: http://www.fortiguard.com/advisory/FGA-2011-06.html
iDefense: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201201-19
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: January 30, 2012 Bugs: #354211, #382969, #393481 ID: 201201-19
Synopsis
Multiple vulnerabilities in Adobe Reader might allow remote attackers to execute arbitrary code or conduct various other attacks.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.4.7 >= 9.4.7=20
Description
Multiple vulnerabilities have been discovered in Adobe Reader. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open a specially crafted PDF file using Adobe Reader, possibly resulting in the remote execution of arbitrary code, a Denial of Service, or other impact.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.7"
References
[ 1 ] CVE-2010-4091 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091 [ 2 ] CVE-2011-0562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562 [ 3 ] CVE-2011-0563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563 [ 4 ] CVE-2011-0565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565 [ 5 ] CVE-2011-0566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566 [ 6 ] CVE-2011-0567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567 [ 7 ] CVE-2011-0570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570 [ 8 ] CVE-2011-0585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585 [ 9 ] CVE-2011-0586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586 [ 10 ] CVE-2011-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587 [ 11 ] CVE-2011-0588 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588 [ 12 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 13 ] CVE-2011-0590 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590 [ 14 ] CVE-2011-0591 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591 [ 15 ] CVE-2011-0592 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592 [ 16 ] CVE-2011-0593 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593 [ 17 ] CVE-2011-0594 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594 [ 18 ] CVE-2011-0595 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595 [ 19 ] CVE-2011-0596 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596 [ 20 ] CVE-2011-0598 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598 [ 21 ] CVE-2011-0599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599 [ 22 ] CVE-2011-0600 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600 [ 23 ] CVE-2011-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602 [ 24 ] CVE-2011-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603 [ 25 ] CVE-2011-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604 [ 26 ] CVE-2011-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605 [ 27 ] CVE-2011-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606 [ 28 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 29 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 30 ] CVE-2011-2135 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 31 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 32 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 33 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 34 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 35 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 36 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 37 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 38 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 39 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 40 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 41 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 42 ] CVE-2011-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431 [ 43 ] CVE-2011-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432 [ 44 ] CVE-2011-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433 [ 45 ] CVE-2011-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434 [ 46 ] CVE-2011-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435 [ 47 ] CVE-2011-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436 [ 48 ] CVE-2011-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437 [ 49 ] CVE-2011-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438 [ 50 ] CVE-2011-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439 [ 51 ] CVE-2011-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440 [ 52 ] CVE-2011-2441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441 [ 53 ] CVE-2011-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442 [ 54 ] CVE-2011-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462 [ 55 ] CVE-2011-4369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201201-19.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0021",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat professional extended",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
}
],
"sources": [
{
"db": "BID",
"id": "46204"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001192"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-155"
},
{
"db": "NVD",
"id": "CVE-2011-0565"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_server_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_workstation_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001192"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tavis Ormandy of the Google Security Team",
"sources": [
{
"db": "BID",
"id": "46204"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-155"
}
],
"trust": 0.9
},
"cve": "CVE-2011-0565",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2011-0565",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-48510",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-0565",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-0565",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-155",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-48510",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48510"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001192"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-155"
},
{
"db": "NVD",
"id": "CVE-2011-0565"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0585. This vulnerability CVE-2011-0585 Is a different vulnerability.An attacker could execute arbitrary code. Adobe Acrobat and Reader are prone to a remote denial-of-service vulnerability. \nAttackers can exploit this issue to cause the affected application to crash. \nAdobe Reader and Acrobat versions prior to 9.4.2 and 10.0.1 are affected. \n\nFor more information:\nSA43207\n\nSOLUTION:\nUpdated packages are available via Red Hat Network. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA43207\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43207/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nRELEASE DATE:\n2011-02-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43207/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43207/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader /\nAcrobat, which can be exploited by malicious, local users to gain\nescalated privileges and by malicious people to conduct cross-site\nscripting attacks and compromise a user\u0027s system. \n\n2) An unspecified error can be exploited to corrupt memory. \n\n3) An unspecified error related to file permissions in Windows-based\nversions can be exploited to gain escalated privileges. \n\n5) An unspecified error when parsing images can be exploited to\ncorrupt memory. \n\n6) An error in AcroRd32.dll when parsing certain images can be\nexploited to corrupt memory. \n\n11) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n13) An unspecified error can be exploited to corrupt memory. \n\n14) A boundary error when decoding U3D image data in an IFF file can\nbe exploited to cause a buffer overflow. \n\n15) A boundary error when decoding U3D image data in a RGBA file can\nbe exploited to cause a buffer overflow. \n\n16) A boundary error when decoding U3D image data in a BMP file can\nbe exploited to cause a buffer overflow. \n\n17) A boundary error when decoding U3D image data in a PSD file can\nbe exploited to cause a buffer overflow. \n\n18) An input validation error when parsing fonts may allow code\nexecution. \n\n19) A boundary error when decoding U3D image data in a FLI file can\nbe exploited to cause a buffer overflow. \n\n20) An error in 2d.dll when parsing height and width values of RLE_8\ncompressed BMP files can be exploited to cause a heap-based buffer\noverflow. \n\n21) An integer overflow in ACE.dll when parsing certain ICC data can\nbe exploited to cause a buffer overflow. \n\n22) A boundary error in rt3d.dll when parsing bits per pixel and\nnumber of colors if 4/8-bit RLE compressed BMP files can be exploited\nto cause a heap-based buffer overflow. \n\n23) An error in the U3D implementation when handling the Parent Node\ncount can be exploited to cause a buffer overflow. \n\n24) A boundary error when processing JPEG files embedded in a PDF\nfile can be exploited to corrupt heap memory. \n\n26) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n28) A boundary error in rt3d.dll when parsing certain files can be\nexploited to cause a stack-based buffer overflow. \n\n29) An integer overflow in the U3D implementation when parsing a ILBM\ntexture file can be exploited to cause a buffer overflow. \n\n30) Some vulnerabilities are caused due to vulnerabilities in the\nbundled version of Adobe Flash Player. \n\nFor more information:\nSA43267\n\nThe vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1\nand prior, and 10.0 and prior. \n\nSOLUTION:\nUpdate to version 8.2.6, 9.4.2, or 10.0.1. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\n2) Bing Liu, Fortinet\u0027s FortiGuard Labs. \n6) Abdullah Ada via ZDI. \n8) Haifei Li, Fortinet\u0027s FortiGuard Labs. \n14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. \n21) Sebastian Apelt via ZDI. \n23) el via ZDI. \n14) Sean Larsson, iDefense Labs. \n28) An anonymous person via ZDI. \n\nThe vendor also credits:\n1) Mitja Kolsek, ACROS Security. \n3) Matthew Pun. \n4, 5, 18) Tavis Ormandy, Google Security Team. \n7) James Quirk. \n9) Brett Gervasoni, Sense of Security. \n10) Joe Schatz. \n11, 26) Billy Rios, Google Security Team. \n12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. \n13) CESG. \n25) Will Dormann, CERT. \n27) Marc Schoenefeld, Red Hat Security Response Team. \n\nORIGINAL ADVISORY:\nAdobe (APSB11-03)\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-02.html\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-065/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-066/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-067/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-068/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-069/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-070/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-071/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-072/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-073/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-074/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-075/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-077/\n\nFortiGuard Labs:\nhttp://www.fortiguard.com/advisory/FGA-2011-06.html\n\niDefense:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201201-19\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: January 30, 2012\n Bugs: #354211, #382969, #393481\n ID: 201201-19\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might allow remote attackers\nto execute arbitrary code or conduct various other attacks. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/acroread \u003c 9.4.7 \u003e= 9.4.7=20\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Adobe Reader. Please\nreview the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could entice a user to open a specially crafted PDF\nfile using Adobe Reader, possibly resulting in the remote execution of\narbitrary code, a Denial of Service, or other impact. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.4.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-4091\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091\n[ 2 ] CVE-2011-0562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562\n[ 3 ] CVE-2011-0563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563\n[ 4 ] CVE-2011-0565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565\n[ 5 ] CVE-2011-0566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566\n[ 6 ] CVE-2011-0567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567\n[ 7 ] CVE-2011-0570\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570\n[ 8 ] CVE-2011-0585\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585\n[ 9 ] CVE-2011-0586\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586\n[ 10 ] CVE-2011-0587\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587\n[ 11 ] CVE-2011-0588\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588\n[ 12 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 13 ] CVE-2011-0590\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590\n[ 14 ] CVE-2011-0591\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591\n[ 15 ] CVE-2011-0592\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592\n[ 16 ] CVE-2011-0593\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593\n[ 17 ] CVE-2011-0594\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594\n[ 18 ] CVE-2011-0595\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595\n[ 19 ] CVE-2011-0596\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596\n[ 20 ] CVE-2011-0598\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598\n[ 21 ] CVE-2011-0599\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599\n[ 22 ] CVE-2011-0600\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600\n[ 23 ] CVE-2011-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602\n[ 24 ] CVE-2011-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603\n[ 25 ] CVE-2011-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604\n[ 26 ] CVE-2011-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605\n[ 27 ] CVE-2011-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606\n[ 28 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 29 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 30 ] CVE-2011-2135\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 31 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 32 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 33 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 34 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 35 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 36 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 37 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 38 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 39 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 40 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 41 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 42 ] CVE-2011-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431\n[ 43 ] CVE-2011-2432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432\n[ 44 ] CVE-2011-2433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433\n[ 45 ] CVE-2011-2434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434\n[ 46 ] CVE-2011-2435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435\n[ 47 ] CVE-2011-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436\n[ 48 ] CVE-2011-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437\n[ 49 ] CVE-2011-2438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438\n[ 50 ] CVE-2011-2439\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439\n[ 51 ] CVE-2011-2440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440\n[ 52 ] CVE-2011-2441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441\n[ 53 ] CVE-2011-2442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442\n[ 54 ] CVE-2011-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462\n[ 55 ] CVE-2011-4369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201201-19.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0565"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001192"
},
{
"db": "BID",
"id": "46204"
},
{
"db": "VULHUB",
"id": "VHN-48510"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-0565",
"trust": 2.9
},
{
"db": "VUPEN",
"id": "ADV-2011-0337",
"trust": 1.9
},
{
"db": "SECTRACK",
"id": "1025033",
"trust": 1.9
},
{
"db": "BID",
"id": "46204",
"trust": 1.4
},
{
"db": "SECUNIA",
"id": "43470",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2011-0492",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "43207",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001192",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201102-155",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-48510",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99246",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-074",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-071",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-070",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-066",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-067",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-077",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-073",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-072",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-065",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-068",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-075",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-069",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98320",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109194",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48510"
},
{
"db": "BID",
"id": "46204"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001192"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-155"
},
{
"db": "NVD",
"id": "CVE-2011-0565"
}
]
},
"id": "VAR-201102-0021",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48510"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:16:31.080000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-03",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"title": "cpsid_89065",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/890/cpsid_89065.html"
},
{
"title": "RHSA-2011:0301",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2011-0301.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001192"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0565"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"trust": 1.9,
"url": "http://www.securitytracker.com/id?1025033"
},
{
"trust": 1.9,
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/46204"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12606"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2011-0301.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/43470"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2011/0492"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0565"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2011/at110004.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0565"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/43207"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/vim/section_179/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/#comments"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-0301.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43470"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-066/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-068/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/#comments"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-065/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-072/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-073/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-069/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-075/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-070/"
},
{
"trust": 0.1,
"url": "http://www.fortiguard.com/advisory/fga-2011-06.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-077/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-067/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-071/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-074/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48510"
},
{
"db": "BID",
"id": "46204"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001192"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-155"
},
{
"db": "NVD",
"id": "CVE-2011-0565"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-48510"
},
{
"db": "BID",
"id": "46204"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001192"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-155"
},
{
"db": "NVD",
"id": "CVE-2011-0565"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-48510"
},
{
"date": "2011-02-08T00:00:00",
"db": "BID",
"id": "46204"
},
{
"date": "2011-03-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001192"
},
{
"date": "2011-03-14T11:37:12",
"db": "PACKETSTORM",
"id": "99246"
},
{
"date": "2011-02-09T03:30:01",
"db": "PACKETSTORM",
"id": "98320"
},
{
"date": "2012-01-31T00:07:37",
"db": "PACKETSTORM",
"id": "109194"
},
{
"date": "2011-02-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-155"
},
{
"date": "2011-02-10T18:00:57.987000",
"db": "NVD",
"id": "CVE-2011-0565"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-48510"
},
{
"date": "2015-03-19T08:45:00",
"db": "BID",
"id": "46204"
},
{
"date": "2011-03-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001192"
},
{
"date": "2011-02-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-155"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2011-0565"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-155"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001192"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-155"
}
],
"trust": 0.6
}
}
var-201102-0072
Vulnerability from variot
Stack-based buffer overflow in rt3d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors related to a crafted length value, a different vulnerability than CVE-2011-0563 and CVE-2011-0589. This vulnerability CVE-2011-0563 and CVE-2011-0589 Is a different vulnerability.Arbitrary code is executed or service operation is interrupted by a third party (DoS) There is a possibility of being put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the rt3d.dll component explicitly trusting a length embedded within a particular file in order to calculate the length of a buffer. The application will then duplicate an arbitrarily sized string into a statically sized buffer located on the stack. This can lead to code execution under the context of the application. Adobe Reader and Acrobat versions prior to 9.4.2 and 10.0.1 are affected.
For more information: SA43207
SOLUTION: Updated packages are available via Red Hat Network.
-- Vendor Response: Adobe has issued an update to correct this vulnerability. More details can be found at:
http://www.adobe.com/support/security/bulletins/apsb11-03.html
-- Disclosure Timeline: 2010-11-29 - Vulnerability reported to vendor 2011-02-08 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by: * Anonymous
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
Follow the ZDI on Twitter:
http://twitter.com/thezdi
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA43207
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43207/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
RELEASE DATE: 2011-02-09
DISCUSS ADVISORY: http://secunia.com/advisories/43207/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43207/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader / Acrobat, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks and compromise a user's system.
2) An unspecified error can be exploited to corrupt memory.
3) An unspecified error related to file permissions in Windows-based versions can be exploited to gain escalated privileges.
5) An unspecified error when parsing images can be exploited to corrupt memory.
6) An error in AcroRd32.dll when parsing certain images can be exploited to corrupt memory.
11) An input validation error can be exploited to conduct cross-site scripting attacks.
13) An unspecified error can be exploited to corrupt memory.
14) A boundary error when decoding U3D image data in an IFF file can be exploited to cause a buffer overflow.
15) A boundary error when decoding U3D image data in a RGBA file can be exploited to cause a buffer overflow.
16) A boundary error when decoding U3D image data in a BMP file can be exploited to cause a buffer overflow.
17) A boundary error when decoding U3D image data in a PSD file can be exploited to cause a buffer overflow.
18) An input validation error when parsing fonts may allow code execution.
19) A boundary error when decoding U3D image data in a FLI file can be exploited to cause a buffer overflow.
20) An error in 2d.dll when parsing height and width values of RLE_8 compressed BMP files can be exploited to cause a heap-based buffer overflow.
21) An integer overflow in ACE.dll when parsing certain ICC data can be exploited to cause a buffer overflow.
22) A boundary error in rt3d.dll when parsing bits per pixel and number of colors if 4/8-bit RLE compressed BMP files can be exploited to cause a heap-based buffer overflow.
23) An error in the U3D implementation when handling the Parent Node count can be exploited to cause a buffer overflow.
24) A boundary error when processing JPEG files embedded in a PDF file can be exploited to corrupt heap memory.
26) An input validation error can be exploited to conduct cross-site scripting attacks.
28) A boundary error in rt3d.dll when parsing certain files can be exploited to cause a stack-based buffer overflow.
29) An integer overflow in the U3D implementation when parsing a ILBM texture file can be exploited to cause a buffer overflow.
30) Some vulnerabilities are caused due to vulnerabilities in the bundled version of Adobe Flash Player.
For more information: SA43267
The vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1 and prior, and 10.0 and prior.
SOLUTION: Update to version 8.2.6, 9.4.2, or 10.0.1.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: 2) Bing Liu, Fortinet's FortiGuard Labs. 6) Abdullah Ada via ZDI. 8) Haifei Li, Fortinet's FortiGuard Labs. 14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. 21) Sebastian Apelt via ZDI. 23) el via ZDI. 14) Sean Larsson, iDefense Labs. 28) An anonymous person via ZDI.
The vendor also credits: 1) Mitja Kolsek, ACROS Security. 3) Matthew Pun. 4, 5, 18) Tavis Ormandy, Google Security Team. 7) James Quirk. 9) Brett Gervasoni, Sense of Security. 10) Joe Schatz. 11, 26) Billy Rios, Google Security Team. 12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. 13) CESG. 25) Will Dormann, CERT. 27) Marc Schoenefeld, Red Hat Security Response Team.
ORIGINAL ADVISORY: Adobe (APSB11-03) http://www.adobe.com/support/security/bulletins/apsb11-03.html http://www.adobe.com/support/security/bulletins/apsb11-02.html
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-065/ http://www.zerodayinitiative.com/advisories/ZDI-11-066/ http://www.zerodayinitiative.com/advisories/ZDI-11-067/ http://www.zerodayinitiative.com/advisories/ZDI-11-068/ http://www.zerodayinitiative.com/advisories/ZDI-11-069/ http://www.zerodayinitiative.com/advisories/ZDI-11-070/ http://www.zerodayinitiative.com/advisories/ZDI-11-071/ http://www.zerodayinitiative.com/advisories/ZDI-11-072/ http://www.zerodayinitiative.com/advisories/ZDI-11-073/ http://www.zerodayinitiative.com/advisories/ZDI-11-074/ http://www.zerodayinitiative.com/advisories/ZDI-11-075/ http://www.zerodayinitiative.com/advisories/ZDI-11-077/
FortiGuard Labs: http://www.fortiguard.com/advisory/FGA-2011-06.html
iDefense: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.7"
References
[ 1 ] CVE-2010-4091 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091 [ 2 ] CVE-2011-0562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562 [ 3 ] CVE-2011-0563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563 [ 4 ] CVE-2011-0565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565 [ 5 ] CVE-2011-0566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566 [ 6 ] CVE-2011-0567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567 [ 7 ] CVE-2011-0570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570 [ 8 ] CVE-2011-0585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585 [ 9 ] CVE-2011-0586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586 [ 10 ] CVE-2011-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587 [ 11 ] CVE-2011-0588 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588 [ 12 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 13 ] CVE-2011-0590 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590 [ 14 ] CVE-2011-0591 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591 [ 15 ] CVE-2011-0592 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592 [ 16 ] CVE-2011-0593 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593 [ 17 ] CVE-2011-0594 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594 [ 18 ] CVE-2011-0595 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595 [ 19 ] CVE-2011-0596 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596 [ 20 ] CVE-2011-0598 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598 [ 21 ] CVE-2011-0599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599 [ 22 ] CVE-2011-0600 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600 [ 23 ] CVE-2011-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602 [ 24 ] CVE-2011-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603 [ 25 ] CVE-2011-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604 [ 26 ] CVE-2011-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605 [ 27 ] CVE-2011-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606 [ 28 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 29 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 30 ] CVE-2011-2135 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 31 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 32 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 33 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 34 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 35 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 36 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 37 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 38 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 39 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 40 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 41 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 42 ] CVE-2011-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431 [ 43 ] CVE-2011-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432 [ 44 ] CVE-2011-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433 [ 45 ] CVE-2011-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434 [ 46 ] CVE-2011-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435 [ 47 ] CVE-2011-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436 [ 48 ] CVE-2011-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437 [ 49 ] CVE-2011-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438 [ 50 ] CVE-2011-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439 [ 51 ] CVE-2011-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440 [ 52 ] CVE-2011-2441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441 [ 53 ] CVE-2011-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442 [ 54 ] CVE-2011-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462 [ 55 ] CVE-2011-4369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201201-19.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0072",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "reader",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.3"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat professional extended",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-075"
},
{
"db": "BID",
"id": "46201"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001216"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-131"
},
{
"db": "NVD",
"id": "CVE-2011-0606"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_server_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_workstation_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001216"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anonymous",
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-075"
},
{
"db": "BID",
"id": "46201"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-131"
}
],
"trust": 1.6
},
"cve": "CVE-2011-0606",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2011-0606",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2011-0606",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-48551",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-0606",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-0606",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2011-0606",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-131",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-48551",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-075"
},
{
"db": "VULHUB",
"id": "VHN-48551"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001216"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-131"
},
{
"db": "NVD",
"id": "CVE-2011-0606"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in rt3d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors related to a crafted length value, a different vulnerability than CVE-2011-0563 and CVE-2011-0589. This vulnerability CVE-2011-0563 and CVE-2011-0589 Is a different vulnerability.Arbitrary code is executed or service operation is interrupted by a third party (DoS) There is a possibility of being put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the rt3d.dll component explicitly trusting a length embedded within a particular file in order to calculate the length of a buffer. The application will then duplicate an arbitrarily sized string into a statically sized buffer located on the stack. This can lead to code execution under the context of the application. \nAdobe Reader and Acrobat versions prior to 9.4.2 and 10.0.1 are affected. \n\nFor more information:\nSA43207\n\nSOLUTION:\nUpdated packages are available via Red Hat Network. \n\n-- Vendor Response:\nAdobe has issued an update to correct this vulnerability. More\ndetails can be found at:\n\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\n\n-- Disclosure Timeline:\n2010-11-29 - Vulnerability reported to vendor\n2011-02-08 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n * Anonymous\n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. TippingPoint does not re-sell the vulnerability details or any\nexploit code. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nFollow the ZDI on Twitter:\n\n http://twitter.com/thezdi\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA43207\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43207/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nRELEASE DATE:\n2011-02-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43207/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43207/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader /\nAcrobat, which can be exploited by malicious, local users to gain\nescalated privileges and by malicious people to conduct cross-site\nscripting attacks and compromise a user\u0027s system. \n\n2) An unspecified error can be exploited to corrupt memory. \n\n3) An unspecified error related to file permissions in Windows-based\nversions can be exploited to gain escalated privileges. \n\n5) An unspecified error when parsing images can be exploited to\ncorrupt memory. \n\n6) An error in AcroRd32.dll when parsing certain images can be\nexploited to corrupt memory. \n\n11) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n13) An unspecified error can be exploited to corrupt memory. \n\n14) A boundary error when decoding U3D image data in an IFF file can\nbe exploited to cause a buffer overflow. \n\n15) A boundary error when decoding U3D image data in a RGBA file can\nbe exploited to cause a buffer overflow. \n\n16) A boundary error when decoding U3D image data in a BMP file can\nbe exploited to cause a buffer overflow. \n\n17) A boundary error when decoding U3D image data in a PSD file can\nbe exploited to cause a buffer overflow. \n\n18) An input validation error when parsing fonts may allow code\nexecution. \n\n19) A boundary error when decoding U3D image data in a FLI file can\nbe exploited to cause a buffer overflow. \n\n20) An error in 2d.dll when parsing height and width values of RLE_8\ncompressed BMP files can be exploited to cause a heap-based buffer\noverflow. \n\n21) An integer overflow in ACE.dll when parsing certain ICC data can\nbe exploited to cause a buffer overflow. \n\n22) A boundary error in rt3d.dll when parsing bits per pixel and\nnumber of colors if 4/8-bit RLE compressed BMP files can be exploited\nto cause a heap-based buffer overflow. \n\n23) An error in the U3D implementation when handling the Parent Node\ncount can be exploited to cause a buffer overflow. \n\n24) A boundary error when processing JPEG files embedded in a PDF\nfile can be exploited to corrupt heap memory. \n\n26) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n28) A boundary error in rt3d.dll when parsing certain files can be\nexploited to cause a stack-based buffer overflow. \n\n29) An integer overflow in the U3D implementation when parsing a ILBM\ntexture file can be exploited to cause a buffer overflow. \n\n30) Some vulnerabilities are caused due to vulnerabilities in the\nbundled version of Adobe Flash Player. \n\nFor more information:\nSA43267\n\nThe vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1\nand prior, and 10.0 and prior. \n\nSOLUTION:\nUpdate to version 8.2.6, 9.4.2, or 10.0.1. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\n2) Bing Liu, Fortinet\u0027s FortiGuard Labs. \n6) Abdullah Ada via ZDI. \n8) Haifei Li, Fortinet\u0027s FortiGuard Labs. \n14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. \n21) Sebastian Apelt via ZDI. \n23) el via ZDI. \n14) Sean Larsson, iDefense Labs. \n28) An anonymous person via ZDI. \n\nThe vendor also credits:\n1) Mitja Kolsek, ACROS Security. \n3) Matthew Pun. \n4, 5, 18) Tavis Ormandy, Google Security Team. \n7) James Quirk. \n9) Brett Gervasoni, Sense of Security. \n10) Joe Schatz. \n11, 26) Billy Rios, Google Security Team. \n12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. \n13) CESG. \n25) Will Dormann, CERT. \n27) Marc Schoenefeld, Red Hat Security Response Team. \n\nORIGINAL ADVISORY:\nAdobe (APSB11-03)\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-02.html\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-065/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-066/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-067/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-068/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-069/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-070/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-071/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-072/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-073/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-074/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-075/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-077/\n\nFortiGuard Labs:\nhttp://www.fortiguard.com/advisory/FGA-2011-06.html\n\niDefense:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. Please\nreview the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.4.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-4091\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091\n[ 2 ] CVE-2011-0562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562\n[ 3 ] CVE-2011-0563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563\n[ 4 ] CVE-2011-0565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565\n[ 5 ] CVE-2011-0566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566\n[ 6 ] CVE-2011-0567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567\n[ 7 ] CVE-2011-0570\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570\n[ 8 ] CVE-2011-0585\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585\n[ 9 ] CVE-2011-0586\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586\n[ 10 ] CVE-2011-0587\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587\n[ 11 ] CVE-2011-0588\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588\n[ 12 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 13 ] CVE-2011-0590\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590\n[ 14 ] CVE-2011-0591\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591\n[ 15 ] CVE-2011-0592\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592\n[ 16 ] CVE-2011-0593\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593\n[ 17 ] CVE-2011-0594\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594\n[ 18 ] CVE-2011-0595\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595\n[ 19 ] CVE-2011-0596\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596\n[ 20 ] CVE-2011-0598\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598\n[ 21 ] CVE-2011-0599\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599\n[ 22 ] CVE-2011-0600\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600\n[ 23 ] CVE-2011-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602\n[ 24 ] CVE-2011-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603\n[ 25 ] CVE-2011-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604\n[ 26 ] CVE-2011-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605\n[ 27 ] CVE-2011-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606\n[ 28 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 29 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 30 ] CVE-2011-2135\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 31 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 32 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 33 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 34 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 35 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 36 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 37 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 38 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 39 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 40 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 41 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 42 ] CVE-2011-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431\n[ 43 ] CVE-2011-2432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432\n[ 44 ] CVE-2011-2433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433\n[ 45 ] CVE-2011-2434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434\n[ 46 ] CVE-2011-2435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435\n[ 47 ] CVE-2011-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436\n[ 48 ] CVE-2011-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437\n[ 49 ] CVE-2011-2438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438\n[ 50 ] CVE-2011-2439\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439\n[ 51 ] CVE-2011-2440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440\n[ 52 ] CVE-2011-2441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441\n[ 53 ] CVE-2011-2442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442\n[ 54 ] CVE-2011-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462\n[ 55 ] CVE-2011-4369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201201-19.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0606"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001216"
},
{
"db": "ZDI",
"id": "ZDI-11-075"
},
{
"db": "BID",
"id": "46201"
},
{
"db": "VULHUB",
"id": "VHN-48551"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98291"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
}
],
"trust": 2.97
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-48551",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48551"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-0606",
"trust": 3.7
},
{
"db": "BID",
"id": "46201",
"trust": 2.2
},
{
"db": "SECTRACK",
"id": "1025033",
"trust": 1.9
},
{
"db": "VUPEN",
"id": "ADV-2011-0337",
"trust": 1.9
},
{
"db": "ZDI",
"id": "ZDI-11-075",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "43470",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2011-0492",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "43207",
"trust": 1.0
},
{
"db": "XF",
"id": "65309",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001216",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-1003",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201102-131",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "98291",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-48551",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99246",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-074",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-071",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-070",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-066",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-067",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-077",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-073",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-072",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-065",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-068",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-069",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98320",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109194",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-075"
},
{
"db": "VULHUB",
"id": "VHN-48551"
},
{
"db": "BID",
"id": "46201"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001216"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98291"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-131"
},
{
"db": "NVD",
"id": "CVE-2011-0606"
}
]
},
"id": "VAR-201102-0072",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48551"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:12:51.104000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-03",
"trust": 1.5,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"title": "cpsid_89065",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/890/cpsid_89065.html"
},
{
"title": "RHSA-2011:0301",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2011-0301.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-075"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001216"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48551"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001216"
},
{
"db": "NVD",
"id": "CVE-2011-0606"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/46201"
},
{
"trust": 1.9,
"url": "http://www.securitytracker.com/id?1025033"
},
{
"trust": 1.9,
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/516317/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12550"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2011-0301.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/43470"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2011/0492"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65309"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0606"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/65309"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2011/at110004.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0606"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/43207"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.4,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-075/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/vim/section_179/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/#comments"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-0301.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43470"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-075"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://twitter.com/thezdi"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-066/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-068/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/#comments"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-065/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-072/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-073/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-069/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-070/"
},
{
"trust": 0.1,
"url": "http://www.fortiguard.com/advisory/fga-2011-06.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-077/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-067/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-071/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-074/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-075"
},
{
"db": "VULHUB",
"id": "VHN-48551"
},
{
"db": "BID",
"id": "46201"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001216"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98291"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-131"
},
{
"db": "NVD",
"id": "CVE-2011-0606"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-11-075"
},
{
"db": "VULHUB",
"id": "VHN-48551"
},
{
"db": "BID",
"id": "46201"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001216"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98291"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-131"
},
{
"db": "NVD",
"id": "CVE-2011-0606"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-08T00:00:00",
"db": "ZDI",
"id": "ZDI-11-075"
},
{
"date": "2011-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-48551"
},
{
"date": "2011-02-08T00:00:00",
"db": "BID",
"id": "46201"
},
{
"date": "2011-03-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001216"
},
{
"date": "2011-03-14T11:37:12",
"db": "PACKETSTORM",
"id": "99246"
},
{
"date": "2011-02-08T22:46:52",
"db": "PACKETSTORM",
"id": "98291"
},
{
"date": "2011-02-09T03:30:01",
"db": "PACKETSTORM",
"id": "98320"
},
{
"date": "2012-01-31T00:07:37",
"db": "PACKETSTORM",
"id": "109194"
},
{
"date": "2011-02-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-131"
},
{
"date": "2011-02-10T18:00:59.037000",
"db": "NVD",
"id": "CVE-2011-0606"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-08T00:00:00",
"db": "ZDI",
"id": "ZDI-11-075"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-48551"
},
{
"date": "2013-06-20T09:39:00",
"db": "BID",
"id": "46201"
},
{
"date": "2011-03-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001216"
},
{
"date": "2011-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-131"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2011-0606"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "98291"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-131"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001216"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-131"
}
],
"trust": 0.6
}
}
var-201409-0429
Vulnerability from variot
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. Adobe Reader and Acrobat are prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts likely result in denial-of-service conditions. The affected products are: Adobe Reader 11.x versions prior to 11.0.09 Adobe Reader 10.x versions prior to 10.1.12 Adobe Acrobat 11.x versions prior to 11.0.09 Adobe Acrobat 10.x versions prior to 10.1.12. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201409-0429",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.09)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.12)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.09)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.12)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "69823"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004239"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-579"
},
{
"db": "NVD",
"id": "CVE-2014-0560"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-004239"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wei Lei and Wu Hongjun of Nanyang Technological University working with Verisign iDefense Labs.",
"sources": [
{
"db": "BID",
"id": "69823"
}
],
"trust": 0.3
},
"cve": "CVE-2014-0560",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-0560",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-68053",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-0560",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-0560",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201409-579",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-68053",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68053"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004239"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-579"
},
{
"db": "NVD",
"id": "CVE-2014-0560"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. Adobe Reader and Acrobat are prone to a remote code-execution vulnerability. \nAttackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts likely result in denial-of-service conditions. \nThe affected products are:\nAdobe Reader 11.x versions prior to 11.0.09\nAdobe Reader 10.x versions prior to 10.1.12\nAdobe Acrobat 11.x versions prior to 11.0.09\nAdobe Acrobat 10.x versions prior to 10.1.12. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0560"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004239"
},
{
"db": "BID",
"id": "69823"
},
{
"db": "VULHUB",
"id": "VHN-68053"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0560",
"trust": 2.8
},
{
"db": "BID",
"id": "69823",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1030853",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004239",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201409-579",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-68053",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68053"
},
{
"db": "BID",
"id": "69823"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004239"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-579"
},
{
"db": "NVD",
"id": "CVE-2014-0560"
}
]
},
"id": "VAR-201409-0429",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-68053"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:53.323000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB14-20",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-20.html"
},
{
"title": "APSB14-20",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb14-20.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20140918.html"
},
{
"title": "AdbeRdrUpd10112",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51675"
},
{
"title": "AcrobatUpd10112",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51679"
},
{
"title": "AdbeRdrUpd11009",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51674"
},
{
"title": "AcrobatUpd11009",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51678"
},
{
"title": "AdbeRdrUpd10112",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51673"
},
{
"title": "AcrobatUpd10112",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51677"
},
{
"title": "AdbeRdrUpd11009",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51676"
},
{
"title": "AcrobatUpd11009",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51680"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-004239"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-579"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68053"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004239"
},
{
"db": "NVD",
"id": "CVE-2014-0560"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-20.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/69823"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1030853"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96001"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0560"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20140917-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140036.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0560"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=14605"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/reader/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68053"
},
{
"db": "BID",
"id": "69823"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004239"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-579"
},
{
"db": "NVD",
"id": "CVE-2014-0560"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-68053"
},
{
"db": "BID",
"id": "69823"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004239"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-579"
},
{
"db": "NVD",
"id": "CVE-2014-0560"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-09-17T00:00:00",
"db": "VULHUB",
"id": "VHN-68053"
},
{
"date": "2014-09-16T00:00:00",
"db": "BID",
"id": "69823"
},
{
"date": "2014-09-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-004239"
},
{
"date": "2014-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201409-579"
},
{
"date": "2014-09-17T10:55:06.573000",
"db": "NVD",
"id": "CVE-2014-0560"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-68053"
},
{
"date": "2014-09-16T00:00:00",
"db": "BID",
"id": "69823"
},
{
"date": "2014-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-004239"
},
{
"date": "2014-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201409-579"
},
{
"date": "2017-08-29T01:34:12.387000",
"db": "NVD",
"id": "CVE-2014-0560"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201409-579"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-004239"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201409-579"
}
],
"trust": 0.6
}
}
var-201309-0158
Vulnerability from variot
Integer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-3358. This vulnerability CVE-2013-3358 Is a different vulnerability.An attacker could execute arbitrary code. Adobe Acrobat and Reader are prone to an unspecified remote integer-overflow vulnerability. Failed attacks may cause a denial-of-service condition. Note: This issue was previously discussed in BID 62293 (Adobe Acrobat and Reader APSB13-22 Multiple Remote Code Execution Vulnerabilities), but has been moved to its own record for better documentation. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201309-0158",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 2.2,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 2.2,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 2.2,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.04)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.8)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.04)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.8)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "x10.1.8"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "x10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "x11.0.3"
},
{
"model": "reader xi",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat xi",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
}
],
"sources": [
{
"db": "BID",
"id": "62433"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004082"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-152"
},
{
"db": "NVD",
"id": "CVE-2013-3357"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004082"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Carlos Mario Penagos Hollmann of IOActive",
"sources": [
{
"db": "BID",
"id": "62433"
}
],
"trust": 0.3
},
"cve": "CVE-2013-3357",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2013-3357",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-63359",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-3357",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2013-3357",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201309-152",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-63359",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63359"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004082"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-152"
},
{
"db": "NVD",
"id": "CVE-2013-3357"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Integer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-3358. This vulnerability CVE-2013-3358 Is a different vulnerability.An attacker could execute arbitrary code. Adobe Acrobat and Reader are prone to an unspecified remote integer-overflow vulnerability. Failed attacks may cause a denial-of-service condition. \nNote: This issue was previously discussed in BID 62293 (Adobe Acrobat and Reader APSB13-22 Multiple Remote Code Execution Vulnerabilities), but has been moved to its own record for better documentation. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3357"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004082"
},
{
"db": "BID",
"id": "62433"
},
{
"db": "VULHUB",
"id": "VHN-63359"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-3357",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004082",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201309-152",
"trust": 0.7
},
{
"db": "BID",
"id": "62433",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-63359",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63359"
},
{
"db": "BID",
"id": "62433"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004082"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-152"
},
{
"db": "NVD",
"id": "CVE-2013-3357"
}
]
},
"id": "VAR-201309-0158",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-63359"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T14:14:21.277000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB13-22",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-22.html"
},
{
"title": "APSB13-22 (cq09051858)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/acrobat/kb/cq09051858.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20130912.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004082"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-189",
"trust": 1.1
},
{
"problemtype": "CWE-94",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63359"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004082"
},
{
"db": "NVD",
"id": "CVE-2013-3357"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-22.html"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a19064"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3357"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20130911-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2013/at130039.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3357"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=12255"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63359"
},
{
"db": "BID",
"id": "62433"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004082"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-152"
},
{
"db": "NVD",
"id": "CVE-2013-3357"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-63359"
},
{
"db": "BID",
"id": "62433"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004082"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-152"
},
{
"db": "NVD",
"id": "CVE-2013-3357"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-09-12T00:00:00",
"db": "VULHUB",
"id": "VHN-63359"
},
{
"date": "2013-09-10T00:00:00",
"db": "BID",
"id": "62433"
},
{
"date": "2013-09-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004082"
},
{
"date": "2013-09-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201309-152"
},
{
"date": "2013-09-12T13:28:24.533000",
"db": "NVD",
"id": "CVE-2013-3357"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-63359"
},
{
"date": "2013-09-10T00:00:00",
"db": "BID",
"id": "62433"
},
{
"date": "2013-09-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004082"
},
{
"date": "2013-09-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201309-152"
},
{
"date": "2017-09-19T01:36:40.797000",
"db": "NVD",
"id": "CVE-2013-3357"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201309-152"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Integer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004082"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "digital error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201309-152"
}
],
"trust": 0.6
}
}
var-201510-0349
Vulnerability from variot
The setBackground function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via invalid arguments, a different vulnerability than CVE-2015-6697, CVE-2015-6699, CVE-2015-6701, CVE-2015-6702, CVE-2015-6703, and CVE-2015-6704. This vulnerability CVE-2015-6697 , CVE-2015-6699 , CVE-2015-6701 , CVE-2015-6702 , CVE-2015-6703 ,and CVE-2015-6704 Is a different vulnerability.An attacker could retrieve important information from process memory via an invalid argument. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the setBackground function. The issue lies in excess values being returned in the error message when improper arguments are given. Adobe Acrobat and Reader are prone to multiple information-disclosure vulnerabilities. An attacker can exploit these issues to gain access to sensitive information that may aid in further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A security vulnerability exists in the 'setBackground' function of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0349",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-478"
},
{
"db": "BID",
"id": "77067"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005257"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-213"
},
{
"db": "NVD",
"id": "CVE-2015-6700"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005257"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri and Jasiel Spelman of HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-478"
},
{
"db": "BID",
"id": "77067"
}
],
"trust": 1.0
},
"cve": "CVE-2015-6700",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-6700",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 2.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-84661",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6700",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6700",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2015-6700",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-213",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-84661",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2015-6700",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-478"
},
{
"db": "VULHUB",
"id": "VHN-84661"
},
{
"db": "VULMON",
"id": "CVE-2015-6700"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005257"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-213"
},
{
"db": "NVD",
"id": "CVE-2015-6700"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The setBackground function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via invalid arguments, a different vulnerability than CVE-2015-6697, CVE-2015-6699, CVE-2015-6701, CVE-2015-6702, CVE-2015-6703, and CVE-2015-6704. This vulnerability CVE-2015-6697 , CVE-2015-6699 , CVE-2015-6701 , CVE-2015-6702 , CVE-2015-6703 ,and CVE-2015-6704 Is a different vulnerability.An attacker could retrieve important information from process memory via an invalid argument. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the setBackground function. The issue lies in excess values being returned in the error message when improper arguments are given. Adobe Acrobat and Reader are prone to multiple information-disclosure vulnerabilities. \nAn attacker can exploit these issues to gain access to sensitive information that may aid in further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A security vulnerability exists in the \u0027setBackground\u0027 function of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6700"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005257"
},
{
"db": "ZDI",
"id": "ZDI-15-478"
},
{
"db": "BID",
"id": "77067"
},
{
"db": "VULHUB",
"id": "VHN-84661"
},
{
"db": "VULMON",
"id": "CVE-2015-6700"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6700",
"trust": 3.6
},
{
"db": "ZDI",
"id": "ZDI-15-478",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005257",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3047",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-213",
"trust": 0.7
},
{
"db": "BID",
"id": "77067",
"trust": 0.4
},
{
"db": "ZDI",
"id": "ZDI-15-481",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-475",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-482",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-479",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-480",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-477",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84661",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-6700",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-478"
},
{
"db": "VULHUB",
"id": "VHN-84661"
},
{
"db": "VULMON",
"id": "CVE-2015-6700"
},
{
"db": "BID",
"id": "77067"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005257"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-213"
},
{
"db": "NVD",
"id": "CVE-2015-6700"
}
]
},
"id": "VAR-201510-0349",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84661"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:36.790000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58062"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-478"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005257"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-213"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-772",
"trust": 1.1
},
{
"problemtype": "CWE-200",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84661"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005257"
},
{
"db": "NVD",
"id": "CVE-2015-6700"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.8,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-478"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6700"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6700"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-475/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-477/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-479/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-482/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-480/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-481/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-478/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/772.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.securityfocus.com/bid/77067"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=41495"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-478"
},
{
"db": "VULHUB",
"id": "VHN-84661"
},
{
"db": "VULMON",
"id": "CVE-2015-6700"
},
{
"db": "BID",
"id": "77067"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005257"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-213"
},
{
"db": "NVD",
"id": "CVE-2015-6700"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-478"
},
{
"db": "VULHUB",
"id": "VHN-84661"
},
{
"db": "VULMON",
"id": "CVE-2015-6700"
},
{
"db": "BID",
"id": "77067"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005257"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-213"
},
{
"db": "NVD",
"id": "CVE-2015-6700"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-478"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84661"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULMON",
"id": "CVE-2015-6700"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77067"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005257"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-213"
},
{
"date": "2015-10-14T23:59:22.677000",
"db": "NVD",
"id": "CVE-2015-6700"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-478"
},
{
"date": "2020-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-84661"
},
{
"date": "2020-05-13T00:00:00",
"db": "VULMON",
"id": "CVE-2015-6700"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77067"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005257"
},
{
"date": "2020-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-213"
},
{
"date": "2021-09-08T17:19:31.850000",
"db": "NVD",
"id": "CVE-2015-6700"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-213"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of setBackground Vulnerability in function that can retrieve important information from process memory",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005257"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-213"
}
],
"trust": 0.6
}
}
var-200912-0743
Vulnerability from variot
Integer overflow in the U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a malformed PDF document. An attacker can exploit this issue by supplying a malicious PDF file or webpage. Failed attempts will likely result in denial-of-service conditions. NOTE: This issue was previously covered in BID 37667 (Adobe Acrobat and Reader January 2010 Multiple Remote Vulnerabilities), but has been given its own record to better document it. The Adobe Reader browser plug-in is available for several web browsers and operating systems and will automatically open PDF documents on websites. They are used to create, view, search, digitally sign, verify, print, and collaborate on Adobe PDF files.
II.
III. AFFECTED PRODUCTS
Adobe Reader version 9.2 and prior Adobe Acrobat version 9.2 and prior
IV. Exploits - PoCs & Binary Analysis
In-depth binary analysis of the vulnerability and a code execution exploit have been released by VUPEN Security through the VUPEN Exploits & PoCs Service :
http://www.vupen.com/exploits
V. SOLUTION
Upgrade to version 9.3 or 8.2.
VI. CREDIT
The vulnerability was discovered by Nicolas JOLY of VUPEN Security
VII. ABOUT VUPEN Security
VUPEN is a leading IT security research company providing vulnerability management services to allow enterprises and organizations to eliminate vulnerabilities before they can be exploited, ensure security policy compliance and meaningfully measure and manage risks.
VUPEN also provides research services for security vendors (antivirus, IDS, IPS,etc) to supplement their internal vulnerability research efforts and quickly develop vulnerability-based and exploit-based signatures, rules, and filters, and proactively protect their customers against potential threats.
- VUPEN Vulnerability Notification Service:
http://www.vupen.com/english/services
- VUPEN Exploits and In-Depth Vulnerability Analysis:
http://www.vupen.com/exploits
VIII. REFERENCES
http://www.vupen.com/english/advisories/2010/0103 http://www.adobe.com/support/security/bulletins/apsb10-02.html
IX. DISCLOSURE TIMELINE
2009-11-06 - Vendor notified 2009-11-06 - Vendor response 2009-12-10 - Status update received 2010-01-07 - Status update received 2009-01-13 - Coordinated public Disclosure
. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability intelligence source on the market.
Implement it through Secunia.
For more information visit: http://secunia.com/advisories/business_solutions/
Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com
TITLE: Adobe Reader/Acrobat Code Execution Vulnerability
SECUNIA ADVISORY ID: SA37690
VERIFY ADVISORY: http://secunia.com/advisories/37690/
DESCRIPTION: A vulnerability has been reported in Adobe Reader and Acrobat, which can be exploited by malicious people to compromise a user's system.
NOTE: This vulnerability is currently being actively exploited.
The vulnerability is reported in versions 9.2 and prior.
SOLUTION: Do not open untrusted PDF files.
Do not visit untrusted websites or follow untrusted links.
PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day.
ORIGINAL ADVISORY: http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200912-0743",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "7.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "3.02"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "3.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "3.01"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "3.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5a"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5c"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5a"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "4.0.5c"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "5.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.4.z (server)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "linux enterprise sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "networks callpilot 1002rp",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "networks callpilot 1005r",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "networks self-service peri application",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "networks callpilot 600r",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "linux enterprise sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "networks self-service speech server",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "networks callpilot 200i",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "networks self-service mps",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "5000"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "networks callpilot 703t",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "networks callpilot 201i",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "networks self-service mps",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "10000"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "networks self-service media processing server",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#508357"
},
{
"db": "BID",
"id": "37756"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001020"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-092"
},
{
"db": "NVD",
"id": "CVE-2009-3959"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001020"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nicolas Joly",
"sources": [
{
"db": "PACKETSTORM",
"id": "85207"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-092"
}
],
"trust": 0.7
},
"cve": "CVE-2009-3959",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2009-3959",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-41405",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2009-3959",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#508357",
"trust": 0.8,
"value": "65.84"
},
{
"author": "NVD",
"id": "CVE-2009-3959",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201001-092",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-41405",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2009-3959",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#508357"
},
{
"db": "VULHUB",
"id": "VHN-41405"
},
{
"db": "VULMON",
"id": "CVE-2009-3959"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001020"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-092"
},
{
"db": "NVD",
"id": "CVE-2009-3959"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Integer overflow in the U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a malformed PDF document. \nAn attacker can exploit this issue by supplying a malicious PDF file or webpage. Failed attempts will likely result in denial-of-service conditions. \nNOTE: This issue was previously covered in BID 37667 (Adobe Acrobat and Reader January 2010 Multiple Remote Vulnerabilities), but has been given its own record to better document it. The Adobe Reader browser plug-in is available for several web browsers and operating systems and will automatically open PDF documents on websites. \nThey are used to create, view, search, digitally sign, verify, print, and\ncollaborate on Adobe PDF files. \n\n\nII. \n\n\nIII. AFFECTED PRODUCTS\n--------------------------------\n\nAdobe Reader version 9.2 and prior\nAdobe Acrobat version 9.2 and prior\n\n\nIV. Exploits - PoCs \u0026 Binary Analysis\n----------------------------------------\n\nIn-depth binary analysis of the vulnerability and a code execution\nexploit have been released by VUPEN Security through the\nVUPEN Exploits \u0026 PoCs Service :\n\nhttp://www.vupen.com/exploits\n\n\nV. SOLUTION\n---------------- \n\nUpgrade to version 9.3 or 8.2. \n\n\nVI. CREDIT\n-------------- \n\nThe vulnerability was discovered by Nicolas JOLY of VUPEN Security\n\n\nVII. ABOUT VUPEN Security\n---------------------------------\n\nVUPEN is a leading IT security research company providing vulnerability\nmanagement services to allow enterprises and organizations to eliminate\nvulnerabilities before they can be exploited, ensure security policy\ncompliance and meaningfully measure and manage risks. \n\nVUPEN also provides research services for security vendors (antivirus,\nIDS, IPS,etc) to supplement their internal vulnerability research efforts\nand quickly develop vulnerability-based and exploit-based signatures,\nrules, and filters, and proactively protect their customers against\npotential threats. \n\n* VUPEN Vulnerability Notification Service:\n\nhttp://www.vupen.com/english/services\n\n* VUPEN Exploits and In-Depth Vulnerability Analysis:\n\nhttp://www.vupen.com/exploits\n\n\nVIII. REFERENCES\n----------------------\n\nhttp://www.vupen.com/english/advisories/2010/0103\nhttp://www.adobe.com/support/security/bulletins/apsb10-02.html\n\n\nIX. DISCLOSURE TIMELINE\n----------------------------------- \n\n2009-11-06 - Vendor notified\n2009-11-06 - Vendor response\n2009-12-10 - Status update received\n2010-01-07 - Status update received\n2009-01-13 - Coordinated public Disclosure\n\n\n. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management) \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nFor more information visit:\nhttp://secunia.com/advisories/business_solutions/\n\nAlternatively request a call from a Secunia representative today to\ndiscuss how we can help you with our capabilities contact us at:\nsales@secunia.com\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader/Acrobat Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA37690\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/37690/\n\nDESCRIPTION:\nA vulnerability has been reported in Adobe Reader and Acrobat, which\ncan be exploited by malicious people to compromise a user\u0027s system. \n\nNOTE: This vulnerability is currently being actively exploited. \n\nThe vulnerability is reported in versions 9.2 and prior. \n\nSOLUTION:\nDo not open untrusted PDF files. \n\nDo not visit untrusted websites or follow untrusted links. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported as a 0-day. \n\nORIGINAL ADVISORY:\nhttp://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-3959"
},
{
"db": "CERT/CC",
"id": "VU#508357"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001020"
},
{
"db": "BID",
"id": "37756"
},
{
"db": "VULHUB",
"id": "VHN-41405"
},
{
"db": "VULMON",
"id": "CVE-2009-3959"
},
{
"db": "PACKETSTORM",
"id": "85207"
},
{
"db": "PACKETSTORM",
"id": "83870"
}
],
"trust": 2.97
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-41405",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41405"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-3959",
"trust": 3.0
},
{
"db": "VUPEN",
"id": "ADV-2010-0103",
"trust": 2.7
},
{
"db": "SECTRACK",
"id": "1023446",
"trust": 2.6
},
{
"db": "USCERT",
"id": "TA10-013A",
"trust": 2.6
},
{
"db": "BID",
"id": "37756",
"trust": 2.3
},
{
"db": "SECUNIA",
"id": "38215",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "38138",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "37690",
"trust": 0.9
},
{
"db": "OSVDB",
"id": "60980",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#508357",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA10-013A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001020",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201001-092",
"trust": 0.7
},
{
"db": "CERT/CC",
"id": "TA10-013A",
"trust": 0.6
},
{
"db": "SUSE",
"id": "SUSE-SA:2010:008",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "14342",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "85207",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-41405",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2009-3959",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83870",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#508357"
},
{
"db": "VULHUB",
"id": "VHN-41405"
},
{
"db": "VULMON",
"id": "CVE-2009-3959"
},
{
"db": "BID",
"id": "37756"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001020"
},
{
"db": "PACKETSTORM",
"id": "85207"
},
{
"db": "PACKETSTORM",
"id": "83870"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-092"
},
{
"db": "NVD",
"id": "CVE-2009-3959"
}
]
},
"id": "VAR-200912-0743",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-41405"
}
],
"trust": 0.01
},
"last_update_date": "2024-09-19T19:31:23.989000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-02",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"title": "APSB10-02",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-02.html"
},
{
"title": "RHSA-2010:0037",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0037.html"
},
{
"title": "RHSA-2010:0038",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0038.html"
},
{
"title": "RHSA-2010:0060",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0060.html"
},
{
"title": "TA10-013A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-013a.html"
},
{
"title": "Red Hat: Critical: acroread security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20100037 - Security Advisory"
},
{
"title": "Red Hat: Critical: acroread security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20100038 - Security Advisory"
},
{
"title": "Red Hat: Critical: acroread security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20100060 - Security Advisory"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/0xCyberY/CVE-T4PDF "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2009-3959"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001020"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-189",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41405"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001020"
},
{
"db": "NVD",
"id": "CVE-2009-3959"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://www.vupen.com/english/advisories/2010/0103"
},
{
"trust": 2.6,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-013a.html"
},
{
"trust": 2.6,
"url": "http://www.securitytracker.com/id?1023446"
},
{
"trust": 2.2,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"trust": 2.1,
"url": "http://www.securityfocus.com/bid/37756"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html"
},
{
"trust": 1.7,
"url": "http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/508949"
},
{
"trust": 1.2,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=554293"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a8539"
},
{
"trust": 1.2,
"url": "http://www.redhat.com/support/errata/rhsa-2010-0060.html"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/38138"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/38215"
},
{
"trust": 1.2,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55557"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/37690/"
},
{
"trust": 0.8,
"url": "http://www.adobe.com/support/security/advisories/apsa09-07.html"
},
{
"trust": 0.8,
"url": "http://kb2.adobe.com/cps/532/cpsid_53237.html"
},
{
"trust": 0.8,
"url": "http://osvdb.org/show/osvdb/60980"
},
{
"trust": 0.8,
"url": "http://www.symantec.com/connect/blogs/zero-day-xmas-present"
},
{
"trust": 0.8,
"url": "http://voices.washingtonpost.com/securityfix/2009/12/hackers_target_unpatched_adobe.html"
},
{
"trust": 0.8,
"url": "http://vrt-sourcefire.blogspot.com/2009/12/this-is-what-happens-when-you-try-to-do.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3959"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20100113-adobe.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2010/at100003.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-013a/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-03/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-3959"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-013a.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/index.html#topics"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/14342"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026id=991610"
},
{
"trust": 0.3,
"url": "/archive/1/508949"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/189.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2010:0037"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/research.php"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3959"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/exploits"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/services"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#508357"
},
{
"db": "VULHUB",
"id": "VHN-41405"
},
{
"db": "VULMON",
"id": "CVE-2009-3959"
},
{
"db": "BID",
"id": "37756"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001020"
},
{
"db": "PACKETSTORM",
"id": "85207"
},
{
"db": "PACKETSTORM",
"id": "83870"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-092"
},
{
"db": "NVD",
"id": "CVE-2009-3959"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#508357"
},
{
"db": "VULHUB",
"id": "VHN-41405"
},
{
"db": "VULMON",
"id": "CVE-2009-3959"
},
{
"db": "BID",
"id": "37756"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001020"
},
{
"db": "PACKETSTORM",
"id": "85207"
},
{
"db": "PACKETSTORM",
"id": "83870"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-092"
},
{
"db": "NVD",
"id": "CVE-2009-3959"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-12-15T00:00:00",
"db": "CERT/CC",
"id": "VU#508357"
},
{
"date": "2010-01-13T00:00:00",
"db": "VULHUB",
"id": "VHN-41405"
},
{
"date": "2010-01-13T00:00:00",
"db": "VULMON",
"id": "CVE-2009-3959"
},
{
"date": "2010-01-12T00:00:00",
"db": "BID",
"id": "37756"
},
{
"date": "2010-02-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001020"
},
{
"date": "2010-01-16T01:01:58",
"db": "PACKETSTORM",
"id": "85207"
},
{
"date": "2009-12-15T13:39:57",
"db": "PACKETSTORM",
"id": "83870"
},
{
"date": "2010-01-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201001-092"
},
{
"date": "2010-01-13T19:30:00.593000",
"db": "NVD",
"id": "CVE-2009-3959"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-06-18T00:00:00",
"db": "CERT/CC",
"id": "VU#508357"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-41405"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2009-3959"
},
{
"date": "2010-02-01T21:31:00",
"db": "BID",
"id": "37756"
},
{
"date": "2010-02-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001020"
},
{
"date": "2011-07-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201001-092"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2009-3959"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201001-092"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Acrobat and Reader contain a use-after-free vulnerability in the JavaScript Doc.media.newPlayer method",
"sources": [
{
"db": "CERT/CC",
"id": "VU#508357"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "digital error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201001-092"
}
],
"trust": 0.6
}
}
var-201102-0032
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X do not properly validate unspecified input data, which allows attackers to execute arbitrary code via unknown vectors. Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Adobe Reader and Acrobat versions prior to 9.4.2 and 10.0.1 are affected.
For more information: SA43207
SOLUTION: Updated packages are available via Red Hat Network. ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA43207
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43207/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
RELEASE DATE: 2011-02-09
DISCUSS ADVISORY: http://secunia.com/advisories/43207/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43207/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader / Acrobat, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks and compromise a user's system.
2) An unspecified error can be exploited to corrupt memory.
3) An unspecified error related to file permissions in Windows-based versions can be exploited to gain escalated privileges.
4) An unspecified error may allow code execution.
5) An unspecified error when parsing images can be exploited to corrupt memory.
6) An error in AcroRd32.dll when parsing certain images can be exploited to corrupt memory.
7) An unspecified error in the Macintosh-based versions may allow code execution.
9) An unspecified error may allow code execution.
10) A input validation error may allow code execution.
11) An input validation error can be exploited to conduct cross-site scripting attacks.
13) An unspecified error can be exploited to corrupt memory.
14) A boundary error when decoding U3D image data in an IFF file can be exploited to cause a buffer overflow.
15) A boundary error when decoding U3D image data in a RGBA file can be exploited to cause a buffer overflow.
16) A boundary error when decoding U3D image data in a BMP file can be exploited to cause a buffer overflow.
17) A boundary error when decoding U3D image data in a PSD file can be exploited to cause a buffer overflow.
18) An input validation error when parsing fonts may allow code execution.
19) A boundary error when decoding U3D image data in a FLI file can be exploited to cause a buffer overflow.
20) An error in 2d.dll when parsing height and width values of RLE_8 compressed BMP files can be exploited to cause a heap-based buffer overflow.
21) An integer overflow in ACE.dll when parsing certain ICC data can be exploited to cause a buffer overflow.
22) A boundary error in rt3d.dll when parsing bits per pixel and number of colors if 4/8-bit RLE compressed BMP files can be exploited to cause a heap-based buffer overflow.
23) An error in the U3D implementation when handling the Parent Node count can be exploited to cause a buffer overflow.
24) A boundary error when processing JPEG files embedded in a PDF file can be exploited to corrupt heap memory.
25) An unspecified error when parsing images may allow code execution.
26) An input validation error can be exploited to conduct cross-site scripting attacks.
27) An unspecified error in the Macintosh-based versions may allow code execution.
28) A boundary error in rt3d.dll when parsing certain files can be exploited to cause a stack-based buffer overflow.
29) An integer overflow in the U3D implementation when parsing a ILBM texture file can be exploited to cause a buffer overflow.
30) Some vulnerabilities are caused due to vulnerabilities in the bundled version of Adobe Flash Player.
For more information: SA43267
The vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1 and prior, and 10.0 and prior.
SOLUTION: Update to version 8.2.6, 9.4.2, or 10.0.1.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: 2) Bing Liu, Fortinet's FortiGuard Labs. 6) Abdullah Ada via ZDI. 8) Haifei Li, Fortinet's FortiGuard Labs. 14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. 21) Sebastian Apelt via ZDI. 23) el via ZDI. 14) Sean Larsson, iDefense Labs. 28) An anonymous person via ZDI.
The vendor also credits: 1) Mitja Kolsek, ACROS Security. 3) Matthew Pun. 4, 5, 18) Tavis Ormandy, Google Security Team. 7) James Quirk. 9) Brett Gervasoni, Sense of Security. 10) Joe Schatz. 11, 26) Billy Rios, Google Security Team. 12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. 13) CESG. 25) Will Dormann, CERT. 27) Marc Schoenefeld, Red Hat Security Response Team.
ORIGINAL ADVISORY: Adobe (APSB11-03) http://www.adobe.com/support/security/bulletins/apsb11-03.html http://www.adobe.com/support/security/bulletins/apsb11-02.html
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-065/ http://www.zerodayinitiative.com/advisories/ZDI-11-066/ http://www.zerodayinitiative.com/advisories/ZDI-11-067/ http://www.zerodayinitiative.com/advisories/ZDI-11-068/ http://www.zerodayinitiative.com/advisories/ZDI-11-069/ http://www.zerodayinitiative.com/advisories/ZDI-11-070/ http://www.zerodayinitiative.com/advisories/ZDI-11-071/ http://www.zerodayinitiative.com/advisories/ZDI-11-072/ http://www.zerodayinitiative.com/advisories/ZDI-11-073/ http://www.zerodayinitiative.com/advisories/ZDI-11-074/ http://www.zerodayinitiative.com/advisories/ZDI-11-075/ http://www.zerodayinitiative.com/advisories/ZDI-11-077/
FortiGuard Labs: http://www.fortiguard.com/advisory/FGA-2011-06.html
iDefense: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201201-19
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: January 30, 2012 Bugs: #354211, #382969, #393481 ID: 201201-19
Synopsis
Multiple vulnerabilities in Adobe Reader might allow remote attackers to execute arbitrary code or conduct various other attacks.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.4.7 >= 9.4.7=20
Description
Multiple vulnerabilities have been discovered in Adobe Reader. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open a specially crafted PDF file using Adobe Reader, possibly resulting in the remote execution of arbitrary code, a Denial of Service, or other impact.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.7"
References
[ 1 ] CVE-2010-4091 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091 [ 2 ] CVE-2011-0562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562 [ 3 ] CVE-2011-0563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563 [ 4 ] CVE-2011-0565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565 [ 5 ] CVE-2011-0566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566 [ 6 ] CVE-2011-0567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567 [ 7 ] CVE-2011-0570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570 [ 8 ] CVE-2011-0585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585 [ 9 ] CVE-2011-0586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586 [ 10 ] CVE-2011-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587 [ 11 ] CVE-2011-0588 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588 [ 12 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 13 ] CVE-2011-0590 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590 [ 14 ] CVE-2011-0591 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591 [ 15 ] CVE-2011-0592 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592 [ 16 ] CVE-2011-0593 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593 [ 17 ] CVE-2011-0594 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594 [ 18 ] CVE-2011-0595 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595 [ 19 ] CVE-2011-0596 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596 [ 20 ] CVE-2011-0598 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598 [ 21 ] CVE-2011-0599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599 [ 22 ] CVE-2011-0600 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600 [ 23 ] CVE-2011-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602 [ 24 ] CVE-2011-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603 [ 25 ] CVE-2011-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604 [ 26 ] CVE-2011-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605 [ 27 ] CVE-2011-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606 [ 28 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 29 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 30 ] CVE-2011-2135 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 31 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 32 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 33 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 34 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 35 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 36 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 37 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 38 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 39 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 40 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 41 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 42 ] CVE-2011-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431 [ 43 ] CVE-2011-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432 [ 44 ] CVE-2011-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433 [ 45 ] CVE-2011-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434 [ 46 ] CVE-2011-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435 [ 47 ] CVE-2011-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436 [ 48 ] CVE-2011-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437 [ 49 ] CVE-2011-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438 [ 50 ] CVE-2011-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439 [ 51 ] CVE-2011-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440 [ 52 ] CVE-2011-2441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441 [ 53 ] CVE-2011-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442 [ 54 ] CVE-2011-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462 [ 55 ] CVE-2011-4369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201201-19.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0032",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat professional extended",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
}
],
"sources": [
{
"db": "BID",
"id": "46214"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001198"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-149"
},
{
"db": "NVD",
"id": "CVE-2011-0586"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_server_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_workstation_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001198"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Joe Schatz of United States Senate, Office of the Sergeant at Arms, IT Security",
"sources": [
{
"db": "BID",
"id": "46214"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-149"
}
],
"trust": 0.9
},
"cve": "CVE-2011-0586",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2011-0586",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-48531",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-0586",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-0586",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-149",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-48531",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48531"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001198"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-149"
},
{
"db": "NVD",
"id": "CVE-2011-0586"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X do not properly validate unspecified input data, which allows attackers to execute arbitrary code via unknown vectors. Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. \nAdobe Reader and Acrobat versions prior to 9.4.2 and 10.0.1 are affected. \n\nFor more information:\nSA43207\n\nSOLUTION:\nUpdated packages are available via Red Hat Network. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA43207\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43207/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nRELEASE DATE:\n2011-02-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43207/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43207/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader /\nAcrobat, which can be exploited by malicious, local users to gain\nescalated privileges and by malicious people to conduct cross-site\nscripting attacks and compromise a user\u0027s system. \n\n2) An unspecified error can be exploited to corrupt memory. \n\n3) An unspecified error related to file permissions in Windows-based\nversions can be exploited to gain escalated privileges. \n\n4) An unspecified error may allow code execution. \n\n5) An unspecified error when parsing images can be exploited to\ncorrupt memory. \n\n6) An error in AcroRd32.dll when parsing certain images can be\nexploited to corrupt memory. \n\n7) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n9) An unspecified error may allow code execution. \n\n10) A input validation error may allow code execution. \n\n11) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n13) An unspecified error can be exploited to corrupt memory. \n\n14) A boundary error when decoding U3D image data in an IFF file can\nbe exploited to cause a buffer overflow. \n\n15) A boundary error when decoding U3D image data in a RGBA file can\nbe exploited to cause a buffer overflow. \n\n16) A boundary error when decoding U3D image data in a BMP file can\nbe exploited to cause a buffer overflow. \n\n17) A boundary error when decoding U3D image data in a PSD file can\nbe exploited to cause a buffer overflow. \n\n18) An input validation error when parsing fonts may allow code\nexecution. \n\n19) A boundary error when decoding U3D image data in a FLI file can\nbe exploited to cause a buffer overflow. \n\n20) An error in 2d.dll when parsing height and width values of RLE_8\ncompressed BMP files can be exploited to cause a heap-based buffer\noverflow. \n\n21) An integer overflow in ACE.dll when parsing certain ICC data can\nbe exploited to cause a buffer overflow. \n\n22) A boundary error in rt3d.dll when parsing bits per pixel and\nnumber of colors if 4/8-bit RLE compressed BMP files can be exploited\nto cause a heap-based buffer overflow. \n\n23) An error in the U3D implementation when handling the Parent Node\ncount can be exploited to cause a buffer overflow. \n\n24) A boundary error when processing JPEG files embedded in a PDF\nfile can be exploited to corrupt heap memory. \n\n25) An unspecified error when parsing images may allow code\nexecution. \n\n26) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n27) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n28) A boundary error in rt3d.dll when parsing certain files can be\nexploited to cause a stack-based buffer overflow. \n\n29) An integer overflow in the U3D implementation when parsing a ILBM\ntexture file can be exploited to cause a buffer overflow. \n\n30) Some vulnerabilities are caused due to vulnerabilities in the\nbundled version of Adobe Flash Player. \n\nFor more information:\nSA43267\n\nThe vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1\nand prior, and 10.0 and prior. \n\nSOLUTION:\nUpdate to version 8.2.6, 9.4.2, or 10.0.1. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\n2) Bing Liu, Fortinet\u0027s FortiGuard Labs. \n6) Abdullah Ada via ZDI. \n8) Haifei Li, Fortinet\u0027s FortiGuard Labs. \n14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. \n21) Sebastian Apelt via ZDI. \n23) el via ZDI. \n14) Sean Larsson, iDefense Labs. \n28) An anonymous person via ZDI. \n\nThe vendor also credits:\n1) Mitja Kolsek, ACROS Security. \n3) Matthew Pun. \n4, 5, 18) Tavis Ormandy, Google Security Team. \n7) James Quirk. \n9) Brett Gervasoni, Sense of Security. \n10) Joe Schatz. \n11, 26) Billy Rios, Google Security Team. \n12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. \n13) CESG. \n25) Will Dormann, CERT. \n27) Marc Schoenefeld, Red Hat Security Response Team. \n\nORIGINAL ADVISORY:\nAdobe (APSB11-03)\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-02.html\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-065/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-066/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-067/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-068/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-069/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-070/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-071/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-072/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-073/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-074/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-075/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-077/\n\nFortiGuard Labs:\nhttp://www.fortiguard.com/advisory/FGA-2011-06.html\n\niDefense:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201201-19\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: January 30, 2012\n Bugs: #354211, #382969, #393481\n ID: 201201-19\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might allow remote attackers\nto execute arbitrary code or conduct various other attacks. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/acroread \u003c 9.4.7 \u003e= 9.4.7=20\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Adobe Reader. Please\nreview the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could entice a user to open a specially crafted PDF\nfile using Adobe Reader, possibly resulting in the remote execution of\narbitrary code, a Denial of Service, or other impact. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.4.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-4091\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091\n[ 2 ] CVE-2011-0562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562\n[ 3 ] CVE-2011-0563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563\n[ 4 ] CVE-2011-0565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565\n[ 5 ] CVE-2011-0566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566\n[ 6 ] CVE-2011-0567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567\n[ 7 ] CVE-2011-0570\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570\n[ 8 ] CVE-2011-0585\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585\n[ 9 ] CVE-2011-0586\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586\n[ 10 ] CVE-2011-0587\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587\n[ 11 ] CVE-2011-0588\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588\n[ 12 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 13 ] CVE-2011-0590\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590\n[ 14 ] CVE-2011-0591\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591\n[ 15 ] CVE-2011-0592\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592\n[ 16 ] CVE-2011-0593\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593\n[ 17 ] CVE-2011-0594\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594\n[ 18 ] CVE-2011-0595\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595\n[ 19 ] CVE-2011-0596\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596\n[ 20 ] CVE-2011-0598\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598\n[ 21 ] CVE-2011-0599\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599\n[ 22 ] CVE-2011-0600\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600\n[ 23 ] CVE-2011-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602\n[ 24 ] CVE-2011-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603\n[ 25 ] CVE-2011-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604\n[ 26 ] CVE-2011-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605\n[ 27 ] CVE-2011-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606\n[ 28 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 29 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 30 ] CVE-2011-2135\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 31 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 32 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 33 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 34 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 35 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 36 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 37 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 38 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 39 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 40 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 41 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 42 ] CVE-2011-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431\n[ 43 ] CVE-2011-2432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432\n[ 44 ] CVE-2011-2433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433\n[ 45 ] CVE-2011-2434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434\n[ 46 ] CVE-2011-2435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435\n[ 47 ] CVE-2011-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436\n[ 48 ] CVE-2011-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437\n[ 49 ] CVE-2011-2438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438\n[ 50 ] CVE-2011-2439\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439\n[ 51 ] CVE-2011-2440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440\n[ 52 ] CVE-2011-2441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441\n[ 53 ] CVE-2011-2442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442\n[ 54 ] CVE-2011-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462\n[ 55 ] CVE-2011-4369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201201-19.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0586"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001198"
},
{
"db": "BID",
"id": "46214"
},
{
"db": "VULHUB",
"id": "VHN-48531"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-0586",
"trust": 2.9
},
{
"db": "BID",
"id": "46214",
"trust": 2.2
},
{
"db": "VUPEN",
"id": "ADV-2011-0337",
"trust": 1.9
},
{
"db": "SECTRACK",
"id": "1025033",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "43470",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2011-0492",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "43207",
"trust": 1.0
},
{
"db": "XF",
"id": "65291",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001198",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201102-149",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-48531",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99246",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-074",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-071",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-070",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-066",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-067",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-077",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-073",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-072",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-065",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-068",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-075",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-069",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98320",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109194",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48531"
},
{
"db": "BID",
"id": "46214"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001198"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-149"
},
{
"db": "NVD",
"id": "CVE-2011-0586"
}
]
},
"id": "VAR-201102-0032",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48531"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:37:32.512000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-03",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"title": "cpsid_89065",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/890/cpsid_89065.html"
},
{
"title": "RHSA-2011:0301",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2011-0301.html"
},
{
"title": "Adobe Reader 10.0.1 update - Tier 1 languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38487"
},
{
"title": "Adobe Acrobat 9.4.2 Pro Extended update - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38491"
},
{
"title": "Adobe Reader MUI 10.0.1 update - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38486"
},
{
"title": "Adobe Reader MUI 9.4.2 update - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38490"
},
{
"title": "Adobe Acrobat 9.4.2 Pro update - multiple languages",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38494"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001198"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-149"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48531"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001198"
},
{
"db": "NVD",
"id": "CVE-2011-0586"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/46214"
},
{
"trust": 1.9,
"url": "http://www.securitytracker.com/id?1025033"
},
{
"trust": 1.9,
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12535"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2011-0301.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/43470"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2011/0492"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65291"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0586"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/65291"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2011/at110004.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0586"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/43207"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/vim/section_179/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/#comments"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-0301.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43470"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-066/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-068/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/#comments"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-065/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-072/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-073/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-069/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-075/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-070/"
},
{
"trust": 0.1,
"url": "http://www.fortiguard.com/advisory/fga-2011-06.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-077/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-067/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-071/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-074/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48531"
},
{
"db": "BID",
"id": "46214"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001198"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-149"
},
{
"db": "NVD",
"id": "CVE-2011-0586"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-48531"
},
{
"db": "BID",
"id": "46214"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001198"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-149"
},
{
"db": "NVD",
"id": "CVE-2011-0586"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-48531"
},
{
"date": "2011-02-08T00:00:00",
"db": "BID",
"id": "46214"
},
{
"date": "2011-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001198"
},
{
"date": "2011-03-14T11:37:12",
"db": "PACKETSTORM",
"id": "99246"
},
{
"date": "2011-02-09T03:30:01",
"db": "PACKETSTORM",
"id": "98320"
},
{
"date": "2012-01-31T00:07:37",
"db": "PACKETSTORM",
"id": "109194"
},
{
"date": "2011-02-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-149"
},
{
"date": "2011-02-10T18:00:58.237000",
"db": "NVD",
"id": "CVE-2011-0586"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-48531"
},
{
"date": "2015-03-19T09:26:00",
"db": "BID",
"id": "46214"
},
{
"date": "2011-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001198"
},
{
"date": "2011-02-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-149"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2011-0586"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-149"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001198"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-149"
}
],
"trust": 0.6
}
}
var-201510-0353
Vulnerability from variot
The animations property implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via a function call, a different vulnerability than CVE-2015-6697, CVE-2015-6699, CVE-2015-6700, CVE-2015-6701, CVE-2015-6702, and CVE-2015-6703. This vulnerability CVE-2015-6697 , CVE-2015-6699 , CVE-2015-6700 , CVE-2015-6701 , CVE-2015-6702 ,and CVE-2015-6703 Is a different vulnerability.An attacker could obtain important information from process memory via a function call. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the animations property. The issue lies in excess values being returned in the error message when the property is called as a function. Adobe Acrobat and Reader are prone to multiple information-disclosure vulnerabilities. An attacker can exploit these issues to gain access to sensitive information that may aid in further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A security vulnerability exists in the implementation of the animations property of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0353",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-482"
},
{
"db": "BID",
"id": "77067"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005261"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-217"
},
{
"db": "NVD",
"id": "CVE-2015-6704"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005261"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri and Jasiel Spelman of HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-482"
},
{
"db": "BID",
"id": "77067"
}
],
"trust": 1.0
},
"cve": "CVE-2015-6704",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6704",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-6704",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84665",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6704",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6704",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2015-6704",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-217",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-84665",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-482"
},
{
"db": "VULHUB",
"id": "VHN-84665"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005261"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-217"
},
{
"db": "NVD",
"id": "CVE-2015-6704"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The animations property implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via a function call, a different vulnerability than CVE-2015-6697, CVE-2015-6699, CVE-2015-6700, CVE-2015-6701, CVE-2015-6702, and CVE-2015-6703. This vulnerability CVE-2015-6697 , CVE-2015-6699 , CVE-2015-6700 , CVE-2015-6701 , CVE-2015-6702 ,and CVE-2015-6703 Is a different vulnerability.An attacker could obtain important information from process memory via a function call. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the animations property. The issue lies in excess values being returned in the error message when the property is called as a function. Adobe Acrobat and Reader are prone to multiple information-disclosure vulnerabilities. \nAn attacker can exploit these issues to gain access to sensitive information that may aid in further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A security vulnerability exists in the implementation of the animations property of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6704"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005261"
},
{
"db": "ZDI",
"id": "ZDI-15-482"
},
{
"db": "BID",
"id": "77067"
},
{
"db": "VULHUB",
"id": "VHN-84665"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6704",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-482",
"trust": 2.7
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005261",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3051",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-217",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-15-481",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-475",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-479",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-480",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-478",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-477",
"trust": 0.3
},
{
"db": "BID",
"id": "77067",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84665",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-482"
},
{
"db": "VULHUB",
"id": "VHN-84665"
},
{
"db": "BID",
"id": "77067"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005261"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-217"
},
{
"db": "NVD",
"id": "CVE-2015-6704"
}
]
},
"id": "VAR-201510-0353",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84665"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:32.654000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58066"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-482"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005261"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-217"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-772",
"trust": 1.1
},
{
"problemtype": "CWE-200",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84665"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005261"
},
{
"db": "NVD",
"id": "CVE-2015-6704"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-482"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6704"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6704"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-475/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-477/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-479/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-482/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-480/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-481/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-478/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-482"
},
{
"db": "VULHUB",
"id": "VHN-84665"
},
{
"db": "BID",
"id": "77067"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005261"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-217"
},
{
"db": "NVD",
"id": "CVE-2015-6704"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-482"
},
{
"db": "VULHUB",
"id": "VHN-84665"
},
{
"db": "BID",
"id": "77067"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005261"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-217"
},
{
"db": "NVD",
"id": "CVE-2015-6704"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-482"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84665"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77067"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005261"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-217"
},
{
"date": "2015-10-14T23:59:26.520000",
"db": "NVD",
"id": "CVE-2015-6704"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-482"
},
{
"date": "2020-05-18T00:00:00",
"db": "VULHUB",
"id": "VHN-84665"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77067"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005261"
},
{
"date": "2020-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-217"
},
{
"date": "2021-09-08T17:19:31.940000",
"db": "NVD",
"id": "CVE-2015-6704"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-217"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerability in implementing important information from process memory in the implementation of animation properties",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005261"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-217"
}
],
"trust": 0.6
}
}
var-201102-0033
Vulnerability from variot
Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-0604. Adobe Reader and Acrobat A cross-site scripting vulnerability exists. This vulnerability CVE-2011-0604 Is a different vulnerability.By any third party Web Script or HTML May be inserted. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Remote attackers can inject arbitrary web scripts or HTML with unknown vectors.
For more information: SA43207
SOLUTION: Updated packages are available via Red Hat Network. ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/
TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA43207
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43207/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
RELEASE DATE: 2011-02-09
DISCUSS ADVISORY: http://secunia.com/advisories/43207/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43207/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43207
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader / Acrobat, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks and compromise a user's system.
1) An unspecified error related to library loading can be exploited to execute arbitrary code.
2) An unspecified error can be exploited to corrupt memory.
3) An unspecified error related to file permissions in Windows-based versions can be exploited to gain escalated privileges.
4) An unspecified error may allow code execution.
5) An unspecified error when parsing images can be exploited to corrupt memory.
6) An error in AcroRd32.dll when parsing certain images can be exploited to corrupt memory.
7) An unspecified error in the Macintosh-based versions may allow code execution.
8) An unspecified error related to library loading can be exploited to execute arbitrary code.
9) An unspecified error may allow code execution.
10) A input validation error may allow code execution.
11) An input validation error can be exploited to conduct cross-site scripting attacks.
12) An unspecified error related to library loading can be exploited to execute arbitrary code.
13) An unspecified error can be exploited to corrupt memory.
14) A boundary error when decoding U3D image data in an IFF file can be exploited to cause a buffer overflow.
15) A boundary error when decoding U3D image data in a RGBA file can be exploited to cause a buffer overflow.
16) A boundary error when decoding U3D image data in a BMP file can be exploited to cause a buffer overflow.
17) A boundary error when decoding U3D image data in a PSD file can be exploited to cause a buffer overflow.
18) An input validation error when parsing fonts may allow code execution.
19) A boundary error when decoding U3D image data in a FLI file can be exploited to cause a buffer overflow.
20) An error in 2d.dll when parsing height and width values of RLE_8 compressed BMP files can be exploited to cause a heap-based buffer overflow.
21) An integer overflow in ACE.dll when parsing certain ICC data can be exploited to cause a buffer overflow.
22) A boundary error in rt3d.dll when parsing bits per pixel and number of colors if 4/8-bit RLE compressed BMP files can be exploited to cause a heap-based buffer overflow.
23) An error in the U3D implementation when handling the Parent Node count can be exploited to cause a buffer overflow.
24) A boundary error when processing JPEG files embedded in a PDF file can be exploited to corrupt heap memory.
25) An unspecified error when parsing images may allow code execution.
26) An input validation error can be exploited to conduct cross-site scripting attacks.
27) An unspecified error in the Macintosh-based versions may allow code execution.
28) A boundary error in rt3d.dll when parsing certain files can be exploited to cause a stack-based buffer overflow.
29) An integer overflow in the U3D implementation when parsing a ILBM texture file can be exploited to cause a buffer overflow.
30) Some vulnerabilities are caused due to vulnerabilities in the bundled version of Adobe Flash Player.
For more information: SA43267
The vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1 and prior, and 10.0 and prior.
SOLUTION: Update to version 8.2.6, 9.4.2, or 10.0.1.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: 2) Bing Liu, Fortinet's FortiGuard Labs. 6) Abdullah Ada via ZDI. 8) Haifei Li, Fortinet's FortiGuard Labs. 14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. 21) Sebastian Apelt via ZDI. 23) el via ZDI. 14) Sean Larsson, iDefense Labs. 28) An anonymous person via ZDI.
The vendor also credits: 1) Mitja Kolsek, ACROS Security. 3) Matthew Pun. 4, 5, 18) Tavis Ormandy, Google Security Team. 7) James Quirk. 9) Brett Gervasoni, Sense of Security. 10) Joe Schatz. 11, 26) Billy Rios, Google Security Team. 12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. 13) CESG. 25) Will Dormann, CERT. 27) Marc Schoenefeld, Red Hat Security Response Team.
ORIGINAL ADVISORY: Adobe (APSB11-03) http://www.adobe.com/support/security/bulletins/apsb11-03.html http://www.adobe.com/support/security/bulletins/apsb11-02.html
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-065/ http://www.zerodayinitiative.com/advisories/ZDI-11-066/ http://www.zerodayinitiative.com/advisories/ZDI-11-067/ http://www.zerodayinitiative.com/advisories/ZDI-11-068/ http://www.zerodayinitiative.com/advisories/ZDI-11-069/ http://www.zerodayinitiative.com/advisories/ZDI-11-070/ http://www.zerodayinitiative.com/advisories/ZDI-11-071/ http://www.zerodayinitiative.com/advisories/ZDI-11-072/ http://www.zerodayinitiative.com/advisories/ZDI-11-073/ http://www.zerodayinitiative.com/advisories/ZDI-11-074/ http://www.zerodayinitiative.com/advisories/ZDI-11-075/ http://www.zerodayinitiative.com/advisories/ZDI-11-077/
FortiGuard Labs: http://www.fortiguard.com/advisory/FGA-2011-06.html
iDefense: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201201-19
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: January 30, 2012 Bugs: #354211, #382969, #393481 ID: 201201-19
Synopsis
Multiple vulnerabilities in Adobe Reader might allow remote attackers to execute arbitrary code or conduct various other attacks.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.4.7 >= 9.4.7=20
Description
Multiple vulnerabilities have been discovered in Adobe Reader. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open a specially crafted PDF file using Adobe Reader, possibly resulting in the remote execution of arbitrary code, a Denial of Service, or other impact.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.7"
References
[ 1 ] CVE-2010-4091 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091 [ 2 ] CVE-2011-0562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562 [ 3 ] CVE-2011-0563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563 [ 4 ] CVE-2011-0565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565 [ 5 ] CVE-2011-0566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566 [ 6 ] CVE-2011-0567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567 [ 7 ] CVE-2011-0570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570 [ 8 ] CVE-2011-0585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585 [ 9 ] CVE-2011-0586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586 [ 10 ] CVE-2011-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587 [ 11 ] CVE-2011-0588 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588 [ 12 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 13 ] CVE-2011-0590 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590 [ 14 ] CVE-2011-0591 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591 [ 15 ] CVE-2011-0592 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592 [ 16 ] CVE-2011-0593 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593 [ 17 ] CVE-2011-0594 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594 [ 18 ] CVE-2011-0595 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595 [ 19 ] CVE-2011-0596 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596 [ 20 ] CVE-2011-0598 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598 [ 21 ] CVE-2011-0599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599 [ 22 ] CVE-2011-0600 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600 [ 23 ] CVE-2011-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602 [ 24 ] CVE-2011-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603 [ 25 ] CVE-2011-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604 [ 26 ] CVE-2011-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605 [ 27 ] CVE-2011-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606 [ 28 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 29 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 30 ] CVE-2011-2135 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 31 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 32 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 33 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 34 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 35 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 36 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 37 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 38 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 39 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 40 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 41 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 42 ] CVE-2011-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431 [ 43 ] CVE-2011-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432 [ 44 ] CVE-2011-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433 [ 45 ] CVE-2011-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434 [ 46 ] CVE-2011-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435 [ 47 ] CVE-2011-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436 [ 48 ] CVE-2011-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437 [ 49 ] CVE-2011-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438 [ 50 ] CVE-2011-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439 [ 51 ] CVE-2011-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440 [ 52 ] CVE-2011-2441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441 [ 53 ] CVE-2011-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442 [ 54 ] CVE-2011-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462 [ 55 ] CVE-2011-4369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201201-19.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0033",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0)"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.3"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat professional extended",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
}
],
"sources": [
{
"db": "BID",
"id": "46251"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001199"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-148"
},
{
"db": "NVD",
"id": "CVE-2011-0587"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_server_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_workstation_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001199"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Billy Rios from the Google Security Team",
"sources": [
{
"db": "BID",
"id": "46251"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-148"
}
],
"trust": 0.9
},
"cve": "CVE-2011-0587",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2011-0587",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-48532",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-0587",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2011-0587",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-148",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-48532",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48532"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001199"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-148"
},
{
"db": "NVD",
"id": "CVE-2011-0587"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-0604. Adobe Reader and Acrobat A cross-site scripting vulnerability exists. This vulnerability CVE-2011-0604 Is a different vulnerability.By any third party Web Script or HTML May be inserted. \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Remote attackers can inject arbitrary web scripts or HTML with unknown vectors. \n\nFor more information:\nSA43207\n\nSOLUTION:\nUpdated packages are available via Red Hat Network. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader / Acrobat Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA43207\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43207/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nRELEASE DATE:\n2011-02-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43207/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43207/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Reader /\nAcrobat, which can be exploited by malicious, local users to gain\nescalated privileges and by malicious people to conduct cross-site\nscripting attacks and compromise a user\u0027s system. \n\n1) An unspecified error related to library loading can be exploited\nto execute arbitrary code. \n\n2) An unspecified error can be exploited to corrupt memory. \n\n3) An unspecified error related to file permissions in Windows-based\nversions can be exploited to gain escalated privileges. \n\n4) An unspecified error may allow code execution. \n\n5) An unspecified error when parsing images can be exploited to\ncorrupt memory. \n\n6) An error in AcroRd32.dll when parsing certain images can be\nexploited to corrupt memory. \n\n7) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n8) An unspecified error related to library loading can be exploited\nto execute arbitrary code. \n\n9) An unspecified error may allow code execution. \n\n10) A input validation error may allow code execution. \n\n11) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n12) An unspecified error related to library loading can be exploited\nto execute arbitrary code. \n\n13) An unspecified error can be exploited to corrupt memory. \n\n14) A boundary error when decoding U3D image data in an IFF file can\nbe exploited to cause a buffer overflow. \n\n15) A boundary error when decoding U3D image data in a RGBA file can\nbe exploited to cause a buffer overflow. \n\n16) A boundary error when decoding U3D image data in a BMP file can\nbe exploited to cause a buffer overflow. \n\n17) A boundary error when decoding U3D image data in a PSD file can\nbe exploited to cause a buffer overflow. \n\n18) An input validation error when parsing fonts may allow code\nexecution. \n\n19) A boundary error when decoding U3D image data in a FLI file can\nbe exploited to cause a buffer overflow. \n\n20) An error in 2d.dll when parsing height and width values of RLE_8\ncompressed BMP files can be exploited to cause a heap-based buffer\noverflow. \n\n21) An integer overflow in ACE.dll when parsing certain ICC data can\nbe exploited to cause a buffer overflow. \n\n22) A boundary error in rt3d.dll when parsing bits per pixel and\nnumber of colors if 4/8-bit RLE compressed BMP files can be exploited\nto cause a heap-based buffer overflow. \n\n23) An error in the U3D implementation when handling the Parent Node\ncount can be exploited to cause a buffer overflow. \n\n24) A boundary error when processing JPEG files embedded in a PDF\nfile can be exploited to corrupt heap memory. \n\n25) An unspecified error when parsing images may allow code\nexecution. \n\n26) An input validation error can be exploited to conduct cross-site\nscripting attacks. \n\n27) An unspecified error in the Macintosh-based versions may allow\ncode execution. \n\n28) A boundary error in rt3d.dll when parsing certain files can be\nexploited to cause a stack-based buffer overflow. \n\n29) An integer overflow in the U3D implementation when parsing a ILBM\ntexture file can be exploited to cause a buffer overflow. \n\n30) Some vulnerabilities are caused due to vulnerabilities in the\nbundled version of Adobe Flash Player. \n\nFor more information:\nSA43267\n\nThe vulnerabilities are reported in versions 8.2.5 and prior, 9.4.1\nand prior, and 10.0 and prior. \n\nSOLUTION:\nUpdate to version 8.2.6, 9.4.2, or 10.0.1. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\n2) Bing Liu, Fortinet\u0027s FortiGuard Labs. \n6) Abdullah Ada via ZDI. \n8) Haifei Li, Fortinet\u0027s FortiGuard Labs. \n14 - 17, 19, 20, 22, 29) Peter Vreugdenhil via ZDI. \n21) Sebastian Apelt via ZDI. \n23) el via ZDI. \n14) Sean Larsson, iDefense Labs. \n28) An anonymous person via ZDI. \n\nThe vendor also credits:\n1) Mitja Kolsek, ACROS Security. \n3) Matthew Pun. \n4, 5, 18) Tavis Ormandy, Google Security Team. \n7) James Quirk. \n9) Brett Gervasoni, Sense of Security. \n10) Joe Schatz. \n11, 26) Billy Rios, Google Security Team. \n12) Greg MacManus, iSIGHT Partners Labs and Parvez Anwar. \n13) CESG. \n25) Will Dormann, CERT. \n27) Marc Schoenefeld, Red Hat Security Response Team. \n\nORIGINAL ADVISORY:\nAdobe (APSB11-03)\nhttp://www.adobe.com/support/security/bulletins/apsb11-03.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-02.html\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-065/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-066/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-067/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-068/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-069/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-070/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-071/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-072/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-073/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-074/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-075/\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-077/\n\nFortiGuard Labs:\nhttp://www.fortiguard.com/advisory/FGA-2011-06.html\n\niDefense:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201201-19\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: January 30, 2012\n Bugs: #354211, #382969, #393481\n ID: 201201-19\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might allow remote attackers\nto execute arbitrary code or conduct various other attacks. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-text/acroread \u003c 9.4.7 \u003e= 9.4.7=20\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Adobe Reader. Please\nreview the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could entice a user to open a specially crafted PDF\nfile using Adobe Reader, possibly resulting in the remote execution of\narbitrary code, a Denial of Service, or other impact. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.4.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-4091\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091\n[ 2 ] CVE-2011-0562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562\n[ 3 ] CVE-2011-0563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563\n[ 4 ] CVE-2011-0565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565\n[ 5 ] CVE-2011-0566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566\n[ 6 ] CVE-2011-0567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567\n[ 7 ] CVE-2011-0570\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570\n[ 8 ] CVE-2011-0585\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585\n[ 9 ] CVE-2011-0586\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586\n[ 10 ] CVE-2011-0587\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587\n[ 11 ] CVE-2011-0588\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588\n[ 12 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 13 ] CVE-2011-0590\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590\n[ 14 ] CVE-2011-0591\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591\n[ 15 ] CVE-2011-0592\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592\n[ 16 ] CVE-2011-0593\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593\n[ 17 ] CVE-2011-0594\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594\n[ 18 ] CVE-2011-0595\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595\n[ 19 ] CVE-2011-0596\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596\n[ 20 ] CVE-2011-0598\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598\n[ 21 ] CVE-2011-0599\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599\n[ 22 ] CVE-2011-0600\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600\n[ 23 ] CVE-2011-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602\n[ 24 ] CVE-2011-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603\n[ 25 ] CVE-2011-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604\n[ 26 ] CVE-2011-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605\n[ 27 ] CVE-2011-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606\n[ 28 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 29 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 30 ] CVE-2011-2135\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 31 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 32 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 33 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 34 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 35 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 36 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 37 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 38 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 39 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 40 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 41 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 42 ] CVE-2011-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431\n[ 43 ] CVE-2011-2432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432\n[ 44 ] CVE-2011-2433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433\n[ 45 ] CVE-2011-2434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434\n[ 46 ] CVE-2011-2435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435\n[ 47 ] CVE-2011-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436\n[ 48 ] CVE-2011-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437\n[ 49 ] CVE-2011-2438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438\n[ 50 ] CVE-2011-2439\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439\n[ 51 ] CVE-2011-2440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440\n[ 52 ] CVE-2011-2441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441\n[ 53 ] CVE-2011-2442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442\n[ 54 ] CVE-2011-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462\n[ 55 ] CVE-2011-4369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201201-19.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0587"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001199"
},
{
"db": "BID",
"id": "46251"
},
{
"db": "VULHUB",
"id": "VHN-48532"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-0587",
"trust": 2.9
},
{
"db": "BID",
"id": "46251",
"trust": 2.2
},
{
"db": "VUPEN",
"id": "ADV-2011-0337",
"trust": 1.9
},
{
"db": "SECTRACK",
"id": "1025033",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "43470",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2011-0492",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "43207",
"trust": 1.0
},
{
"db": "XF",
"id": "65292",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001199",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201102-148",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-48532",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99246",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-074",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-071",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-070",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-066",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-067",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-077",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-073",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-072",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-065",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-068",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-075",
"trust": 0.1
},
{
"db": "ZDI",
"id": "ZDI-11-069",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98320",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109194",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48532"
},
{
"db": "BID",
"id": "46251"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001199"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-148"
},
{
"db": "NVD",
"id": "CVE-2011-0587"
}
]
},
"id": "VAR-201102-0033",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48532"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:27:39.744000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-03",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"title": "cpsid_89065",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/890/cpsid_89065.html"
},
{
"title": "RHSA-2011:0301",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2011-0301.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001199"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48532"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001199"
},
{
"db": "NVD",
"id": "CVE-2011-0587"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/46251"
},
{
"trust": 1.9,
"url": "http://www.securitytracker.com/id?1025033"
},
{
"trust": 1.9,
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12217"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2011-0301.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/43470"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2011/0492"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65292"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0587"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/65292"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2011/at110004.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0587"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/43207"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/vim/section_179/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43470/#comments"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-0301.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43470"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-066/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-068/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/#comments"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-065/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43207"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-072/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-073/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-069/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-075/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-070/"
},
{
"trust": 0.1,
"url": "http://www.fortiguard.com/advisory/fga-2011-06.html"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-077/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43207/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-067/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=891"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-071/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-074/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48532"
},
{
"db": "BID",
"id": "46251"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001199"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-148"
},
{
"db": "NVD",
"id": "CVE-2011-0587"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-48532"
},
{
"db": "BID",
"id": "46251"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001199"
},
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-148"
},
{
"db": "NVD",
"id": "CVE-2011-0587"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-48532"
},
{
"date": "2011-02-08T00:00:00",
"db": "BID",
"id": "46251"
},
{
"date": "2011-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001199"
},
{
"date": "2011-03-14T11:37:12",
"db": "PACKETSTORM",
"id": "99246"
},
{
"date": "2011-02-09T03:30:01",
"db": "PACKETSTORM",
"id": "98320"
},
{
"date": "2012-01-31T00:07:37",
"db": "PACKETSTORM",
"id": "109194"
},
{
"date": "2011-02-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-148"
},
{
"date": "2011-02-10T18:00:58.287000",
"db": "NVD",
"id": "CVE-2011-0587"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-48532"
},
{
"date": "2013-06-20T09:38:00",
"db": "BID",
"id": "46251"
},
{
"date": "2011-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001199"
},
{
"date": "2011-02-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-148"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2011-0587"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-148"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001199"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "xss",
"sources": [
{
"db": "PACKETSTORM",
"id": "99246"
},
{
"db": "PACKETSTORM",
"id": "98320"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-148"
}
],
"trust": 0.8
}
}
var-201510-0334
Vulnerability from variot
The DynamicAnnotStore method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the DynamicAnnotStore method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the DynamicAnnotStore method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0334",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-499"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005274"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-230"
},
{
"db": "NVD",
"id": "CVE-2015-6717"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005274"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Matt Molinyawe and Jasiel Spelman of HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-499"
}
],
"trust": 0.7
},
"cve": "CVE-2015-6717",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6717",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-6717",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84678",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6717",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6717",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-6717",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-230",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-84678",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2015-6717",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-499"
},
{
"db": "VULHUB",
"id": "VHN-84678"
},
{
"db": "VULMON",
"id": "CVE-2015-6717"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005274"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-230"
},
{
"db": "NVD",
"id": "CVE-2015-6717"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The DynamicAnnotStore method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the DynamicAnnotStore method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the DynamicAnnotStore method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6717"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005274"
},
{
"db": "ZDI",
"id": "ZDI-15-499"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "VULHUB",
"id": "VHN-84678"
},
{
"db": "VULMON",
"id": "CVE-2015-6717"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6717",
"trust": 3.6
},
{
"db": "ZDI",
"id": "ZDI-15-499",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005274",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3083",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-230",
"trust": 0.7
},
{
"db": "BID",
"id": "77074",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-84678",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-6717",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-499"
},
{
"db": "VULHUB",
"id": "VHN-84678"
},
{
"db": "VULMON",
"id": "CVE-2015-6717"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005274"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-230"
},
{
"db": "NVD",
"id": "CVE-2015-6717"
}
]
},
"id": "VAR-201510-0334",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84678"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:36.522000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product Privilege License and Access Control Vulnerability Fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58079"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-499"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005274"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-230"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84678"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005274"
},
{
"db": "NVD",
"id": "CVE-2015-6717"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.8,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-499"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6717"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6717"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.securityfocus.com/bid/77074"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=41495"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-499"
},
{
"db": "VULHUB",
"id": "VHN-84678"
},
{
"db": "VULMON",
"id": "CVE-2015-6717"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005274"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-230"
},
{
"db": "NVD",
"id": "CVE-2015-6717"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-499"
},
{
"db": "VULHUB",
"id": "VHN-84678"
},
{
"db": "VULMON",
"id": "CVE-2015-6717"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005274"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-230"
},
{
"db": "NVD",
"id": "CVE-2015-6717"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-499"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84678"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULMON",
"id": "CVE-2015-6717"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005274"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-230"
},
{
"date": "2015-10-14T23:59:38.773000",
"db": "NVD",
"id": "CVE-2015-6717"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-499"
},
{
"date": "2020-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-84678"
},
{
"date": "2020-05-13T00:00:00",
"db": "VULMON",
"id": "CVE-2015-6717"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005274"
},
{
"date": "2020-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-230"
},
{
"date": "2021-09-08T17:19:32.263000",
"db": "NVD",
"id": "CVE-2015-6717"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-230"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of DynamicAnnotStore In the method JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005274"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-230"
}
],
"trust": 0.6
}
}
var-201501-0409
Vulnerability from variot
CoolType.dll in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows, and 10.x through 10.1.13 and 11.x through 11.0.10 on OS X, allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted PDF document. Adobe Reader and Acrobat are prone to multiple memory-corruption vulnerabilities. An attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201501-0409",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.02"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.06"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.01"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.03"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.07"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.04"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007815"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-754"
},
{
"db": "NVD",
"id": "CVE-2014-9161"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-007815"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "instruder of Alibaba Security Research Team, Mateusz Jurczyk of Google Project Zero, Alex Inf\u00fchr of Cure53.de, Mateusz Jurczyk of Google Project Zero and Gynvael Coldwind of Google Security Team, Wei Lei, as well as Wu Hongjun of Nanyang Technological Uni",
"sources": [
{
"db": "BID",
"id": "74600"
}
],
"trust": 0.3
},
"cve": "CVE-2014-9161",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2014-9161",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-77106",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-9161",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-9161",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201501-754",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-77106",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2014-9161",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-77106"
},
{
"db": "VULMON",
"id": "CVE-2014-9161"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007815"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-754"
},
{
"db": "NVD",
"id": "CVE-2014-9161"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CoolType.dll in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows, and 10.x through 10.1.13 and 11.x through 11.0.10 on OS X, allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted PDF document. Adobe Reader and Acrobat are prone to multiple memory-corruption vulnerabilities. \nAn attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-9161"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007815"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "VULHUB",
"id": "VHN-77106"
},
{
"db": "VULMON",
"id": "CVE-2014-9161"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-9161",
"trust": 2.9
},
{
"db": "BID",
"id": "74600",
"trust": 1.5
},
{
"db": "SECTRACK",
"id": "1032284",
"trust": 1.2
},
{
"db": "PACKETSTORM",
"id": "134394",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007815",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201501-754",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-77106",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2014-9161",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-77106"
},
{
"db": "VULMON",
"id": "CVE-2014-9161"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007815"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-754"
},
{
"db": "NVD",
"id": "CVE-2014-9161"
}
]
},
"id": "VAR-201501-0409",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-77106"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:34:03.315000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Acrobat XI Pro",
"trust": 0.8,
"url": "https://www.adobe.com/jp/products/acrobatpro.html"
},
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb15-10.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150514.html"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/0xCyberY/CVE-T4PDF "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-9161"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007815"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-77106"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007815"
},
{
"db": "NVD",
"id": "CVE-2014-9161"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://code.google.com/p/google-security-research/issues/detail?id=149"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/74600"
},
{
"trust": 1.2,
"url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"trust": 1.2,
"url": "http://packetstormsecurity.com/files/134394/adobe-reader-x-xi-out-of-bounds-read.html"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1032284"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9161"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150513-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-9161"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=16279"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=39378"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-77106"
},
{
"db": "VULMON",
"id": "CVE-2014-9161"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007815"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-754"
},
{
"db": "NVD",
"id": "CVE-2014-9161"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-77106"
},
{
"db": "VULMON",
"id": "CVE-2014-9161"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007815"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-754"
},
{
"db": "NVD",
"id": "CVE-2014-9161"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-01-30T00:00:00",
"db": "VULHUB",
"id": "VHN-77106"
},
{
"date": "2015-01-30T00:00:00",
"db": "VULMON",
"id": "CVE-2014-9161"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74600"
},
{
"date": "2015-02-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-007815"
},
{
"date": "2015-01-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201501-754"
},
{
"date": "2015-01-30T11:59:50.610000",
"db": "NVD",
"id": "CVE-2014-9161"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-03T00:00:00",
"db": "VULHUB",
"id": "VHN-77106"
},
{
"date": "2017-01-03T00:00:00",
"db": "VULMON",
"id": "CVE-2014-9161"
},
{
"date": "2015-07-15T01:02:00",
"db": "BID",
"id": "74600"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-007815"
},
{
"date": "2015-02-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201501-754"
},
{
"date": "2017-01-03T02:59:22.860000",
"db": "NVD",
"id": "CVE-2014-9161"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201501-754"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-007815"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201501-754"
}
],
"trust": 0.6
}
}
var-201309-0155
Vulnerability from variot
Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3352 and CVE-2013-3355. Adobe Acrobat and Reader are prone to an unspecified memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Note: This issue is previously discussed in BID 62293 (Adobe Acrobat and Reader APSB13-22 Multiple Remote Code Execution Vulnerabilities), but has been moved to its own record for better documentation. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201309-0155",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 2.2,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 2.2,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.04)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.8)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.04)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.8)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "x10.1.8"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "x10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "x11.0.3"
},
{
"model": "reader xi",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat xi",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
}
],
"sources": [
{
"db": "BID",
"id": "62432"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004079"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-149"
},
{
"db": "NVD",
"id": "CVE-2013-3354"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004079"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mateusz Jurczyk and Gynvael Coldwind of the Google Security Team",
"sources": [
{
"db": "BID",
"id": "62432"
}
],
"trust": 0.3
},
"cve": "CVE-2013-3354",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2013-3354",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-63356",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-3354",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2013-3354",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201309-149",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-63356",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63356"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004079"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-149"
},
{
"db": "NVD",
"id": "CVE-2013-3354"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3352 and CVE-2013-3355. Adobe Acrobat and Reader are prone to an unspecified memory-corruption vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. \nNote: This issue is previously discussed in BID 62293 (Adobe Acrobat and Reader APSB13-22 Multiple Remote Code Execution Vulnerabilities), but has been moved to its own record for better documentation. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3354"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004079"
},
{
"db": "BID",
"id": "62432"
},
{
"db": "VULHUB",
"id": "VHN-63356"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-3354",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004079",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201309-149",
"trust": 0.7
},
{
"db": "BID",
"id": "62432",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-63356",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63356"
},
{
"db": "BID",
"id": "62432"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004079"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-149"
},
{
"db": "NVD",
"id": "CVE-2013-3354"
}
]
},
"id": "VAR-201309-0155",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-63356"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T14:40:25.412000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB13-22",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-22.html"
},
{
"title": "APSB13-22 (cq09051858)",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/acrobat/kb/cq09051858.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20130912.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004079"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63356"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004079"
},
{
"db": "NVD",
"id": "CVE-2013-3354"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.adobe.com/support/security/bulletins/apsb13-22.html"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a18948"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3354"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20130911-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2013/at130039.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3354"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=12255"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63356"
},
{
"db": "BID",
"id": "62432"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004079"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-149"
},
{
"db": "NVD",
"id": "CVE-2013-3354"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-63356"
},
{
"db": "BID",
"id": "62432"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004079"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-149"
},
{
"db": "NVD",
"id": "CVE-2013-3354"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-09-12T00:00:00",
"db": "VULHUB",
"id": "VHN-63356"
},
{
"date": "2013-09-10T00:00:00",
"db": "BID",
"id": "62432"
},
{
"date": "2013-09-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004079"
},
{
"date": "2013-09-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201309-149"
},
{
"date": "2013-09-12T13:28:24.503000",
"db": "NVD",
"id": "CVE-2013-3354"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-63356"
},
{
"date": "2013-09-10T00:00:00",
"db": "BID",
"id": "62432"
},
{
"date": "2013-09-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004079"
},
{
"date": "2013-09-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201309-149"
},
{
"date": "2017-09-19T01:36:40.560000",
"db": "NVD",
"id": "CVE-2013-3354"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201309-149"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004079"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201309-149"
}
],
"trust": 0.6
}
}
var-201004-0126
Vulnerability from variot
Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0194, CVE-2010-0201, and CVE-2010-0204. Adobe Reader and Acrobat There is a service disruption (DoS) A vulnerability exists that could lead to a condition or arbitrary code execution. This vulnerability CVE-2010-0194 , CVE-2010-0201 and CVE-2010-0204 Is a different vulnerability.Service disruption by a third party (DoS) Could be put into a state or execute arbitrary code. Adobe released an advisory addressing multiple issues in Reader and Acrobat. Attackers can exploit these issues to steal cookie-based authentication credentials, cause a denial-of-service, or execute arbitrary code in the context of the user running an affected application.
I. These vulnerabilities affect Reader and Acrobat 9.3.1 and earlier 9.x versions, and 8.2.1 and earlier versions.
An attacker could exploit these vulnerabilities by convincing a user to open a specially crafted PDF file. The Adobe Reader browser plug-in is available for multiple web browsers and operating systems, which can automatically open PDF documents hosted on a website.
II.
III. For a fresh installation, first install Adobe Reader 9.3.0 or 8.2.0 and then use the automatic update feature or install the appropriate update referenced in APSB10-09. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Adobe provides a framework to blacklist specific JavaScipt APIs. If JavaScript must be enabled, this feature may be useful when specific APIs are known to be vulnerable or used in attacks.
Prevent Internet Explorer from automatically opening PDF documents
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7] "EditFlags"=hex:00,00,00,00
Disable the display of PDF documents in the web browser
Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF documents from automatically being opened in a web browser, do the following:
- Open the Edit menu.
- Choose the Preferences option.
- Choose the Internet section.
- Uncheck the "Display PDF in browser" checkbox.
Do not access PDF documents from untrusted sources
Do not open unfamiliar or unexpected PDF documents, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. Please send email to cert@cert.org with "TA10-103C Feedback VU#352598" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
April 13, 2010: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBS8TuRj6pPKYJORa3AQJfzggAj8p3s/TrJT16ceFtRzLR31QBgRq6GxYr h8WnsGlj2WR71XjH219XaWx9Mj3KBWVxbAsNPmK0tEir7KA+n4DwZCewTDYRqfYs 8N7G9MOI68Z87+7zBiZAo0j5/lQuxLWyTF9PqWbX8gCWLqJWW46cEZCqg7OGRbYt w8coxdMXU6tM3WGoWAIKwLRtpQUdubcITPTrE7RATyLJ1422B9dkTSeSCuHHZs5d eXSPYzTQ1EOwHpuA5/a/or2SjeRPLQcpxb/8WKelSqwW3hpK4zviEnPt4cYyeNqW BQY06OQMTKch/nmniuEDuiwe69m0gTw7Tw2Dm6xrg6BLBy3A6GAwkQ== =CQ6i -----END PGP SIGNATURE----- . For further information please consult the CVE entries and the Adobe Security Bulletins referenced below.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.3.4"
References
[ 1 ] APSA10-01 http://www.adobe.com/support/security/advisories/apsa10-01.html [ 2 ] APSB10-02 http://www.adobe.com/support/security/bulletins/apsb10-02.html [ 3 ] APSB10-07 http://www.adobe.com/support/security/bulletins/apsb10-07.html [ 4 ] APSB10-09 http://www.adobe.com/support/security/bulletins/apsb10-09.html [ 5 ] APSB10-14 http://www.adobe.com/support/security/bulletins/apsb10-14.html [ 6 ] APSB10-16 http://www.adobe.com/support/security/bulletins/apsb10-16.html [ 7 ] CVE-2009-3953 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953 [ 8 ] CVE-2009-4324 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324 [ 9 ] CVE-2010-0186 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186 [ 10 ] CVE-2010-0188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188 [ 11 ] CVE-2010-0190 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190 [ 12 ] CVE-2010-0191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191 [ 13 ] CVE-2010-0192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192 [ 14 ] CVE-2010-0193 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193 [ 15 ] CVE-2010-0194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194 [ 16 ] CVE-2010-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195 [ 17 ] CVE-2010-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196 [ 18 ] CVE-2010-0197 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197 [ 19 ] CVE-2010-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198 [ 20 ] CVE-2010-0199 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199 [ 21 ] CVE-2010-0201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201 [ 22 ] CVE-2010-0202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202 [ 23 ] CVE-2010-0203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203 [ 24 ] CVE-2010-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204 [ 25 ] CVE-2010-1241 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241 [ 26 ] CVE-2010-1285 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285 [ 27 ] CVE-2010-1295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295 [ 28 ] CVE-2010-1297 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297 [ 29 ] CVE-2010-2168 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168 [ 30 ] CVE-2010-2201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201 [ 31 ] CVE-2010-2202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202 [ 32 ] CVE-2010-2203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203 [ 33 ] CVE-2010-2204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204 [ 34 ] CVE-2010-2205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205 [ 35 ] CVE-2010-2206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206 [ 36 ] CVE-2010-2207 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207 [ 37 ] CVE-2010-2208 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208 [ 38 ] CVE-2010-2209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209 [ 39 ] CVE-2010-2210 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210 [ 40 ] CVE-2010-2211 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211 [ 41 ] CVE-2010-2212 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201009-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201004-0126",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.4.z (server)"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.0"
}
],
"sources": [
{
"db": "BID",
"id": "39518"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001353"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-250"
},
{
"db": "NVD",
"id": "CVE-2010-0197"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001353"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Billy Rios and Microsoft Vulnerability Research (MSVR), Aki Helin of Oulu University Secure Programming Group, Microsoft Vulnerability Research Program (MSVR), Bing Liu of Fortinet\u0027s FortiGuard Labs, an anonymous researcher reported through TippingPoint\u0026a",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-250"
}
],
"trust": 0.6
},
"cve": "CVE-2010-0197",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-0197",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-42802",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-0197",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2010-0197",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201004-250",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-42802",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42802"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001353"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-250"
},
{
"db": "NVD",
"id": "CVE-2010-0197"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0194, CVE-2010-0201, and CVE-2010-0204. Adobe Reader and Acrobat There is a service disruption (DoS) A vulnerability exists that could lead to a condition or arbitrary code execution. This vulnerability CVE-2010-0194 , CVE-2010-0201 and CVE-2010-0204 Is a different vulnerability.Service disruption by a third party (DoS) Could be put into a state or execute arbitrary code. Adobe released an advisory addressing multiple issues in Reader and Acrobat. \nAttackers can exploit these issues to steal cookie-based authentication credentials, cause a denial-of-service, or execute arbitrary code in the context of the user running an affected application. \n\n\nI. These\n vulnerabilities affect Reader and Acrobat 9.3.1 and earlier 9.x\n versions, and 8.2.1 and earlier versions. \n\n An attacker could exploit these vulnerabilities by convincing a\n user to open a specially crafted PDF file. The Adobe Reader browser\n plug-in is available for multiple web browsers and operating\n systems, which can automatically open PDF documents hosted on a\n website. \n\n\nII. \n\n\nIII. For a fresh installation, first install\n Adobe Reader 9.3.0 or 8.2.0 and then use the automatic update\n feature or install the appropriate update referenced in APSB10-09. Acrobat JavaScript can be disabled using the\n Preferences menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable\n Acrobat JavaScript). \n\n Adobe provides a framework to blacklist specific JavaScipt APIs. If\n JavaScript must be enabled, this feature may be useful when\n specific APIs are known to be vulnerable or used in attacks. \n\n Prevent Internet Explorer from automatically opening PDF documents\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF documents in the web browser\n\n Preventing PDF documents from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF documents from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. \n\n Do not access PDF documents from untrusted sources\n\n Do not open unfamiliar or unexpected PDF documents, particularly\n those hosted on websites or delivered as email attachments. Please\n see Cyber Security Tip ST04-010. \n\n\nIV. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-103C Feedback VU#352598\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n April 13, 2010: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBS8TuRj6pPKYJORa3AQJfzggAj8p3s/TrJT16ceFtRzLR31QBgRq6GxYr\nh8WnsGlj2WR71XjH219XaWx9Mj3KBWVxbAsNPmK0tEir7KA+n4DwZCewTDYRqfYs\n8N7G9MOI68Z87+7zBiZAo0j5/lQuxLWyTF9PqWbX8gCWLqJWW46cEZCqg7OGRbYt\nw8coxdMXU6tM3WGoWAIKwLRtpQUdubcITPTrE7RATyLJ1422B9dkTSeSCuHHZs5d\neXSPYzTQ1EOwHpuA5/a/or2SjeRPLQcpxb/8WKelSqwW3hpK4zviEnPt4cYyeNqW\nBQY06OQMTKch/nmniuEDuiwe69m0gTw7Tw2Dm6xrg6BLBy3A6GAwkQ==\n=CQ6i\n-----END PGP SIGNATURE-----\n. For further\ninformation please consult the CVE entries and the Adobe Security\nBulletins referenced below. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.3.4\"\n\nReferences\n==========\n\n [ 1 ] APSA10-01\n http://www.adobe.com/support/security/advisories/apsa10-01.html\n [ 2 ] APSB10-02\n http://www.adobe.com/support/security/bulletins/apsb10-02.html\n [ 3 ] APSB10-07\n http://www.adobe.com/support/security/bulletins/apsb10-07.html\n [ 4 ] APSB10-09\n http://www.adobe.com/support/security/bulletins/apsb10-09.html\n [ 5 ] APSB10-14\n http://www.adobe.com/support/security/bulletins/apsb10-14.html\n [ 6 ] APSB10-16\n http://www.adobe.com/support/security/bulletins/apsb10-16.html\n [ 7 ] CVE-2009-3953\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953\n [ 8 ] CVE-2009-4324\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324\n [ 9 ] CVE-2010-0186\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186\n [ 10 ] CVE-2010-0188\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188\n [ 11 ] CVE-2010-0190\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190\n [ 12 ] CVE-2010-0191\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191\n [ 13 ] CVE-2010-0192\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192\n [ 14 ] CVE-2010-0193\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193\n [ 15 ] CVE-2010-0194\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194\n [ 16 ] CVE-2010-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195\n [ 17 ] CVE-2010-0196\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196\n [ 18 ] CVE-2010-0197\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197\n [ 19 ] CVE-2010-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198\n [ 20 ] CVE-2010-0199\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199\n [ 21 ] CVE-2010-0201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201\n [ 22 ] CVE-2010-0202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202\n [ 23 ] CVE-2010-0203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203\n [ 24 ] CVE-2010-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204\n [ 25 ] CVE-2010-1241\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241\n [ 26 ] CVE-2010-1285\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285\n [ 27 ] CVE-2010-1295\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295\n [ 28 ] CVE-2010-1297\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297\n [ 29 ] CVE-2010-2168\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168\n [ 30 ] CVE-2010-2201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201\n [ 31 ] CVE-2010-2202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202\n [ 32 ] CVE-2010-2203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203\n [ 33 ] CVE-2010-2204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204\n [ 34 ] CVE-2010-2205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205\n [ 35 ] CVE-2010-2206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206\n [ 36 ] CVE-2010-2207\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207\n [ 37 ] CVE-2010-2208\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208\n [ 38 ] CVE-2010-2209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209\n [ 39 ] CVE-2010-2210\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210\n [ 40 ] CVE-2010-2211\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211\n [ 41 ] CVE-2010-2212\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201009-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-0197"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001353"
},
{
"db": "BID",
"id": "39518"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "VULHUB",
"id": "VHN-42802"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-0197",
"trust": 2.9
},
{
"db": "USCERT",
"id": "TA10-103C",
"trust": 2.6
},
{
"db": "VUPEN",
"id": "ADV-2010-0873",
"trust": 2.5
},
{
"db": "BID",
"id": "39329",
"trust": 2.0
},
{
"db": "USCERT",
"id": "SA10-103C",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001353",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201004-250",
"trust": 0.7
},
{
"db": "CERT/CC",
"id": "TA10-103C",
"trust": 0.6
},
{
"db": "BID",
"id": "39518",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-42802",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88345",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "93607",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42802"
},
{
"db": "BID",
"id": "39518"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001353"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-250"
},
{
"db": "NVD",
"id": "CVE-2010-0197"
}
]
},
"id": "VAR-201004-0126",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-42802"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:26:43.114000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-09",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"title": "APSB10-09",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-09.html"
},
{
"title": "RHSA-2010:0349",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0349.html"
},
{
"title": "TA10-103C",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-103c.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001353"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42802"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001353"
},
{
"db": "NVD",
"id": "CVE-2010-0197"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-103c.html"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2010/0873"
},
{
"trust": 2.4,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/39329"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7298"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0197"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100009.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-103c/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-13/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0197"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-103c.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/index.html#topics"
},
{
"trust": 0.6,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-103c.html\u003e"
},
{
"trust": 0.1,
"url": "http://kb2.adobe.com/cps/504/cpsid_50431.html\u003e"
},
{
"trust": 0.1,
"url": "http://blogs.adobe.com/adobereader/2010/04/upcoming_adobe_reader_and_acro.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2203"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2209"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0188"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0199"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201009-05.xml"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2205"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2211"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1285"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0199"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0190"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2210"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0188"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0198"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-07.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1297"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1241"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1295"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2208"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0190"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0198"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2207"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2168"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2201"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-16.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0186"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2212"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42802"
},
{
"db": "BID",
"id": "39518"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001353"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-250"
},
{
"db": "NVD",
"id": "CVE-2010-0197"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-42802"
},
{
"db": "BID",
"id": "39518"
},
{
"db": "BID",
"id": "39329"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001353"
},
{
"db": "PACKETSTORM",
"id": "88345"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-250"
},
{
"db": "NVD",
"id": "CVE-2010-0197"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-14T00:00:00",
"db": "VULHUB",
"id": "VHN-42802"
},
{
"date": "2010-04-15T00:00:00",
"db": "BID",
"id": "39518"
},
{
"date": "2010-04-08T00:00:00",
"db": "BID",
"id": "39329"
},
{
"date": "2010-04-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001353"
},
{
"date": "2010-04-14T07:04:22",
"db": "PACKETSTORM",
"id": "88345"
},
{
"date": "2010-09-08T05:23:46",
"db": "PACKETSTORM",
"id": "93607"
},
{
"date": "2010-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-250"
},
{
"date": "2010-04-14T16:00:00.897000",
"db": "NVD",
"id": "CVE-2010-0197"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-42802"
},
{
"date": "2015-03-19T08:34:00",
"db": "BID",
"id": "39518"
},
{
"date": "2010-04-16T15:53:00",
"db": "BID",
"id": "39329"
},
{
"date": "2010-04-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001353"
},
{
"date": "2010-04-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-250"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2010-0197"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "39518"
},
{
"db": "BID",
"id": "39329"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001353"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-250"
}
],
"trust": 0.6
}
}
var-201505-0296
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3046, CVE-2015-3049, CVE-2015-3050, CVE-2015-3051, CVE-2015-3052, CVE-2015-3056, CVE-2015-3057, and CVE-2015-3076. Adobe Reader and Acrobat are prone to multiple memory-corruption vulnerabilities. Failed exploit attempts will likely result in denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201505-0296",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.11)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.14)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002648"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-183"
},
{
"db": "NVD",
"id": "CVE-2015-3070"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002648"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "instruder of Alibaba Security Research Team, Mateusz Jurczyk of Google Project Zero, Alex Inf\u00fchr of Cure53.de, Mateusz Jurczyk of Google Project Zero and Gynvael Coldwind of Google Security Team, Wei Lei, as well as Wu Hongjun of Nanyang Technological Uni",
"sources": [
{
"db": "BID",
"id": "74600"
}
],
"trust": 0.3
},
"cve": "CVE-2015-3070",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3070",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-81031",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3070",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-3070",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-183",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-81031",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81031"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002648"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-183"
},
{
"db": "NVD",
"id": "CVE-2015-3070"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3046, CVE-2015-3049, CVE-2015-3050, CVE-2015-3051, CVE-2015-3052, CVE-2015-3056, CVE-2015-3057, and CVE-2015-3076. Adobe Reader and Acrobat are prone to multiple memory-corruption vulnerabilities. Failed exploit attempts will likely result in denial-of-service conditions. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool. The following products and versions are affected: Adobe Reader 10.1.13 and earlier and 11.0.10 and earlier, Acrobat 10.1.13 and earlier and 11.0.10 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3070"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002648"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "VULHUB",
"id": "VHN-81031"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3070",
"trust": 2.8
},
{
"db": "BID",
"id": "74600",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1032284",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002648",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201505-183",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-81031",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81031"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002648"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-183"
},
{
"db": "NVD",
"id": "CVE-2015-3070"
}
]
},
"id": "VAR-201505-0296",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-81031"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:34:06.897000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"title": "APSB15-10",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb15-10.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20150514.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002648"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81031"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002648"
},
{
"db": "NVD",
"id": "CVE-2015-3070"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/74600"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032284"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3070"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20150513-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3070"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics?seq=16279"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://get.adobe.com/reader/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-81031"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002648"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-183"
},
{
"db": "NVD",
"id": "CVE-2015-3070"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-81031"
},
{
"db": "BID",
"id": "74600"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002648"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-183"
},
{
"db": "NVD",
"id": "CVE-2015-3070"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-81031"
},
{
"date": "2015-05-12T00:00:00",
"db": "BID",
"id": "74600"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002648"
},
{
"date": "2015-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-183"
},
{
"date": "2015-05-13T11:00:04.717000",
"db": "NVD",
"id": "CVE-2015-3070"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-05T00:00:00",
"db": "VULHUB",
"id": "VHN-81031"
},
{
"date": "2015-07-15T01:02:00",
"db": "BID",
"id": "74600"
},
{
"date": "2015-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002648"
},
{
"date": "2015-05-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-183"
},
{
"date": "2017-01-05T20:16:59.210000",
"db": "NVD",
"id": "CVE-2015-3070"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-183"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002648"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-183"
}
],
"trust": 0.6
}
}
var-201603-0203
Vulnerability from variot
Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.20060 on Windows and OS X allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. DLL You may get permission through. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must open a malicious file.The specific flaw exists within the handling of DLL search paths. In specific situations an attacker can force Acrobat Pro DC to load an arbitrary DLL from specific locations. An attacker can leverage this vulnerability to execute code under the context of the current process. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A security vulnerability exists in several Adobe products due to the program not properly initializing gesture properties
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201603-0203",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "15.006.30119"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.14"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.010.20059"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30119"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.010.20059"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.14"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.15 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30121 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20060 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30121 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.010.20060 (windows/macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.15 (windows/macintosh)"
},
{
"model": "acrobat pro dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.14"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.010.20059"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.010.20059"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "15.006.30119"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.14"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-190"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001699"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-078"
},
{
"db": "NVD",
"id": "CVE-2016-1008"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001699"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri and Jasiel Spelman of HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-190"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-078"
}
],
"trust": 1.3
},
"cve": "CVE-2016-1008",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2016-1008",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2016-1008",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-88820",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.5,
"id": "CVE-2016-1008",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-1008",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-1008",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2016-1008",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-078",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-88820",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-1008",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-190"
},
{
"db": "VULHUB",
"id": "VHN-88820"
},
{
"db": "VULMON",
"id": "CVE-2016-1008"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001699"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-078"
},
{
"db": "NVD",
"id": "CVE-2016-1008"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.20060 on Windows and OS X allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. DLL You may get permission through. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must open a malicious file.The specific flaw exists within the handling of DLL search paths. In specific situations an attacker can force Acrobat Pro DC to load an arbitrary DLL from specific locations. An attacker can leverage this vulnerability to execute code under the context of the current process. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A security vulnerability exists in several Adobe products due to the program not properly initializing gesture properties",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1008"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001699"
},
{
"db": "ZDI",
"id": "ZDI-16-190"
},
{
"db": "VULHUB",
"id": "VHN-88820"
},
{
"db": "VULMON",
"id": "CVE-2016-1008"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-1008",
"trust": 3.3
},
{
"db": "ZDI",
"id": "ZDI-16-190",
"trust": 1.8
},
{
"db": "BID",
"id": "84216",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1035199",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001699",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3111",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201603-078",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-88820",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-1008",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-190"
},
{
"db": "VULHUB",
"id": "VHN-88820"
},
{
"db": "VULMON",
"id": "CVE-2016-1008"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001699"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-078"
},
{
"db": "NVD",
"id": "CVE-2016-1008"
}
]
},
"id": "VAR-201603-0203",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88820"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T14:06:08.153000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-09",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-09.html"
},
{
"title": "APSB16-09",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/acrobat/apsb16-09.html"
},
{
"title": "Multiple Adobe Fixes for product arbitrary code execution vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60438"
},
{
"title": null,
"trust": 0.1,
"url": "https://threatpost.com/adobe-patches-reader-and-acrobat-teases-upcoming-flash-update/116662/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-190"
},
{
"db": "VULMON",
"id": "CVE-2016-1008"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001699"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-078"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88820"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001699"
},
{
"db": "NVD",
"id": "CVE-2016-1008"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-09.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/84216"
},
{
"trust": 1.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-190"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1035199"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1008"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1008"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-190"
},
{
"db": "VULHUB",
"id": "VHN-88820"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001699"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-078"
},
{
"db": "NVD",
"id": "CVE-2016-1008"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-16-190"
},
{
"db": "VULHUB",
"id": "VHN-88820"
},
{
"db": "VULMON",
"id": "CVE-2016-1008"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001699"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-078"
},
{
"db": "NVD",
"id": "CVE-2016-1008"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-08T00:00:00",
"db": "ZDI",
"id": "ZDI-16-190"
},
{
"date": "2016-03-09T00:00:00",
"db": "VULHUB",
"id": "VHN-88820"
},
{
"date": "2016-03-09T00:00:00",
"db": "VULMON",
"id": "CVE-2016-1008"
},
{
"date": "2016-03-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001699"
},
{
"date": "2016-03-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-078"
},
{
"date": "2016-03-09T11:59:38.390000",
"db": "NVD",
"id": "CVE-2016-1008"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-08T00:00:00",
"db": "ZDI",
"id": "ZDI-16-190"
},
{
"date": "2016-12-03T00:00:00",
"db": "VULHUB",
"id": "VHN-88820"
},
{
"date": "2016-12-03T00:00:00",
"db": "VULMON",
"id": "CVE-2016-1008"
},
{
"date": "2016-03-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001699"
},
{
"date": "2016-03-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-078"
},
{
"date": "2016-12-03T03:19:31.067000",
"db": "NVD",
"id": "CVE-2016-1008"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-078"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerability gained in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001699"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-078"
}
],
"trust": 0.6
}
}
var-201510-0363
Vulnerability from variot
Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information via unspecified vectors. Adobe Acrobat and Reader are prone to an unspecified buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Attackers can exploit this issue to disclose sensitive information or cause a denial-of-service condition. Given the nature of this issue, attackers may also be able to execute arbitrary code, but this has not been confirmed. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A buffer overflow vulnerability exists in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0363",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "BID",
"id": "77066"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005249"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-205"
},
{
"db": "NVD",
"id": "CVE-2015-6692"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005249"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jack Tang of TrendMicro",
"sources": [
{
"db": "BID",
"id": "77066"
}
],
"trust": 0.3
},
"cve": "CVE-2015-6692",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-6692",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-84653",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6692",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6692",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-205",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-84653",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84653"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005249"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-205"
},
{
"db": "NVD",
"id": "CVE-2015-6692"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information via unspecified vectors. Adobe Acrobat and Reader are prone to an unspecified buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. \nAttackers can exploit this issue to disclose sensitive information or cause a denial-of-service condition. Given the nature of this issue, attackers may also be able to execute arbitrary code, but this has not been confirmed. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. A buffer overflow vulnerability exists in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6692"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005249"
},
{
"db": "BID",
"id": "77066"
},
{
"db": "VULHUB",
"id": "VHN-84653"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6692",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005249",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201510-205",
"trust": 0.7
},
{
"db": "BID",
"id": "77066",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-84653",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84653"
},
{
"db": "BID",
"id": "77066"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005249"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-205"
},
{
"db": "NVD",
"id": "CVE-2015-6692"
}
]
},
"id": "VAR-201510-0363",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84653"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:36.332000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product Buffer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58054"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005249"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-205"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
},
{
"problemtype": "CWE-200",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84653"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005249"
},
{
"db": "NVD",
"id": "CVE-2015-6692"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6692"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6692"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84653"
},
{
"db": "BID",
"id": "77066"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005249"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-205"
},
{
"db": "NVD",
"id": "CVE-2015-6692"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-84653"
},
{
"db": "BID",
"id": "77066"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005249"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-205"
},
{
"db": "NVD",
"id": "CVE-2015-6692"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84653"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77066"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005249"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-205"
},
{
"date": "2015-10-14T23:59:14.033000",
"db": "NVD",
"id": "CVE-2015-6692"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-18T00:00:00",
"db": "VULHUB",
"id": "VHN-84653"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77066"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005249"
},
{
"date": "2020-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-205"
},
{
"date": "2021-09-08T17:19:31.660000",
"db": "NVD",
"id": "CVE-2015-6692"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-205"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005249"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-205"
}
],
"trust": 0.6
}
}
var-201412-0502
Vulnerability from variot
An unspecified JavaScript API in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2014-8451. This vulnerability CVE-2014-8451 Is a different vulnerability.An attacker could obtain important information. Adobe Reader and Acrobat are prone to an information-disclosure vulnerability. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201412-0502",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.06"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.02"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.07"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.01"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.03"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "11.0.04"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "*"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "windows",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.13)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.1.13)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.10)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows macintosh)"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi (11.0.10)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "BID",
"id": "71564"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005924"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-224"
},
{
"db": "NVD",
"id": "CVE-2014-8448"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005924"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lokihardt@asrt",
"sources": [
{
"db": "BID",
"id": "71564"
}
],
"trust": 0.3
},
"cve": "CVE-2014-8448",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2014-8448",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-76393",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-8448",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-8448",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201412-224",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-76393",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76393"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005924"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-224"
},
{
"db": "NVD",
"id": "CVE-2014-8448"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An unspecified JavaScript API in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2014-8451. This vulnerability CVE-2014-8451 Is a different vulnerability.An attacker could obtain important information. Adobe Reader and Acrobat are prone to an information-disclosure vulnerability. Adobe Reader is a free PDF file reader, and Acrobat is a PDF file editing and conversion tool",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8448"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005924"
},
{
"db": "BID",
"id": "71564"
},
{
"db": "VULHUB",
"id": "VHN-76393"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-8448",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005924",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201412-224",
"trust": 0.7
},
{
"db": "BID",
"id": "71564",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-76393",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76393"
},
{
"db": "BID",
"id": "71564"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005924"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-224"
},
{
"db": "NVD",
"id": "CVE-2014-8448"
}
]
},
"id": "VAR-201412-0502",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-76393"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T15:24:09.027000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"title": "APSB14-28",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/reader/apsb14-28.html"
},
{
"title": "AcrobatUpd10113",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52692"
},
{
"title": "AdbeRdrUpd11010",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52691"
},
{
"title": "AdbeRdrUpd10113",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52690"
},
{
"title": "AcrobatUpd11010",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52693"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005924"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-224"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76393"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005924"
},
{
"db": "NVD",
"id": "CVE-2014-8448"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8448"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20141210-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2014/at140053.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8448"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=15071"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/acrobat/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/reader/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76393"
},
{
"db": "BID",
"id": "71564"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005924"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-224"
},
{
"db": "NVD",
"id": "CVE-2014-8448"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-76393"
},
{
"db": "BID",
"id": "71564"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005924"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-224"
},
{
"db": "NVD",
"id": "CVE-2014-8448"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-10T00:00:00",
"db": "VULHUB",
"id": "VHN-76393"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71564"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005924"
},
{
"date": "2014-12-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-224"
},
{
"date": "2014-12-10T21:59:20.837000",
"db": "NVD",
"id": "CVE-2014-8448"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-76393"
},
{
"date": "2014-12-09T00:00:00",
"db": "BID",
"id": "71564"
},
{
"date": "2014-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005924"
},
{
"date": "2014-12-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-224"
},
{
"date": "2014-12-12T01:19:36.530000",
"db": "NVD",
"id": "CVE-2014-8448"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-224"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Unspecified JavaScript API Vulnerability in which important information is obtained",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005924"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-224"
}
],
"trust": 0.6
}
}
var-201510-0344
Vulnerability from variot
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted use of the value attribute, a different vulnerability than CVE-2015-6685, CVE-2015-6686, CVE-2015-6693, CVE-2015-6694, and CVE-2015-7622. This vulnerability CVE-2015-6685 , CVE-2015-6686 , CVE-2015-6693 , CVE-2015-6694 , CVE-2015-7622 ,and CVE-2015-7650 Is a different vulnerability.By the attacker, value Arbitrary code execution, or the denial of service, through the clever use of attributes ( Memory corruption ) There is a possibility of being put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the value attribute. By setting the value attribute to a specially crafted array an attacker can force a dangling pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute arbitrary code under the context of the current process. Adobe Acrobat and Reader are prone to multiple memory-corruption vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Security flaws exist in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0344",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-472"
},
{
"db": "BID",
"id": "77069"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005252"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-208"
},
{
"db": "NVD",
"id": "CVE-2015-6695"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005252"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-472"
}
],
"trust": 0.7
},
"cve": "CVE-2015-6695",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6695",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.7,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-6695",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84656",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6695",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6695",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-6695",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-208",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-84656",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-472"
},
{
"db": "VULHUB",
"id": "VHN-84656"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005252"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-208"
},
{
"db": "NVD",
"id": "CVE-2015-6695"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted use of the value attribute, a different vulnerability than CVE-2015-6685, CVE-2015-6686, CVE-2015-6693, CVE-2015-6694, and CVE-2015-7622. This vulnerability CVE-2015-6685 , CVE-2015-6686 , CVE-2015-6693 , CVE-2015-6694 , CVE-2015-7622 ,and CVE-2015-7650 Is a different vulnerability.By the attacker, value Arbitrary code execution, or the denial of service, through the clever use of attributes ( Memory corruption ) There is a possibility of being put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the value attribute. By setting the value attribute to a specially crafted array an attacker can force a dangling pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute arbitrary code under the context of the current process. Adobe Acrobat and Reader are prone to multiple memory-corruption vulnerabilities. Failed exploit attempts will likely cause a denial-of-service condition. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Security flaws exist in several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6695"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005252"
},
{
"db": "ZDI",
"id": "ZDI-15-472"
},
{
"db": "BID",
"id": "77069"
},
{
"db": "VULHUB",
"id": "VHN-84656"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6695",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-472",
"trust": 2.7
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005252",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3016",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-208",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-15-471",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-466",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-467",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-15-473",
"trust": 0.3
},
{
"db": "BID",
"id": "77069",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84656",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-472"
},
{
"db": "VULHUB",
"id": "VHN-84656"
},
{
"db": "BID",
"id": "77069"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005252"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-208"
},
{
"db": "NVD",
"id": "CVE-2015-6695"
}
]
},
"id": "VAR-201510-0344",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84656"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:33:32.692000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product Buffer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58057"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-472"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005252"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-208"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84656"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005252"
},
{
"db": "NVD",
"id": "CVE-2015-6695"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-472"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6695"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6695"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-467/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-466/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-473/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-471/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-472/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-472"
},
{
"db": "VULHUB",
"id": "VHN-84656"
},
{
"db": "BID",
"id": "77069"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005252"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-208"
},
{
"db": "NVD",
"id": "CVE-2015-6695"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-472"
},
{
"db": "VULHUB",
"id": "VHN-84656"
},
{
"db": "BID",
"id": "77069"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005252"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-208"
},
{
"db": "NVD",
"id": "CVE-2015-6695"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-472"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84656"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77069"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005252"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-208"
},
{
"date": "2015-10-14T23:59:16.957000",
"db": "NVD",
"id": "CVE-2015-6695"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-472"
},
{
"date": "2020-05-18T00:00:00",
"db": "VULHUB",
"id": "VHN-84656"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77069"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005252"
},
{
"date": "2020-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-208"
},
{
"date": "2021-09-08T17:19:31.730000",
"db": "NVD",
"id": "CVE-2015-6695"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-208"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005252"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-208"
}
],
"trust": 0.6
}
}
var-201006-1200
Vulnerability from variot
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified manipulations involving the newclass (0x58) operator and an "invalid pointer vulnerability" that triggers memory corruption, a different vulnerability than CVE-2010-2168 and CVE-2010-2201. This vulnerability CVE-2010-2168 and CVE-2010-2201 Is a different vulnerability.An attacker could execute arbitrary code. Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. Adobe Reader and Acrobat versions prior to and including 9.3.2 and 8.2.2 are affected. NOTE: This issue was previously covered in BID 41130 (Adobe Acrobat and Reader Prior to 9.3.3 Multiple Remote Vulnerabilities) but has been given its own record to better document it. They are used to create, view, search, digitally sign, verify, print, and collaborate on Adobe PDF files."
II.
This vulnerability is caused by a memory corruption error when processing the "newclass" operator (bytecode 0x58) while parsing Flash content within a PDF document, which could be exploited by attackers to execute arbitrary code by tricking a user into opening a malicious PDF file. Binary Analysis & Proof-of-concept
In-depth binary analysis of the vulnerability and a code execution exploit are available through the VUPEN Binary Analysis & Exploits Service :
http://www.vupen.com/english/services/ba-index.php
V.
VI. CREDIT
This vulnerability was discovered by Nicolas Joly of VUPEN Security
VII. ABOUT VUPEN Security
VUPEN is a leading IT security research company providing vulnerability management and security intelligence solutions which enable enterprises and institutions to eliminate vulnerabilities before they can be exploited, ensure security policy compliance and meaningfully measure and manage risks.
Governmental and federal agencies, and global enterprises in the financial services, insurance, manufacturing and technology industries rely on VUPEN to improve their security, prioritize resources, cut time and costs, and stay ahead of the latest threats.
-
VUPEN Vulnerability Notification Service (VNS) : http://www.vupen.com/english/services/vns-index.php
-
VUPEN Binary Analysis & Exploits Service (BAE) : http://www.vupen.com/english/services/ba-index.php
-
VUPEN Threat Protection Program for Govs (TPP) : http://www.vupen.com/english/services/tpp-index.php
-
VUPEN Web Application Security Scanner (WASS) : http://www.vupen.com/english/services/wass-index.php
VIII. REFERENCES
http://www.vupen.com/english/advisories/2010/1636 http://www.adobe.com/support/security/bulletins/apsb10-15.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285
IX. DISCLOSURE TIMELINE
2009-09-06 - Vendor notified 2009-09-06 - Vendor response 2010-03-08 - Status update received 2010-06-20 - Status update received 2010-06-29 - Coordinated public Disclosure . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201009-05
http://security.gentoo.org/
Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: September 07, 2010 Bugs: #297385, #306429, #313343, #322857 ID: 201009-05
Synopsis
Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code or other attacks. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.3.4"
References
[ 1 ] APSA10-01 http://www.adobe.com/support/security/advisories/apsa10-01.html [ 2 ] APSB10-02 http://www.adobe.com/support/security/bulletins/apsb10-02.html [ 3 ] APSB10-07 http://www.adobe.com/support/security/bulletins/apsb10-07.html [ 4 ] APSB10-09 http://www.adobe.com/support/security/bulletins/apsb10-09.html [ 5 ] APSB10-14 http://www.adobe.com/support/security/bulletins/apsb10-14.html [ 6 ] APSB10-16 http://www.adobe.com/support/security/bulletins/apsb10-16.html [ 7 ] CVE-2009-3953 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953 [ 8 ] CVE-2009-4324 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324 [ 9 ] CVE-2010-0186 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186 [ 10 ] CVE-2010-0188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188 [ 11 ] CVE-2010-0190 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190 [ 12 ] CVE-2010-0191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191 [ 13 ] CVE-2010-0192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192 [ 14 ] CVE-2010-0193 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193 [ 15 ] CVE-2010-0194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194 [ 16 ] CVE-2010-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195 [ 17 ] CVE-2010-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196 [ 18 ] CVE-2010-0197 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197 [ 19 ] CVE-2010-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198 [ 20 ] CVE-2010-0199 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199 [ 21 ] CVE-2010-0201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201 [ 22 ] CVE-2010-0202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202 [ 23 ] CVE-2010-0203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203 [ 24 ] CVE-2010-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204 [ 25 ] CVE-2010-1241 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241 [ 26 ] CVE-2010-1285 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285 [ 27 ] CVE-2010-1295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295 [ 28 ] CVE-2010-1297 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297 [ 29 ] CVE-2010-2168 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168 [ 30 ] CVE-2010-2201 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201 [ 31 ] CVE-2010-2202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202 [ 32 ] CVE-2010-2203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203 [ 33 ] CVE-2010-2204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204 [ 34 ] CVE-2010-2205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205 [ 35 ] CVE-2010-2206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206 [ 36 ] CVE-2010-2207 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207 [ 37 ] CVE-2010-2208 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208 [ 38 ] CVE-2010-2209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209 [ 39 ] CVE-2010-2210 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210 [ 40 ] CVE-2010-2211 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211 [ 41 ] CVE-2010-2212 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201009-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. ----------------------------------------------------------------------
Secunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management
Free webinars
http://secunia.com/vulnerability_scanning/corporate/webinars/
TITLE: Adobe Flash Player Unspecified Code Execution Vulnerability
SECUNIA ADVISORY ID: SA40026
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/40026/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=40026
RELEASE DATE: 2010-06-05
DISCUSS ADVISORY: http://secunia.com/advisories/40026/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/40026/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=40026
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an unspecified error. No more information is currently available.
The vulnerability is reported in version 10.0.45.2 and prior 10.0.x and 9.0.x versions for Windows, Macintosh, Linux, and Solaris.
NOTE: The vulnerability is reportedly being actively exploited.
SOLUTION: Reportedly, the latest version 10.1 Release Candidate is not affected.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day.
ORIGINAL ADVISORY: Adobe: http://www.adobe.com/support/security/advisories/apsa10-01.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA10-159A
Adobe Flash, Reader, and Acrobat Vulnerability
Original release date: June 08, 2010 Last revised: -- Source: US-CERT
Systems Affected
* Adobe Flash Player 10.0.45.2 and earlier 10.x versions
* Adobe Flash Player 9.0.262 and earlier 9.x versions
* Adobe Reader 9.3.2 and earlier 9.x versions
* Adobe Acrobat 9.3.2 and earlier 9.x versions
Other Adobe products that support Flash may also be vulnerable. This
vulnerability affects Flash Player, Reader, Acrobat, and possibly other products that support Flash.
I. It may also affect other products that independently support Flash, such as Photoshop, Photoshop Lightroom, Freehand MX, and Fireworks.
An attacker could exploit this vulnerability by convincing a user to open specially crafted Flash content. Flash content is commonly hosted on a web page, but it can also be embedded in PDF and other documents or provided as a stand-alone file.
II.
III. Solution
Update
Adobe Security Advisory APSA10-01 suggests updating to the release candidate of Flash Player 10.1.
Disable Flash in your web browser
Uninstall Flash or restrict which sites are allowed to run Flash. To the extent possible, only run trusted Flash content on trusted domains. For more information, see Securing Your Web Browser.
Disable Flash in Adobe Reader and Acrobat
Disabling Flash in Adobe Reader will mitigate attacks that rely on Flash content embedded in a PDF file. Disabling 3D & Multimedia support does not directly address the vulnerability, but it does provide additional mitigation and results in a more user-friendly error message instead of a crash. To disable Flash and 3D & Multimedia support in Adobe Reader 9, delete, rename, or remove access to these files:
Microsoft Windows
"%ProgramFiles%\Adobe\Reader 9.0\Reader\authplay.dll"
"%ProgramFiles%\Adobe\Reader 9.0\Reader\rt3d.dll"
Apple Mac OS X
"/Applications/Adobe Reader 9/Adobe
Reader.app/Contents/Frameworks/AuthPlayLib.bundle"
"/Applications/Adobe Reader 9/Adobe
Reader.app/Contents/Frameworks/Adobe3D.framework"
GNU/Linux (locations may vary among distributions)
"/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so"
"/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so"
File locations may be different for Adobe Acrobat or other Adobe products that include Flash and 3D & Multimedia support. Disabling these plugins will reduce functionality and will not protect against Flash content hosted on websites. Depending on the update schedule for products other than Flash Player, consider leaving Flash and 3D & Multimedia support disabled unless they are absolutely required.
Prevent Internet Explorer from automatically opening PDF documents
The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\AcroExch.Document.7]
"EditFlags"=hex:00,00,00,00
Disable the display of PDF documents in the web browser
Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.
To prevent PDF documents from automatically being opened in a web browser, do the following:
1.
2. Open the Edit menu.
3. Choose the Preferences option.
4. Choose the Internet section.
5. Uncheck the "Display PDF in browser" checkbox.
Disable JavaScript in Adobe Reader and Acrobat
Disabling JavaScript provides some additional protection against attacks. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).
Enable DEP in Microsoft Windows
Consider enabling Data Execution Prevention (DEP) in supported versions of Windows. DEP should not be treated as a complete workaround, but it can mitigate the execution of attacker-supplied code in some cases. Microsoft has published detailed technical information about DEP in Security Research & Defense blog posts "Understanding DEP as a mitigation technology" part 1 and part 2. Use of DEP should be considered in conjunction with the application of patches or other mitigations described in this document.
Do not access PDF documents from untrusted sources
Do not open unfamiliar or unexpected PDF documents, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.
IV. References
-
Security Advisory for Flash Player, Adobe Reader and Acrobat - http://www.adobe.com/support/security/advisories/apsa10-01.html
-
Adobe Labs - Flash Player 10 pre-release - http://labs.adobe.com/technologies/flashplayer10/
-
US-CERT Vulnerability Note VU#486225 - http://www.kb.cert.org/vuls/id/486225
-
Securing Your Web Browser - http://www.us-cert.gov/reading_room/securing_browser/
-
Understanding DEP as a mitigation technology part 1 - http://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx
-
Understanding DEP as a mitigation technology part 2 - http://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA10-159A.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA10-159A Feedback VU#486225" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
June 08, 2010: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBTA65yT6pPKYJORa3AQLS9wf/fh+7IwRtBvoPgn8pYeOsVheLkbVLWC3W miWUnY1acuPTwZzG5JcAldRHksFkx1j0mMEvp4PhtiTr51JFPi4XgDfrG4cEcVaw nuAqEV+hLAWZkMex/jWxBV+85tZqKN0kiUr3bq5DPsdkhjV7c2MFfS8BSxLXLuPm OFAXPT+XFldq6MJhYUOtWT1CIz6PNPfo68KmZaUThjdqkkBW3HQu90OSRf2c6M/u V6KBQf7QuhpPqYUqAZU6ZUNEfL/7g2BwvuPjUMlgE5N+Z8EYnhyhu0qDtZeLUcXA 2gH31VEr79DUHJqpb9jk61bi5Dm4gjHeLHoTAwu0IrduZzXvWncfIg== =ZPZM -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201006-1200",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "rhel supplementary eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.4.z (server)"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "BID",
"id": "41232"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001704"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-474"
},
{
"db": "NVD",
"id": "CVE-2010-1285"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001704"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nicolas Joly of VUPEN Vulnerability Research Team",
"sources": [
{
"db": "BID",
"id": "41232"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-474"
}
],
"trust": 0.9
},
"cve": "CVE-2010-1285",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-1285",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CARNEGIE MELLON",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 9.0,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 7.0,
"exploitability": "PROOF-OF-CONCEPT",
"exploitabilityScore": 8.6,
"id": "VU#486225",
"impactScore": 9.5,
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "OFFICIAL FIX",
"reportConfidence": "CONFIRMED",
"severity": "HIGH",
"targetDistribution": "NOT DEFINED",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-43890",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-1285",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#486225",
"trust": 0.8,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2010-1285",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201006-474",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-43890",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-43890"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001704"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-474"
},
{
"db": "NVD",
"id": "CVE-2010-1285"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified manipulations involving the newclass (0x58) operator and an \"invalid pointer vulnerability\" that triggers memory corruption, a different vulnerability than CVE-2010-2168 and CVE-2010-2201. This vulnerability CVE-2010-2168 and CVE-2010-2201 Is a different vulnerability.An attacker could execute arbitrary code. Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. \nAdobe Reader and Acrobat versions prior to and including 9.3.2 and 8.2.2 are affected. \nNOTE: This issue was previously covered in BID 41130 (Adobe Acrobat and Reader Prior to 9.3.3 Multiple Remote Vulnerabilities) but has been given its own record to better document it. They are used to create, view, search, digitally\nsign, verify, print, and collaborate on Adobe PDF files.\"\n\n\nII. \n\nThis vulnerability is caused by a memory corruption error when processing\nthe \"newclass\" operator (bytecode 0x58) while parsing Flash content within\na PDF document, which could be exploited by attackers to execute arbitrary\ncode by tricking a user into opening a malicious PDF file. Binary Analysis \u0026 Proof-of-concept\n---------------------------------------\n\nIn-depth binary analysis of the vulnerability and a code execution exploit\nare available through the VUPEN Binary Analysis \u0026 Exploits Service :\n\nhttp://www.vupen.com/english/services/ba-index.php\n\n\nV. \n\n\nVI. CREDIT\n--------------\n\nThis vulnerability was discovered by Nicolas Joly of VUPEN Security\n\n\nVII. ABOUT VUPEN Security\n---------------------------\n\nVUPEN is a leading IT security research company providing vulnerability\nmanagement and security intelligence solutions which enable enterprises\nand institutions to eliminate vulnerabilities before they can be exploited,\nensure security policy compliance and meaningfully measure and manage risks. \n\nGovernmental and federal agencies, and global enterprises in the financial\nservices, insurance, manufacturing and technology industries rely on VUPEN\nto improve their security, prioritize resources, cut time and costs, and\nstay ahead of the latest threats. \n\n* VUPEN Vulnerability Notification Service (VNS) :\nhttp://www.vupen.com/english/services/vns-index.php\n\n* VUPEN Binary Analysis \u0026 Exploits Service (BAE) :\nhttp://www.vupen.com/english/services/ba-index.php\n\n* VUPEN Threat Protection Program for Govs (TPP) :\nhttp://www.vupen.com/english/services/tpp-index.php\n\n* VUPEN Web Application Security Scanner (WASS) :\nhttp://www.vupen.com/english/services/wass-index.php\n\n\nVIII. REFERENCES\n----------------------\n\nhttp://www.vupen.com/english/advisories/2010/1636\nhttp://www.adobe.com/support/security/bulletins/apsb10-15.html\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285\n\n\nIX. DISCLOSURE TIMELINE\n-----------------------------\n\n2009-09-06 - Vendor notified\n2009-09-06 - Vendor response\n2010-03-08 - Status update received\n2010-06-20 - Status update received\n2010-06-29 - Coordinated public Disclosure\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201009-05\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Reader: Multiple vulnerabilities\n Date: September 07, 2010\n Bugs: #297385, #306429, #313343, #322857\n ID: 201009-05\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might result in the execution\nof arbitrary code or other attacks. For further\ninformation please consult the CVE entries and the Adobe Security\nBulletins referenced below. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.3.4\"\n\nReferences\n==========\n\n [ 1 ] APSA10-01\n http://www.adobe.com/support/security/advisories/apsa10-01.html\n [ 2 ] APSB10-02\n http://www.adobe.com/support/security/bulletins/apsb10-02.html\n [ 3 ] APSB10-07\n http://www.adobe.com/support/security/bulletins/apsb10-07.html\n [ 4 ] APSB10-09\n http://www.adobe.com/support/security/bulletins/apsb10-09.html\n [ 5 ] APSB10-14\n http://www.adobe.com/support/security/bulletins/apsb10-14.html\n [ 6 ] APSB10-16\n http://www.adobe.com/support/security/bulletins/apsb10-16.html\n [ 7 ] CVE-2009-3953\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3953\n [ 8 ] CVE-2009-4324\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4324\n [ 9 ] CVE-2010-0186\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186\n [ 10 ] CVE-2010-0188\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0188\n [ 11 ] CVE-2010-0190\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0190\n [ 12 ] CVE-2010-0191\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0191\n [ 13 ] CVE-2010-0192\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0192\n [ 14 ] CVE-2010-0193\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0193\n [ 15 ] CVE-2010-0194\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0194\n [ 16 ] CVE-2010-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0195\n [ 17 ] CVE-2010-0196\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0196\n [ 18 ] CVE-2010-0197\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0197\n [ 19 ] CVE-2010-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0198\n [ 20 ] CVE-2010-0199\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0199\n [ 21 ] CVE-2010-0201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0201\n [ 22 ] CVE-2010-0202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0202\n [ 23 ] CVE-2010-0203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0203\n [ 24 ] CVE-2010-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0204\n [ 25 ] CVE-2010-1241\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1241\n [ 26 ] CVE-2010-1285\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1285\n [ 27 ] CVE-2010-1295\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1295\n [ 28 ] CVE-2010-1297\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297\n [ 29 ] CVE-2010-2168\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2168\n [ 30 ] CVE-2010-2201\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2201\n [ 31 ] CVE-2010-2202\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2202\n [ 32 ] CVE-2010-2203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2203\n [ 33 ] CVE-2010-2204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2204\n [ 34 ] CVE-2010-2205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2205\n [ 35 ] CVE-2010-2206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2206\n [ 36 ] CVE-2010-2207\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2207\n [ 37 ] CVE-2010-2208\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2208\n [ 38 ] CVE-2010-2209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2209\n [ 39 ] CVE-2010-2210\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2210\n [ 40 ] CVE-2010-2211\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2211\n [ 41 ] CVE-2010-2212\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2212\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201009-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. ----------------------------------------------------------------------\n\n\nSecunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management\n\nFree webinars\n\nhttp://secunia.com/vulnerability_scanning/corporate/webinars/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player Unspecified Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA40026\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/40026/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026\n\nRELEASE DATE:\n2010-06-05\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/40026/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/40026/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in Adobe Flash Player, which can be\nexploited by malicious people to compromise a user\u0027s system. \n\nThe vulnerability is caused due to an unspecified error. No more\ninformation is currently available. \n\nThe vulnerability is reported in version 10.0.45.2 and prior 10.0.x\nand 9.0.x versions for Windows, Macintosh, Linux, and Solaris. \n\nNOTE: The vulnerability is reportedly being actively exploited. \n\nSOLUTION:\nReportedly, the latest version 10.1 Release Candidate is not\naffected. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\nReported as a 0-day. \n\nORIGINAL ADVISORY:\nAdobe:\nhttp://www.adobe.com/support/security/advisories/apsa10-01.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n National Cyber Alert System\n\n Technical Cyber Security Alert TA10-159A\n\n\nAdobe Flash, Reader, and Acrobat Vulnerability\n\n Original release date: June 08, 2010\n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n * Adobe Flash Player 10.0.45.2 and earlier 10.x versions\n * Adobe Flash Player 9.0.262 and earlier 9.x versions\n * Adobe Reader 9.3.2 and earlier 9.x versions\n * Adobe Acrobat 9.3.2 and earlier 9.x versions\n\n Other Adobe products that support Flash may also be vulnerable. This\n vulnerability affects Flash Player, Reader, Acrobat, and possibly\n other products that support Flash. \n\n\nI. It may\n also affect other products that independently support Flash, such\n as Photoshop, Photoshop Lightroom, Freehand MX, and Fireworks. \n\n An attacker could exploit this vulnerability by convincing a user\n to open specially crafted Flash content. Flash content is commonly\n hosted on a web page, but it can also be embedded in PDF and other\n documents or provided as a stand-alone file. \n\n\nII. \n\n\nIII. Solution\n\n Update\n\n Adobe Security Advisory APSA10-01 suggests updating to the release\n candidate of Flash Player 10.1. \n\n Disable Flash in your web browser\n\n Uninstall Flash or restrict which sites are allowed to run Flash. \n To the extent possible, only run trusted Flash content on trusted\n domains. For more information, see Securing Your Web Browser. \n\n Disable Flash in Adobe Reader and Acrobat\n\n Disabling Flash in Adobe Reader will mitigate attacks that rely on\n Flash content embedded in a PDF file. Disabling 3D \u0026 Multimedia\n support does not directly address the vulnerability, but it does\n provide additional mitigation and results in a more user-friendly\n error message instead of a crash. To disable Flash and 3D \u0026\n Multimedia support in Adobe Reader 9, delete, rename, or remove\n access to these files:\n\n Microsoft Windows\n\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\authplay.dll\"\n \"%ProgramFiles%\\Adobe\\Reader 9.0\\Reader\\rt3d.dll\"\n\n Apple Mac OS X\n\n \"/Applications/Adobe Reader 9/Adobe\n Reader.app/Contents/Frameworks/AuthPlayLib.bundle\"\n \"/Applications/Adobe Reader 9/Adobe\n Reader.app/Contents/Frameworks/Adobe3D.framework\"\n\n\n GNU/Linux (locations may vary among distributions)\n\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so\"\n \"/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so\"\n\n File locations may be different for Adobe Acrobat or other Adobe\n products that include Flash and 3D \u0026 Multimedia support. Disabling\n these plugins will reduce functionality and will not protect\n against Flash content hosted on websites. Depending on the update\n schedule for products other than Flash Player, consider leaving\n Flash and 3D \u0026 Multimedia support disabled unless they are\n absolutely required. \n\n Prevent Internet Explorer from automatically opening PDF documents\n\n The installer for Adobe Reader and Acrobat configures Internet\n Explorer to automatically open PDF files without any user\n interaction. This behavior can be reverted to a safer option that\n prompts the user by importing the following as a .REG file:\n\n Windows Registry Editor Version 5.00\n\n [HKEY_CLASSES_ROOT\\AcroExch.Document.7]\n \"EditFlags\"=hex:00,00,00,00\n\n Disable the display of PDF documents in the web browser\n\n Preventing PDF documents from opening inside a web browser will\n partially mitigate this vulnerability. If this workaround is\n applied, it may also mitigate future vulnerabilities. \n\n To prevent PDF documents from automatically being opened in a web\n browser, do the following:\n\n 1. \n 2. Open the Edit menu. \n 3. Choose the Preferences option. \n 4. Choose the Internet section. \n 5. Uncheck the \"Display PDF in browser\" checkbox. \n\n Disable JavaScript in Adobe Reader and Acrobat\n\n Disabling JavaScript provides some additional protection against\n attacks. Acrobat JavaScript can be disabled using the Preferences\n menu (Edit -\u003e Preferences -\u003e JavaScript; uncheck Enable Acrobat\n JavaScript). \n\n Enable DEP in Microsoft Windows\n\n Consider enabling Data Execution Prevention (DEP) in supported\n versions of Windows. DEP should not be treated as a complete\n workaround, but it can mitigate the execution of attacker-supplied\n code in some cases. Microsoft has published detailed technical\n information about DEP in Security Research \u0026 Defense blog posts\n \"Understanding DEP as a mitigation technology\" part 1 and part 2. \n Use of DEP should be considered in conjunction with the application\n of patches or other mitigations described in this document. \n\n Do not access PDF documents from untrusted sources\n\n Do not open unfamiliar or unexpected PDF documents, particularly\n those hosted on websites or delivered as email attachments. Please\n see Cyber Security Tip ST04-010. \n\n\nIV. References\n\n * Security Advisory for Flash Player, Adobe Reader and Acrobat -\n \u003chttp://www.adobe.com/support/security/advisories/apsa10-01.html\u003e\n\n * Adobe Labs - Flash Player 10 pre-release -\n \u003chttp://labs.adobe.com/technologies/flashplayer10/\u003e\n\n * US-CERT Vulnerability Note VU#486225 -\n \u003chttp://www.kb.cert.org/vuls/id/486225\u003e\n\n * Securing Your Web Browser -\n \u003chttp://www.us-cert.gov/reading_room/securing_browser/\u003e\n\n * Understanding DEP as a mitigation technology part 1 -\n \u003chttp://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx\u003e\n\n * Understanding DEP as a mitigation technology part 2 -\n \u003chttp://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx\u003e\n\n ____________________________________________________________________\n\n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA10-159A.html\u003e\n ____________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-159A Feedback VU#486225\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n\n June 08, 2010: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBTA65yT6pPKYJORa3AQLS9wf/fh+7IwRtBvoPgn8pYeOsVheLkbVLWC3W\nmiWUnY1acuPTwZzG5JcAldRHksFkx1j0mMEvp4PhtiTr51JFPi4XgDfrG4cEcVaw\nnuAqEV+hLAWZkMex/jWxBV+85tZqKN0kiUr3bq5DPsdkhjV7c2MFfS8BSxLXLuPm\nOFAXPT+XFldq6MJhYUOtWT1CIz6PNPfo68KmZaUThjdqkkBW3HQu90OSRf2c6M/u\nV6KBQf7QuhpPqYUqAZU6ZUNEfL/7g2BwvuPjUMlgE5N+Z8EYnhyhu0qDtZeLUcXA\n2gH31VEr79DUHJqpb9jk61bi5Dm4gjHeLHoTAwu0IrduZzXvWncfIg==\n=ZPZM\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-1285"
},
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001704"
},
{
"db": "BID",
"id": "41232"
},
{
"db": "VULHUB",
"id": "VHN-43890"
},
{
"db": "PACKETSTORM",
"id": "91354"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
}
],
"trust": 3.06
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.kb.cert.org/vuls/id/486225",
"trust": 0.8,
"type": "poc"
},
{
"reference": "https://www.scap.org.cn/vuln/vhn-43890",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-43890"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-1285",
"trust": 3.0
},
{
"db": "BID",
"id": "41232",
"trust": 2.2
},
{
"db": "VUPEN",
"id": "ADV-2010-1636",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1024159",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "40026",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#486225",
"trust": 0.9
},
{
"db": "USCERT",
"id": "TA10-159A",
"trust": 0.9
},
{
"db": "USCERT",
"id": "SA10-162A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "TA10-162A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA10-159A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001704",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201006-474",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "91354",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-43890",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "93607",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90322",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90516",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-43890"
},
{
"db": "BID",
"id": "41232"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001704"
},
{
"db": "PACKETSTORM",
"id": "91354"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-474"
},
{
"db": "NVD",
"id": "CVE-2010-1285"
}
]
},
"id": "VAR-201006-1200",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-43890"
}
],
"trust": 0.01
},
"last_update_date": "2024-09-09T22:30:20.729000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-15",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"
},
{
"title": "APSB10-15",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-15.html"
},
{
"title": "RHSA-2010:0503",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0503.html"
},
{
"title": "TA10-159A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-159a.html"
},
{
"title": "TA10-162A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-162a.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001704"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
},
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-43890"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001704"
},
{
"db": "NVD",
"id": "CVE-2010-1285"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"
},
{
"trust": 2.0,
"url": "http://www.vupen.com/english/advisories/2010/1636"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/41232"
},
{
"trust": 1.8,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/512099"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a6725"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1024159"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1285"
},
{
"trust": 0.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
},
{
"trust": 0.8,
"url": "http://www.adobe.com/devnet/actionscript/articles/avm2overview.pdf"
},
{
"trust": 0.8,
"url": "http://labs.adobe.com/technologies/flashplayer10/"
},
{
"trust": 0.8,
"url": "http://blog.zynamics.com/2010/06/09/analyzing-the-currently-exploited-0-day-for-adobe-reader-and-adobe-flash/"
},
{
"trust": 0.8,
"url": "http://www.symantec.com/connect/blogs/analysis-zero-day-exploit-adobe-flash-and-reader"
},
{
"trust": 0.8,
"url": "http://community.websense.com/blogs/securitylabs/archive/2010/06/09/having-fun-with-adobe-0-day-exploits.aspx"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/40026"
},
{
"trust": 0.8,
"url": "http://www.f-secure.com/weblog/archives/00001962.html"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20100611-adobe.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100015.txt"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2010/at100017.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-159a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-162a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-16"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1285"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-159a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa10-162a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-159a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-162a.html"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "/archive/1/512099"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/services/wass-index.php"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1285"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/research.php"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/services/ba-index.php"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/services/tpp-index.php"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/services/vns-index.php"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2203"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2209"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0188"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0199"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201009-05.xml"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2205"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2211"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0199"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0186"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0190"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4324"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0202"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2210"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0197"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0188"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0198"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0191"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-07.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1297"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1241"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1295"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0192"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3953"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0203"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2208"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0190"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0198"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2207"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2168"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0201"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2201"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-09.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-16.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0186"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2212"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40026/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/webinars/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40026"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40026/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/advisories/apsa10-01.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/486225\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-159a.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://blogs.technet.com/b/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx\u003e"
},
{
"trust": 0.1,
"url": "http://labs.adobe.com/technologies/flashplayer10/\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/reading_room/securing_browser/\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx\u003e"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-43890"
},
{
"db": "BID",
"id": "41232"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001704"
},
{
"db": "PACKETSTORM",
"id": "91354"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-474"
},
{
"db": "NVD",
"id": "CVE-2010-1285"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#486225"
},
{
"db": "VULHUB",
"id": "VHN-43890"
},
{
"db": "BID",
"id": "41232"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001704"
},
{
"db": "PACKETSTORM",
"id": "91354"
},
{
"db": "PACKETSTORM",
"id": "93607"
},
{
"db": "PACKETSTORM",
"id": "90322"
},
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-474"
},
{
"db": "NVD",
"id": "CVE-2010-1285"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-06-07T00:00:00",
"db": "CERT/CC",
"id": "VU#486225"
},
{
"date": "2010-06-30T00:00:00",
"db": "VULHUB",
"id": "VHN-43890"
},
{
"date": "2010-06-29T00:00:00",
"db": "BID",
"id": "41232"
},
{
"date": "2010-07-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001704"
},
{
"date": "2010-07-01T05:42:52",
"db": "PACKETSTORM",
"id": "91354"
},
{
"date": "2010-09-08T05:23:46",
"db": "PACKETSTORM",
"id": "93607"
},
{
"date": "2010-06-07T11:14:28",
"db": "PACKETSTORM",
"id": "90322"
},
{
"date": "2010-06-12T04:47:27",
"db": "PACKETSTORM",
"id": "90516"
},
{
"date": "2010-06-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-474"
},
{
"date": "2010-06-30T18:30:01.380000",
"db": "NVD",
"id": "CVE-2010-1285"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-03-28T00:00:00",
"db": "CERT/CC",
"id": "VU#486225"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-43890"
},
{
"date": "2015-03-19T08:35:00",
"db": "BID",
"id": "41232"
},
{
"date": "2010-07-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001704"
},
{
"date": "2011-07-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-474"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2010-1285"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "90516"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-474"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash ActionScript AVM2 newfunction vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#486225"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201006-474"
}
],
"trust": 0.6
}
}
cve-2022-28266
Vulnerability from cvelistv5
Published
2022-05-11 17:57
Modified
2024-09-17 02:12
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.900Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:57:07",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28266",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28266",
"datePublished": "2022-05-11T17:57:07.416981Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-17T02:12:11.095Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-34239
Vulnerability from cvelistv5
Published
2022-07-15 15:36
Modified
2025-04-23 17:59
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-32.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:07:14.392Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-34239",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:05:55.143581Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T17:59:56.927Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20142",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30334",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30229",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-07-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-15T15:36:18.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-07-12T23:00:00.000Z",
"ID": "CVE-2022-34239",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20142"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.30334"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30229"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-34239",
"datePublished": "2022-07-15T15:36:18.270Z",
"dateReserved": "2022-06-21T00:00:00.000Z",
"dateUpdated": "2025-04-23T17:59:56.927Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-21036
Vulnerability from cvelistv5
Published
2021-02-11 19:42
Modified
2024-09-17 04:20
Severity ?
EPSS score ?
Summary
Acrobat Reader DC Integer Overflow Vulnerability Could Lead To Arbitrary Code Execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-09.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:01:12.624Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.013.20074",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30018",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30188",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Integer Overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "Integer Overflow or Wraparound (CWE-190)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-11T19:42:21",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader DC Integer Overflow Vulnerability Could Lead To Arbitrary Code Execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21036",
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC Integer Overflow Vulnerability Could Lead To Arbitrary Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.013.20074"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30018"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30188"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Integer Overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "None",
"attackVector": "None",
"availabilityImpact": "None",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "None",
"userInteraction": "None",
"vectorString": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer Overflow or Wraparound (CWE-190)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-21036",
"datePublished": "2021-02-11T19:42:21.842267Z",
"dateReserved": "2020-12-18T00:00:00",
"dateUpdated": "2024-09-17T04:20:17.631Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-44739
Vulnerability from cvelistv5
Published
2022-01-14 19:05
Modified
2024-09-16 20:02
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC add-on (AxAcroPDFLib.AxAcroPDF) src NTLMv2 SSO Auth leak vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-01.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:32:12.235Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "21.007.20099",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.004.30017",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.011.30204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC ActiveX Control versions 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issue requires user interaction in that a victim must open a maliciously crafted Microsoft Office file, or visit an attacker controlled web page."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Information Exposure (CWE-200)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-14T19:05:27",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC add-on (AxAcroPDFLib.AxAcroPDF) src NTLMv2 SSO Auth leak vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-01-11T23:00:00.000Z",
"ID": "CVE-2021-44739",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC add-on (AxAcroPDFLib.AxAcroPDF) src NTLMv2 SSO Auth leak vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "21.007.20099"
},
{
"version_affected": "\u003c=",
"version_value": "20.004.30017"
},
{
"version_affected": "\u003c=",
"version_value": "17.011.30204"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC ActiveX Control versions 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issue requires user interaction in that a victim must open a maliciously crafted Microsoft Office file, or visit an attacker controlled web page."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "High",
"attackVector": "Network",
"availabilityImpact": "None",
"baseScore": 3.1,
"baseSeverity": "Low",
"confidentialityImpact": "Low",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Exposure (CWE-200)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-44739",
"datePublished": "2022-01-14T19:05:27.580964Z",
"dateReserved": "2021-12-08T00:00:00",
"dateUpdated": "2024-09-16T20:02:34.318Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-39422
Vulnerability from cvelistv5
Published
2024-08-14 15:07
Modified
2024-08-15 03:55
Severity ?
EPSS score ?
Summary
ZDI-CAN-24090: New Vulnerability Report - Use-after-free remote code execution vulnerability in Adobe Acrobat Reader DC
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-57.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20991",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20964",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "20.005.30636",
"status": "affected",
"version": "20.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "20.005.30635",
"status": "affected",
"version": "20.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30636",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30635",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20964",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20991",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39422",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-14T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-15T03:55:53.237Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-08-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T15:07:31.068Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-24090: New Vulnerability Report - Use-after-free remote code execution vulnerability in Adobe Acrobat Reader DC"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-39422",
"datePublished": "2024-08-14T15:07:31.068Z",
"dateReserved": "2024-06-24T20:32:06.595Z",
"dateUpdated": "2024-08-15T03:55:53.237Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-39425
Vulnerability from cvelistv5
Published
2024-08-14 15:07
Modified
2024-08-15 03:55
Severity ?
EPSS score ?
Summary
Security vulnerability in AdobeARMHelper
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-57.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20991",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20964",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "20.005.30636",
"status": "affected",
"version": "20.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "20.005.30635",
"status": "affected",
"version": "20.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30636",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30635",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20964",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20991",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39425",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-14T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-15T03:55:56.990Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-08-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to privilege escalation. Exploitation of this issue require local low-privilege access to the affected system and attack complexity is high."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "HIGH",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "LOW",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "NONE",
"privilegesRequired": "LOW",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "Time-of-check Time-of-use (TOCTOU) Race Condition (CWE-367)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T15:07:23.644Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Security vulnerability in AdobeARMHelper"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-39425",
"datePublished": "2024-08-14T15:07:23.644Z",
"dateReserved": "2024-06-24T20:32:06.595Z",
"dateUpdated": "2024-08-15T03:55:56.990Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-27802
Vulnerability from cvelistv5
Published
2022-05-11 17:24
Modified
2024-09-16 20:58
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:59.800Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:24:41",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-27802",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-27802",
"datePublished": "2022-05-11T17:24:41.039398Z",
"dateReserved": "2022-03-23T00:00:00",
"dateUpdated": "2024-09-16T20:58:02.479Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-44356
Vulnerability from cvelistv5
Published
2023-11-16 09:52
Modified
2024-09-11 13:46
Severity ?
EPSS score ?
Summary
ZDI-CAN-21956: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:07:32.179Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-44356",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-11T13:46:21.309426Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T13:46:42.884Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.006.20360",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-11-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T15:54:30.522Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21956: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-44356",
"datePublished": "2023-11-16T09:52:57.281Z",
"dateReserved": "2023-09-28T16:25:40.452Z",
"dateUpdated": "2024-09-11T13:46:42.884Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-39850
Vulnerability from cvelistv5
Published
2021-09-29 15:38
Modified
2024-09-16 19:42
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Null Pointer Dereference Could Lead To Application Denial-of-Service
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-55.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:20:33.378Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "DC 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.0-Classic 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.0-Classic 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "NULL Pointer Dereference (CWE-476)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-06T15:25:15",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Null Pointer Dereference Could Lead To Application Denial-of-Service",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-09-14T23:00:00.000Z",
"ID": "CVE-2021-39850",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Null Pointer Dereference Could Lead To Application Denial-of-Service"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "DC 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "20.0-Classic 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "17.0-Classic 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NULL Pointer Dereference (CWE-476)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-39850",
"datePublished": "2021-09-29T15:38:54.757062Z",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-09-16T19:42:00.771Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-34220
Vulnerability from cvelistv5
Published
2022-07-15 15:33
Modified
2024-09-17 02:16
Severity ?
EPSS score ?
Summary
Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-32.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T08:16:17.315Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20142",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30334",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30229",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-15T15:33:40",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-07-12T23:00:00.000Z",
"ID": "CVE-2022-34220",
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20142"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.30334"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30229"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-34220",
"datePublished": "2022-07-15T15:33:40.388709Z",
"dateReserved": "2022-06-21T00:00:00",
"dateUpdated": "2024-09-17T02:16:25.504Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-44517
Vulnerability from cvelistv5
Published
2024-12-18 23:28
Modified
2024-12-19 16:39
Severity ?
EPSS score ?
Summary
Acrobat Reader | Out-of-bounds Read (CWE-125)
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-44517",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-19T16:26:29.505695Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-19T16:39:25.153Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2022-04-12T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-18T23:28:16.489Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader | Out-of-bounds Read (CWE-125)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-44517",
"datePublished": "2024-12-18T23:28:16.489Z",
"dateReserved": "2022-10-31T16:22:11.210Z",
"dateUpdated": "2024-12-19T16:39:25.153Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-28554
Vulnerability from cvelistv5
Published
2021-08-24 17:50
Modified
2024-09-16 18:14
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Path Parsing Out-Of-Bounds Read could lead to arbitrary code execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-29.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:47:32.659Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2021.001.20155",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30025",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30196",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-05-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2021.001.20155 (and earlier), 2020.001.30025 (and earlier) and 2017.011.30196 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-24T17:50:33",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Path Parsing Out-Of-Bounds Read could lead to arbitrary code execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-05-25T23:00:00.000Z",
"ID": "CVE-2021-28554",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Path Parsing Out-Of-Bounds Read could lead to arbitrary code execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2021.001.20155"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30025"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30196"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2021.001.20155 (and earlier), 2020.001.30025 (and earlier) and 2017.011.30196 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "None",
"attackVector": "None",
"availabilityImpact": "None",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "None",
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-28554",
"datePublished": "2021-08-24T17:50:33.957091Z",
"dateReserved": "2021-03-16T00:00:00",
"dateUpdated": "2024-09-16T18:14:41.567Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-28562
Vulnerability from cvelistv5
Published
2021-06-28 13:45
Modified
2024-09-16 17:39
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader use-after-free could lead to arbitrary code execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-29.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:47:32.679Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.001.30020",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.001.20150",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30194",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-05-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a Use After Free vulnerability when executing search queries through Javascript. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-28T13:45:30",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader use-after-free could lead to arbitrary code execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-05-11T23:00:00.000Z",
"ID": "CVE-2021-28562",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader use-after-free could lead to arbitrary code execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.001.30020"
},
{
"version_affected": "\u003c=",
"version_value": "2021.001.20150"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30194"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a Use After Free vulnerability when executing search queries through Javascript. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-28562",
"datePublished": "2021-06-28T13:45:30.250294Z",
"dateReserved": "2021-03-16T00:00:00",
"dateUpdated": "2024-09-16T17:39:11.195Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28240
Vulnerability from cvelistv5
Published
2022-05-11 17:35
Modified
2024-09-16 21:03
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.882Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:35:36",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28240",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28240",
"datePublished": "2022-05-11T17:35:36.954632Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-16T21:03:37.303Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-21039
Vulnerability from cvelistv5
Published
2021-02-11 19:42
Modified
2024-09-16 18:34
Severity ?
EPSS score ?
Summary
Acrobat Reader DC Use-After-Free Vulnerability Could Lead To Arbitrary Code Execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-09.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:01:12.499Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.013.20074",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30018",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30188",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-11T19:42:21",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader DC Use-After-Free Vulnerability Could Lead To Arbitrary Code Execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21039",
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC Use-After-Free Vulnerability Could Lead To Arbitrary Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.013.20074"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30018"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30188"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "None",
"attackVector": "None",
"availabilityImpact": "None",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "None",
"userInteraction": "None",
"vectorString": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-21039",
"datePublished": "2021-02-11T19:42:21.646506Z",
"dateReserved": "2020-12-18T00:00:00",
"dateUpdated": "2024-09-16T18:34:15.275Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-44371
Vulnerability from cvelistv5
Published
2023-11-16 09:52
Modified
2024-12-18 18:11
Severity ?
EPSS score ?
Summary
ZDI-CAN-21998: Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:07:32.788Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-44371",
"options": [
{
"Exploitation": "None"
},
{
"Automatable": "No"
},
{
"Technical Impact": "Total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-18T18:10:53.784130Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-18T18:11:13.697Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.006.20360",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-11-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-16T09:52:50.364Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21998: Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-44371",
"datePublished": "2023-11-16T09:52:50.364Z",
"dateReserved": "2023-09-28T16:25:40.455Z",
"dateUpdated": "2024-12-18T18:11:13.697Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28248
Vulnerability from cvelistv5
Published
2022-05-11 17:42
Modified
2024-09-17 01:25
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.881Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:42:45",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28248",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28248",
"datePublished": "2022-05-11T17:42:45.690090Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-17T01:25:33.523Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-40723
Vulnerability from cvelistv5
Published
2023-09-07 12:54
Modified
2024-08-04 02:51
Severity ?
EPSS score ?
Summary
Acrobat Reader DC Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-09.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:51:06.622Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2017.011.30188",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2021-02-09T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-07T12:54:31.513Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader DC Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-40723",
"datePublished": "2023-09-07T12:54:31.513Z",
"dateReserved": "2021-09-08T16:58:12.658Z",
"dateUpdated": "2024-08-04T02:51:06.622Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28238
Vulnerability from cvelistv5
Published
2022-05-11 17:33
Modified
2024-09-17 00:31
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.863Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:33:48",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28238",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28238",
"datePublished": "2022-05-11T17:33:48.396330Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-17T00:31:47.108Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-39383
Vulnerability from cvelistv5
Published
2024-08-14 15:07
Modified
2024-08-15 03:55
Severity ?
EPSS score ?
Summary
PoC sample of unknown vulnerability detected by EXPMON system
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-57.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20991",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20964",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "20.005.30636",
"status": "affected",
"version": "20.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "20.005.30635",
"status": "affected",
"version": "20.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30636",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30635",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20964",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20991",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39383",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-14T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-15T03:55:52.012Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-08-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T15:07:24.407Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "PoC sample of unknown vulnerability detected by EXPMON system"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-39383",
"datePublished": "2024-08-14T15:07:24.407Z",
"dateReserved": "2024-06-24T20:32:06.587Z",
"dateUpdated": "2024-08-15T03:55:52.012Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-38238
Vulnerability from cvelistv5
Published
2023-08-10 13:17
Modified
2024-08-02 17:30
Severity ?
EPSS score ?
Summary
ZDI-CAN-21243: Adobe Acrobat Reader DC Font Parsing Use-After-Free Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-30.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:14.169Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.003.20244",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-08-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by a Use-After-Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-10T13:17:37.123Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21243: Adobe Acrobat Reader DC Font Parsing Use-After-Free Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-38238",
"datePublished": "2023-08-10T13:17:37.123Z",
"dateReserved": "2023-07-13T16:21:52.616Z",
"dateUpdated": "2024-08-02T17:30:14.169Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-44702
Vulnerability from cvelistv5
Published
2022-01-14 19:05
Modified
2024-09-17 00:46
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC add-on (AxAcroPDFLib.AxAcroPDF) for Internet Explorer LoadFile NTLMv2 SSO Auth leak vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-01.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:25:17.098Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "21.007.20099",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.004.30017",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.011.30204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC ActiveX Control versions 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issue requires user interaction in that a victim must visit an attacker controlled web page."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Information Exposure (CWE-200)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-14T19:05:24",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC add-on (AxAcroPDFLib.AxAcroPDF) for Internet Explorer LoadFile NTLMv2 SSO Auth leak vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-01-11T23:00:00.000Z",
"ID": "CVE-2021-44702",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC add-on (AxAcroPDFLib.AxAcroPDF) for Internet Explorer LoadFile NTLMv2 SSO Auth leak vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "21.007.20099"
},
{
"version_affected": "\u003c=",
"version_value": "20.004.30017"
},
{
"version_affected": "\u003c=",
"version_value": "17.011.30204"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC ActiveX Control versions 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issue requires user interaction in that a victim must visit an attacker controlled web page."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "High",
"attackVector": "Network",
"availabilityImpact": "None",
"baseScore": 3.1,
"baseSeverity": "Low",
"confidentialityImpact": "Low",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Exposure (CWE-200)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-44702",
"datePublished": "2022-01-14T19:05:24.866731Z",
"dateReserved": "2021-12-07T00:00:00",
"dateUpdated": "2024-09-17T00:46:50.940Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-49534
Vulnerability from cvelistv5
Published
2024-12-10 19:54
Modified
2024-12-11 12:04
Severity ?
EPSS score ?
Summary
Acrobat Reader | Out-of-bounds Read (CWE-125)
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-92.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-49534",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-10T20:39:30.434733Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-10T21:12:57.522Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-12-11T12:04:31.526Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2076"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30710",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-12-10T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 24.005.20307, 24.001.30213, 24.001.30193, 20.005.30730, 20.005.30710 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-10T19:54:10.855Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-92.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader | Out-of-bounds Read (CWE-125)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-49534",
"datePublished": "2024-12-10T19:54:10.855Z",
"dateReserved": "2024-10-15T15:35:47.031Z",
"dateUpdated": "2024-12-11T12:04:31.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28249
Vulnerability from cvelistv5
Published
2022-05-11 17:43
Modified
2024-09-16 22:45
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.896Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:43:36",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28249",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28249",
"datePublished": "2022-05-11T17:43:36.819694Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-16T22:45:29.226Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-41832
Vulnerability from cvelistv5
Published
2024-08-14 15:07
Modified
2024-08-14 16:03
Severity ?
EPSS score ?
Summary
TALOS-2024-2002 | Adobe Acrobat Reader Font gvar TupleVariation Data Out-Of-Bounds Read Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-57.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20991",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20964",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "20.005.30636",
"status": "affected",
"version": "20.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "20.005.30635",
"status": "affected",
"version": "20.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30636",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30635",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20964",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20991",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-41832",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-14T15:51:39.327561Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T15:55:09.953Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-14T16:03:28.145Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2002"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-08-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T15:07:32.908Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "TALOS-2024-2002 | Adobe Acrobat Reader Font gvar TupleVariation Data Out-Of-Bounds Read Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-41832",
"datePublished": "2024-08-14T15:07:32.908Z",
"dateReserved": "2024-07-22T17:16:40.932Z",
"dateUpdated": "2024-08-14T16:03:28.145Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-45067
Vulnerability from cvelistv5
Published
2022-01-14 19:05
Modified
2024-09-16 23:51
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader Memory Corruption could lead to Information Disclosure
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-01.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:32:13.601Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "21.007.20099",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.004.30017",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.011.30204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Access of Memory Location After End of Buffer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-788",
"description": "Access of Memory Location After End of Buffer (CWE-788)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-14T19:05:35",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader Memory Corruption could lead to Information Disclosure",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-01-11T23:00:00.000Z",
"ID": "CVE-2021-45067",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader Memory Corruption could lead to Information Disclosure"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "21.007.20099"
},
{
"version_affected": "\u003c=",
"version_value": "20.004.30017"
},
{
"version_affected": "\u003c=",
"version_value": "17.011.30204"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Access of Memory Location After End of Buffer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Access of Memory Location After End of Buffer (CWE-788)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-45067",
"datePublished": "2022-01-14T19:05:35.776369Z",
"dateReserved": "2021-12-14T00:00:00",
"dateUpdated": "2024-09-16T23:51:36.428Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20726
Vulnerability from cvelistv5
Published
2024-02-15 12:18
Modified
2024-08-01 21:59
Severity ?
EPSS score ?
Summary
[TianfuCup] JP2K Image Parsing Out-Of-Bounds Write
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-07.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:-:*:*:*:pro:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:-:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:2020:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30539",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:2020:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30539",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20726",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-15T14:11:41.172393Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T17:08:25.630Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:59:42.879Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-02-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-15T12:18:44.681Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "[TianfuCup] JP2K Image Parsing Out-Of-Bounds Write"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-20726",
"datePublished": "2024-02-15T12:18:44.681Z",
"dateReserved": "2023-12-04T16:52:22.969Z",
"dateUpdated": "2024-08-01T21:59:42.879Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-45068
Vulnerability from cvelistv5
Published
2022-01-14 19:05
Modified
2024-09-16 16:28
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-01.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:32:13.525Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "21.007.20099",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.004.30017",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.011.30204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-14T19:05:08",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-01-11T23:00:00.000Z",
"ID": "CVE-2021-45068",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "21.007.20099"
},
{
"version_affected": "\u003c=",
"version_value": "20.004.30017"
},
{
"version_affected": "\u003c=",
"version_value": "17.011.30204"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-45068",
"datePublished": "2022-01-14T19:05:09.071114Z",
"dateReserved": "2021-12-14T00:00:00",
"dateUpdated": "2024-09-16T16:28:15.719Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30279
Vulnerability from cvelistv5
Published
2024-05-23 08:29
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
ZDI-CAN-22887: Adobe Acrobat Reader DC JPEG2000 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-29.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:-:*:*:*:pro:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:2020:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThan": "20.005.30574",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:2020:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30574",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:-:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30279",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-23T13:21:27.806213Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:39:22.948Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:06.686Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-05-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-23T08:29:14.234Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-22887: Adobe Acrobat Reader DC JPEG2000 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-30279",
"datePublished": "2024-05-23T08:29:14.234Z",
"dateReserved": "2024-03-26T16:04:09.503Z",
"dateUpdated": "2024-08-02T01:32:06.686Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-34229
Vulnerability from cvelistv5
Published
2022-07-15 15:35
Modified
2025-04-23 18:00
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC AcroForm rect Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-32.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:07:14.301Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-34229",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:07:23.257884Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T18:00:57.230Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20142",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30334",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30229",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-07-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-15T15:35:02.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC AcroForm rect Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-07-12T23:00:00.000Z",
"ID": "CVE-2022-34229",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC AcroForm rect Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20142"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.30334"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30229"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-34229",
"datePublished": "2022-07-15T15:35:02.693Z",
"dateReserved": "2022-06-21T00:00:00.000Z",
"dateUpdated": "2025-04-23T18:00:57.230Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28243
Vulnerability from cvelistv5
Published
2022-05-11 17:38
Modified
2024-09-16 20:37
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.864Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:38:23",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28243",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28243",
"datePublished": "2022-05-11T17:38:23.258614Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-16T20:37:34.206Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20734
Vulnerability from cvelistv5
Published
2024-02-15 12:18
Modified
2024-08-01 21:59
Severity ?
EPSS score ?
Summary
ZDI-CAN-22516: Adobe Acrobat Pro DC AcroForm Use-After-Free Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-07.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:-:*:*:*:pro:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:-:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:2020:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30539",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:2020:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30539",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20734",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-15T20:05:15.893127Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T17:10:10.386Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:59:43.009Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-02-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-15T12:18:39.135Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-22516: Adobe Acrobat Pro DC AcroForm Use-After-Free Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-20734",
"datePublished": "2024-02-15T12:18:39.135Z",
"dateReserved": "2023-12-04T16:52:22.970Z",
"dateUpdated": "2024-08-01T21:59:43.009Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28239
Vulnerability from cvelistv5
Published
2022-05-11 17:34
Modified
2024-09-17 02:02
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.894Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:34:27",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28239",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28239",
"datePublished": "2022-05-11T17:34:27.817648Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-17T02:02:44.017Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-34226
Vulnerability from cvelistv5
Published
2022-07-15 15:34
Modified
2025-04-23 18:01
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC PDF Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-32.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:07:14.310Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-34226",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:07:26.641201Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T18:01:03.484Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20142",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30334",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30229",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-07-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-15T15:34:23.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC PDF Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-07-12T23:00:00.000Z",
"ID": "CVE-2022-34226",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC PDF Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20142"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.30334"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30229"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-34226",
"datePublished": "2022-07-15T15:34:23.667Z",
"dateReserved": "2022-06-21T00:00:00.000Z",
"dateUpdated": "2025-04-23T18:01:03.484Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28252
Vulnerability from cvelistv5
Published
2022-05-11 17:45
Modified
2024-09-17 00:31
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.890Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:45:46",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28252",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 3.3,
"baseSeverity": "Low",
"confidentialityImpact": "Low",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28252",
"datePublished": "2022-05-11T17:45:46.818881Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-17T00:31:21.515Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-27163
Vulnerability from cvelistv5
Published
2025-03-11 18:10
Modified
2025-03-12 13:08
Severity ?
EPSS score ?
Summary
Acrobat Reader | Out-of-bounds Read (CWE-125)
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb25-14.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-27163",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-11T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-12T04:01:18.952Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-03-12T13:08:24.257Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2134"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "25.001.20428",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-03-11T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-11T18:10:09.475Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb25-14.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader | Out-of-bounds Read (CWE-125)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2025-27163",
"datePublished": "2025-03-11T18:10:09.475Z",
"dateReserved": "2025-02-19T22:28:19.017Z",
"dateUpdated": "2025-03-12T13:08:24.257Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-24427
Vulnerability from cvelistv5
Published
2020-11-05 19:31
Modified
2024-09-16 22:25
Severity ?
EPSS score ?
Summary
Acrobat Reader DC Codec Input Validation Vulnerability Could Lead to Information Disclosure
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb20-67.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:12:08.763Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2017.011.30175",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.012.20048",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30005",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an input validation vulnerability when decoding a crafted codec that could result in the disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "Improper Input Validation (CWE-20)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-05T19:31:11",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader DC Codec Input Validation Vulnerability Could Lead to Information Disclosure",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2020-11-03T23:00:00.000Z",
"ID": "CVE-2020-24427",
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC Codec Input Validation Vulnerability Could Lead to Information Disclosure"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2017.011.30175"
},
{
"version_affected": "\u003c=",
"version_value": "2020.012.20048"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30005"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an input validation vulnerability when decoding a crafted codec that could result in the disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 3.3,
"baseSeverity": "Low",
"confidentialityImpact": "Low",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Input Validation (CWE-20)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2020-24427",
"datePublished": "2020-11-05T19:31:11.362146Z",
"dateReserved": "2020-08-19T00:00:00",
"dateUpdated": "2024-09-16T22:25:56.733Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28237
Vulnerability from cvelistv5
Published
2022-05-11 17:33
Modified
2024-09-17 01:21
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.883Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:33:09",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28237",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28237",
"datePublished": "2022-05-11T17:33:09.328007Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-17T01:21:09.097Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-21044
Vulnerability from cvelistv5
Published
2021-02-11 19:42
Modified
2024-09-16 17:53
Severity ?
EPSS score ?
Summary
Acrobat Reader DC Out-Of-Bounds Write Vulnerability Could Lead To Arbitrary Code Execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-09.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:01:13.348Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.013.20074",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30018",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30188",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Write vulnerability when parsing a crafted jpeg file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-11T19:42:20",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader DC Out-Of-Bounds Write Vulnerability Could Lead To Arbitrary Code Execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21044",
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC Out-Of-Bounds Write Vulnerability Could Lead To Arbitrary Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.013.20074"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30018"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30188"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Write vulnerability when parsing a crafted jpeg file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "None",
"attackVector": "None",
"availabilityImpact": "None",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "None",
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-21044",
"datePublished": "2021-02-11T19:42:20.548710Z",
"dateReserved": "2020-12-18T00:00:00",
"dateUpdated": "2024-09-16T17:53:04.296Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-34099
Vulnerability from cvelistv5
Published
2024-05-15 10:00
Modified
2024-08-02 02:43
Severity ?
EPSS score ?
Summary
ZDI-CAN-XXXX: [Pwn2Own] Acrobat sandbox bypass part 2 of 2
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-29.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:-:*:*:*:pro:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:-:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:2020:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30574",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:2020:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30574",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34099",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-15T13:07:43.573775Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:42:08.303Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:43:00.060Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-05-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control (CWE-284)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-15T10:00:11.648Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-XXXX: [Pwn2Own] Acrobat sandbox bypass part 2 of 2"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-34099",
"datePublished": "2024-05-15T10:00:11.648Z",
"dateReserved": "2024-04-30T19:50:50.899Z",
"dateUpdated": "2024-08-02T02:43:00.060Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-34098
Vulnerability from cvelistv5
Published
2024-05-15 10:00
Modified
2024-08-02 02:43
Severity ?
EPSS score ?
Summary
ZDI-CAN-XXXX: [Pwn2Own] Acrobat sandbox bypass part 1 of 2
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-29.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:-:*:*:*:pro:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:-:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:2020:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30574",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:2020:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30574",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34098",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-15T13:06:52.248689Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:42:01.692Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:43:00.452Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-05-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "Improper Input Validation (CWE-20)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-15T10:00:15.985Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-XXXX: [Pwn2Own] Acrobat sandbox bypass part 1 of 2"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-34098",
"datePublished": "2024-05-15T10:00:15.985Z",
"dateReserved": "2024-04-30T19:50:50.899Z",
"dateUpdated": "2024-08-02T02:43:00.452Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-24439
Vulnerability from cvelistv5
Published
2020-11-05 19:32
Modified
2024-09-17 00:42
Severity ?
EPSS score ?
Summary
Acrobat Reader DC for macOS Signature Validation Bypass
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb20-67.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:12:08.980Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2017.011.30175",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.012.20048",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30005",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC for macOS versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a security feature bypass. While the practical security impact is minimal, a defense-in-depth fix has been implemented to further harden the Adobe Reader update process."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "Improper Verification of Cryptographic Signature (CWE-347)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-11T17:31:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader DC for macOS Signature Validation Bypass",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2020-11-03T23:00:00.000Z",
"ID": "CVE-2020-24439",
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC for macOS Signature Validation Bypass"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2017.011.30175"
},
{
"version_affected": "\u003c=",
"version_value": "2020.012.20048"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30005"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC for macOS versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a security feature bypass. While the practical security impact is minimal, a defense-in-depth fix has been implemented to further harden the Adobe Reader update process."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 2.2,
"baseSeverity": "Low",
"confidentialityImpact": "None",
"integrityImpact": "Low",
"privilegesRequired": "Low",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Verification of Cryptographic Signature (CWE-347)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2020-24439",
"datePublished": "2020-11-05T19:32:50.010168Z",
"dateReserved": "2020-08-19T00:00:00",
"dateUpdated": "2024-09-17T00:42:15.886Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-38437
Vulnerability from cvelistv5
Published
2022-10-14 19:45
Modified
2025-04-23 16:47
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader Use After Free Memory leak
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:54:03.743Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-46.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-38437",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:03:15.256564Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T16:47:23.818Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30381",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.002.20212",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-10-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.002.20212 (and earlier) and 20.005.30381 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-14T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-46.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader Use After Free Memory leak"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-38437",
"datePublished": "2022-10-14T19:45:29.847Z",
"dateReserved": "2022-08-18T00:00:00.000Z",
"dateUpdated": "2025-04-23T16:47:23.818Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-34097
Vulnerability from cvelistv5
Published
2024-05-15 10:00
Modified
2024-08-02 02:42
Severity ?
EPSS score ?
Summary
ZDI-CAN-23473: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-29.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:-:*:*:*:pro:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:-:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:2020:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30574",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:2020:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30574",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34097",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-15T13:06:04.012121Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:41:45.764Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:42:59.874Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-05-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-15T10:00:09.418Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-23473: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-34097",
"datePublished": "2024-05-15T10:00:09.418Z",
"dateReserved": "2024-04-30T19:50:50.899Z",
"dateUpdated": "2024-08-02T02:42:59.874Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-27792
Vulnerability from cvelistv5
Published
2022-05-11 17:16
Modified
2024-09-16 23:16
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:59.801Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:16:11",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-27792",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-27792",
"datePublished": "2022-05-11T17:16:11.029286Z",
"dateReserved": "2022-03-23T00:00:00",
"dateUpdated": "2024-09-16T23:16:54.428Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-38246
Vulnerability from cvelistv5
Published
2023-08-10 13:17
Modified
2024-08-02 17:39
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC ActiveX Control (AxAcroPDFLib.AxAcroPDF) stack-based stale pointer vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-30.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:39:12.067Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.003.20244",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-08-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-824",
"description": "Access of Uninitialized Pointer (CWE-824)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-10T13:17:49.592Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC ActiveX Control (AxAcroPDFLib.AxAcroPDF) stack-based stale pointer vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-38246",
"datePublished": "2023-08-10T13:17:49.592Z",
"dateReserved": "2023-07-13T16:21:52.617Z",
"dateUpdated": "2024-08-02T17:39:12.067Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-27799
Vulnerability from cvelistv5
Published
2022-05-11 17:21
Modified
2024-09-16 19:21
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:59.941Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:21:43",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-27799",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-27799",
"datePublished": "2022-05-11T17:21:43.991982Z",
"dateReserved": "2022-03-23T00:00:00",
"dateUpdated": "2024-09-16T19:21:12.693Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28231
Vulnerability from cvelistv5
Published
2022-05-11 17:27
Modified
2024-09-17 01:15
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.884Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by an out-of-bounds read vulnerability when processing a doc object, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:27:27",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28231",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by an out-of-bounds read vulnerability when processing a doc object, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28231",
"datePublished": "2022-05-11T17:27:27.209419Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-17T01:15:29.106Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-24437
Vulnerability from cvelistv5
Published
2020-11-05 19:31
Modified
2024-09-16 18:34
Severity ?
EPSS score ?
Summary
Acrobat Reader DC Use-After-Free Vulnerability Could Lead to Arbitrary Code Execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb20-67.html | x_refsource_MISC | |
| https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1156 | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:12:08.746Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1156"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2017.011.30175",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.012.20048",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30005",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-05T21:06:12",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1156"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader DC Use-After-Free Vulnerability Could Lead to Arbitrary Code Execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2020-11-03T23:00:00.000Z",
"ID": "CVE-2020-24437",
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC Use-After-Free Vulnerability Could Lead to Arbitrary Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2017.011.30175"
},
{
"version_affected": "\u003c=",
"version_value": "2020.012.20048"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30005"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
},
{
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1156",
"refsource": "MISC",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1156"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2020-24437",
"datePublished": "2020-11-05T19:31:19.626096Z",
"dateReserved": "2020-08-19T00:00:00",
"dateUpdated": "2024-09-16T18:34:14.790Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30305
Vulnerability from cvelistv5
Published
2024-05-02 21:04
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
ZDI-CAN-23043: Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-07.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:-:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30305",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-03T19:42:23.014642Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:38:47.503Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.230Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-02-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-02T21:04:45.105Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-23043: Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-30305",
"datePublished": "2024-05-02T21:04:45.105Z",
"dateReserved": "2024-03-26T16:04:09.507Z",
"dateUpdated": "2024-08-02T01:32:07.230Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28260
Vulnerability from cvelistv5
Published
2022-05-11 17:52
Modified
2024-09-16 20:47
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.901Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:52:47",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28260",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28260",
"datePublished": "2022-05-11T17:52:47.714868Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-16T20:47:57.101Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28232
Vulnerability from cvelistv5
Published
2022-05-11 17:28
Modified
2024-09-16 19:42
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Collab Object Use-After-Free Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.883Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the collab object that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:28:10",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Collab Object Use-After-Free Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28232",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Collab Object Use-After-Free Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the collab object that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28232",
"datePublished": "2022-05-11T17:28:10.912425Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-16T19:42:00.282Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-16471
Vulnerability from cvelistv5
Published
2023-09-11 13:50
Modified
2024-08-05 01:17
Severity ?
EPSS score ?
Summary
Use-After-Free in app.measureDialog - Tianfu Cup
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb19-55.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:17:40.280Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb19-55.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2019.021.20056",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2020-02-11T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 2019.021.20056 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-11T13:50:59.657Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb19-55.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Use-After-Free in app.measureDialog - Tianfu Cup"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2019-16471",
"datePublished": "2023-09-11T13:50:59.657Z",
"dateReserved": "2019-09-19T00:00:00.000Z",
"dateUpdated": "2024-08-05T01:17:40.280Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-28644
Vulnerability from cvelistv5
Published
2023-09-06 13:08
Modified
2024-08-03 21:47
Severity ?
EPSS score ?
Summary
Adobe Acrobat SpellDictionaryCreate Path Traversal Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-51.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:47:33.036Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2021.005.20054",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2021-07-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by a Path traversal vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) (CWE-22)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-06T13:08:06.354Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat SpellDictionaryCreate Path Traversal Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-28644",
"datePublished": "2023-09-06T13:08:06.354Z",
"dateReserved": "2021-03-16T17:41:28.687Z",
"dateUpdated": "2024-08-03T21:47:33.036Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-41879
Vulnerability from cvelistv5
Published
2024-08-26 12:01
Modified
2024-08-26 15:18
Severity ?
EPSS score ?
Summary
RE: New Edge T5 MSRC Case [DCMSFT-1294]
References
| ▼ | URL | Tags |
|---|---|---|
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-41879 | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "127.0.2651.105",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-41879",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-26T14:00:39.957680Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-26T15:18:22.423Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "127.0.2651.105",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-08-22T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 127.0.2651.105 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-26T12:01:24.403Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-41879"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "RE: New Edge T5 MSRC Case [DCMSFT-1294]"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-41879",
"datePublished": "2024-08-26T12:01:24.403Z",
"dateReserved": "2024-07-22T17:16:40.945Z",
"dateUpdated": "2024-08-26T15:18:22.423Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-21610
Vulnerability from cvelistv5
Published
2023-01-18 00:00
Modified
2025-03-05 19:33
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader Stack-based Buffer Overflow Arbitrary code execution
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:44:01.456Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-21610",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:44:36.752880Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:33:02.449Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30418",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.003.20282",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.003.20281",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-01-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow (CWE-121)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-31T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader Stack-based Buffer Overflow Arbitrary code execution"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-21610",
"datePublished": "2023-01-18T00:00:00.000Z",
"dateReserved": "2022-12-01T00:00:00.000Z",
"dateUpdated": "2025-03-05T19:33:02.449Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28236
Vulnerability from cvelistv5
Published
2022-05-11 17:32
Modified
2024-09-17 01:51
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.899Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:32:16",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28236",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28236",
"datePublished": "2022-05-11T17:32:16.805652Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-17T01:51:28.785Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-21581
Vulnerability from cvelistv5
Published
2023-01-18 00:00
Modified
2025-03-05 19:34
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:44:01.486Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-21581",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:41:32.084609Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:34:00.193Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30418",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.003.20282",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.003.20281",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-01-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-18T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-21581",
"datePublished": "2023-01-18T00:00:00.000Z",
"dateReserved": "2022-12-01T00:00:00.000Z",
"dateUpdated": "2025-03-05T19:34:00.193Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30311
Vulnerability from cvelistv5
Published
2024-05-15 10:00
Modified
2025-02-13 17:47
Severity ?
EPSS score ?
Summary
TALOS-2024-1946 - Adobe Acrobat Reader Font gvar GlyphVariationData out-of-bounds read vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:-:*:*:*:pro:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:-:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:2020:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30574",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:2020:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30574",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30311",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-15T13:09:19.717940Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:39:07.817Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:06.895Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1946"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-05-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-10T18:08:37.677Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1946"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "TALOS-2024-1946 - Adobe Acrobat Reader Font gvar GlyphVariationData out-of-bounds read vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-30311",
"datePublished": "2024-05-15T10:00:13.706Z",
"dateReserved": "2024-03-26T16:04:09.509Z",
"dateUpdated": "2025-02-13T17:47:48.857Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-28640
Vulnerability from cvelistv5
Published
2021-08-20 18:10
Modified
2024-09-17 00:15
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader Use-After-Free Arbitrary Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-51.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:47:33.067Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.004.30005",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30197",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.005.20054",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-07-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Use-after-free vulnerability. An authenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-20T18:10:03",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader Use-After-Free Arbitrary Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-07-13T23:00:00.000Z",
"ID": "CVE-2021-28640",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader Use-After-Free Arbitrary Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.004.30005"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30197"
},
{
"version_affected": "\u003c=",
"version_value": "2021.005.20054"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Use-after-free vulnerability. An authenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-28640",
"datePublished": "2021-08-20T18:10:03.476680Z",
"dateReserved": "2021-03-16T00:00:00",
"dateUpdated": "2024-09-17T00:15:47.850Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-34221
Vulnerability from cvelistv5
Published
2022-07-15 15:33
Modified
2024-09-16 23:22
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader Type Confusion vulnerability could lead to Arbitrary code execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-32.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T08:16:17.316Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20142",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30334",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30229",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027) (CWE-843)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-15T15:33:35",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader Type Confusion vulnerability could lead to Arbitrary code execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-07-12T23:00:00.000Z",
"ID": "CVE-2022-34221",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader Type Confusion vulnerability could lead to Arbitrary code execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20142"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.30334"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30229"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027) (CWE-843)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-34221",
"datePublished": "2022-07-15T15:33:35.271884Z",
"dateReserved": "2022-06-21T00:00:00",
"dateUpdated": "2024-09-16T23:22:03.445Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-27160
Vulnerability from cvelistv5
Published
2025-03-11 18:10
Modified
2025-03-12 04:01
Severity ?
EPSS score ?
Summary
Acrobat Reader | Use After Free (CWE-416)
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb25-14.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-27160",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-11T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-12T04:01:11.572Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "25.001.20428",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-03-11T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-11T18:10:11.438Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb25-14.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader | Use After Free (CWE-416)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2025-27160",
"datePublished": "2025-03-11T18:10:11.438Z",
"dateReserved": "2025-02-19T22:28:19.016Z",
"dateUpdated": "2025-03-12T04:01:11.572Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30280
Vulnerability from cvelistv5
Published
2024-05-23 08:29
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
ZDI-CAN-22867: Adobe Acrobat Pro DC AcroForm Annotation Out-Of-Bounds Read Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-29.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:-:*:*:*:pro:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:2020:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThan": "20.005.30574",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:2020:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30574",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:-:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30280",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-23T13:35:59.914417Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:39:22.546Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.108Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-05-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-23T08:29:10.857Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-22867: Adobe Acrobat Pro DC AcroForm Annotation Out-Of-Bounds Read Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-30280",
"datePublished": "2024-05-23T08:29:10.857Z",
"dateReserved": "2024-03-26T16:04:09.503Z",
"dateUpdated": "2024-08-02T01:32:07.108Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-24101
Vulnerability from cvelistv5
Published
2022-05-11 17:04
Modified
2024-09-16 22:30
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Use-After-Free Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:59:24.099Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:04:27",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Use-After-Free Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-24101",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Use-After-Free Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 3.3,
"baseSeverity": "Low",
"confidentialityImpact": "Low",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-24101",
"datePublished": "2022-05-11T17:04:27.495408Z",
"dateReserved": "2022-01-27T00:00:00",
"dateUpdated": "2024-09-16T22:30:51.000Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-38225
Vulnerability from cvelistv5
Published
2023-08-10 13:17
Modified
2024-08-02 17:30
Severity ?
EPSS score ?
Summary
ZDI-CAN-21118: Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-30.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:14.061Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.003.20244",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-08-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-10T13:17:43.864Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21118: Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-38225",
"datePublished": "2023-08-10T13:17:43.864Z",
"dateReserved": "2023-07-13T16:21:52.614Z",
"dateUpdated": "2024-08-02T17:30:14.061Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-26424
Vulnerability from cvelistv5
Published
2023-04-12 00:00
Modified
2025-03-05 19:05
Severity ?
EPSS score ?
Summary
ZDI-CAN-19833: Adobe Acrobat Reader DC PDF Parsing Use-After-Free Remote Code Execution Vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:46:24.516Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-24.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26424",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:39:19.734480Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:05:06.046Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.001.20093",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30441",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-04-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-12T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-24.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-19833: Adobe Acrobat Reader DC PDF Parsing Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-26424",
"datePublished": "2023-04-12T00:00:00.000Z",
"dateReserved": "2023-02-22T00:00:00.000Z",
"dateUpdated": "2025-03-05T19:05:06.046Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-21021
Vulnerability from cvelistv5
Published
2021-02-11 19:42
Modified
2024-09-17 03:27
Severity ?
EPSS score ?
Summary
Acrobat Reader DC Use-After-Free Vulnerability Could Lead To Arbitrary Code Execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-09.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:53:23.087Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.013.20074",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30018",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30188",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-11T19:42:21",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader DC Use-After-Free Vulnerability Could Lead To Arbitrary Code Execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21021",
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC Use-After-Free Vulnerability Could Lead To Arbitrary Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.013.20074"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30018"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30188"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-21021",
"datePublished": "2021-02-11T19:42:21.354171Z",
"dateReserved": "2020-12-18T00:00:00",
"dateUpdated": "2024-09-17T03:27:40.772Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-35667
Vulnerability from cvelistv5
Published
2022-08-11 14:44
Modified
2025-04-23 17:52
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-39.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:36:44.460Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-39.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-35667",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:06:28.484600Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T17:52:23.216Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20169",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30362",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30249",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-08-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.001.20169 (and earlier), 20.005.30362 (and earlier) and 17.012.30249 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-11T14:44:15.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-39.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-08-09T23:00:00.000Z",
"ID": "CVE-2022-35667",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20169"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.30362"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30249"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 22.001.20169 (and earlier), 20.005.30362 (and earlier) and 17.012.30249 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-39.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-39.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-35667",
"datePublished": "2022-08-11T14:44:15.237Z",
"dateReserved": "2022-07-12T00:00:00.000Z",
"dateUpdated": "2025-04-23T17:52:23.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-34219
Vulnerability from cvelistv5
Published
2022-07-15 15:33
Modified
2024-09-17 03:48
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-32.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T08:16:17.280Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20142",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30334",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30229",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-15T15:33:52",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-07-12T23:00:00.000Z",
"ID": "CVE-2022-34219",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20142"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.30334"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30229"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-34219",
"datePublished": "2022-07-15T15:33:52.433943Z",
"dateReserved": "2022-06-21T00:00:00",
"dateUpdated": "2024-09-17T03:48:50.227Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-40728
Vulnerability from cvelistv5
Published
2021-10-15 14:22
Modified
2025-04-23 19:24
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Use After Free Arbitrary Code Execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-104.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:51:06.587Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-104.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-40728",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:16:15.087984Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T19:24:59.731Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "21.007.20095",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "21.007.20096",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.004.30015",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.011.30202",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-10-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 21.007.20096 (and earlier), 20.004.30015 (and earlier), and 17.011.30202 (and earlier) is affected by a use-after-free vulnerability in the processing of the GetURL function on a global object window that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-15T14:22:14.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-104.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Use After Free Arbitrary Code Execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-10-12T23:00:00.000Z",
"ID": "CVE-2021-40728",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Use After Free Arbitrary Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "21.007.20095"
},
{
"version_affected": "\u003c=",
"version_value": "21.007.20096"
},
{
"version_affected": "\u003c=",
"version_value": "20.004.30015"
},
{
"version_affected": "\u003c=",
"version_value": "17.011.30202"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 21.007.20096 (and earlier), 20.004.30015 (and earlier), and 17.011.30202 (and earlier) is affected by a use-after-free vulnerability in the processing of the GetURL function on a global object window that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-104.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-104.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-40728",
"datePublished": "2021-10-15T14:22:14.201Z",
"dateReserved": "2021-09-08T00:00:00.000Z",
"dateUpdated": "2025-04-23T19:24:59.731Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-35665
Vulnerability from cvelistv5
Published
2022-08-11 14:43
Modified
2025-04-23 17:52
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader Use-After-Free Arbitrary Code Execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-39.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:36:44.429Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-39.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-35665",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:06:31.666321Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T17:52:29.075Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20169",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30362",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30249",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-08-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.001.20169 (and earlier), 20.005.30362 (and earlier) and 17.012.30249 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-11T14:43:59.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-39.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader Use-After-Free Arbitrary Code Execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-08-09T23:00:00.000Z",
"ID": "CVE-2022-35665",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader Use-After-Free Arbitrary Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20169"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.30362"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30249"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 22.001.20169 (and earlier), 20.005.30362 (and earlier) and 17.012.30249 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-39.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-39.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-35665",
"datePublished": "2022-08-11T14:43:59.645Z",
"dateReserved": "2022-07-12T00:00:00.000Z",
"dateUpdated": "2025-04-23T17:52:29.075Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-28558
Vulnerability from cvelistv5
Published
2021-09-02 16:06
Modified
2024-09-16 22:46
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader heap-based buffer overflow could lead to arbitrary code execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-29.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:47:32.661Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.001.30020",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.001.20150",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30194",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-05-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by an Heap-based buffer overflow vulnerability in the PDFLibTool component. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "Heap-based Buffer Overflow (CWE-122)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-02T16:06:54",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader heap-based buffer overflow could lead to arbitrary code execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-05-11T23:00:00.000Z",
"ID": "CVE-2021-28558",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader heap-based buffer overflow could lead to arbitrary code execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.001.30020"
},
{
"version_affected": "\u003c=",
"version_value": "2021.001.20150"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30194"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by an Heap-based buffer overflow vulnerability in the PDFLibTool component. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow (CWE-122)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-28558",
"datePublished": "2021-09-02T16:06:54.859950Z",
"dateReserved": "2021-03-16T00:00:00",
"dateUpdated": "2024-09-16T22:46:50.725Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-26406
Vulnerability from cvelistv5
Published
2023-04-12 00:00
Modified
2025-03-05 19:06
Severity ?
EPSS score ?
Summary
ZDI-CAN-20712: Net.HTTP.request URL restriction bypass
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:46:24.560Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-24.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26406",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:39:53.578233Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:06:19.117Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.001.20093",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30441",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-04-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control (CWE-284)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-12T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-24.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-20712: Net.HTTP.request URL restriction bypass"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-26406",
"datePublished": "2023-04-12T00:00:00.000Z",
"dateReserved": "2023-02-22T00:00:00.000Z",
"dateUpdated": "2025-03-05T19:06:19.117Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-24103
Vulnerability from cvelistv5
Published
2022-05-11 17:07
Modified
2024-09-17 01:15
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:59:23.930Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:07:33",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-24103",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-24103",
"datePublished": "2022-05-11T17:07:33.458821Z",
"dateReserved": "2022-01-27T00:00:00",
"dateUpdated": "2024-09-17T01:15:42.436Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-27786
Vulnerability from cvelistv5
Published
2022-05-11 17:11
Modified
2024-09-16 16:38
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:59.904Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of fonts that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:11:17",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-27786",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of fonts that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-27786",
"datePublished": "2022-05-11T17:11:17.335273Z",
"dateReserved": "2022-03-23T00:00:00",
"dateUpdated": "2024-09-16T16:38:40.402Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-21045
Vulnerability from cvelistv5
Published
2021-02-11 19:42
Modified
2024-09-16 21:07
Severity ?
EPSS score ?
Summary
Acrobat Reader DC Improper Installer Access Control Vulnerability Could Lead To Privilege Escalation
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-09.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:01:12.607Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_2017:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader_2017",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "17.011.30188",
"status": "affected",
"version": "17.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_2017:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_2017",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "17.011.30188",
"status": "affected",
"version": "17.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_2020:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader_2020",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.001.30018",
"status": "affected",
"version": "20.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_2020:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_2020",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.001.30018",
"status": "affected",
"version": "20.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:windows:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.013.20074",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:macos:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.013.20074",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThan": "20.013.20074",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThan": "20.013.20074",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-21045",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-22T16:30:57.861562Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-22T16:39:45.881Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.013.20074",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30018",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30188",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an improper access control vulnerability. An unauthenticated attacker could leverage this vulnerability to elevate privileges in the context of the current user."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control (CWE-284)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-11T19:42:20",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader DC Improper Installer Access Control Vulnerability Could Lead To Privilege Escalation",
"x_ConverterErrors": {
"DATE_PUBLIC": {
"error": "v4 DATE_PUBLIC is invalid",
"message": "(\u0027Unknown string format:\u0027, \u0027NoneT23:00:00.000Z\u0027)"
}
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "NoneT23:00:00.000Z",
"ID": "CVE-2021-21045",
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC Improper Installer Access Control Vulnerability Could Lead To Privilege Escalation"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.013.20074"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30018"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30188"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an improper access control vulnerability. An unauthenticated attacker could leverage this vulnerability to elevate privileges in the context of the current user."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "None",
"attackVector": "None",
"availabilityImpact": "None",
"baseScore": 8.2,
"baseSeverity": "High",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "None",
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Control (CWE-284)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-21045",
"datePublished": "2021-02-11T19:42:20.339417Z",
"dateReserved": "2020-12-18T00:00:00",
"dateUpdated": "2024-09-16T21:07:41.363Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-38231
Vulnerability from cvelistv5
Published
2023-08-10 13:17
Modified
2024-08-02 17:30
Severity ?
EPSS score ?
Summary
ZDI-CAN-21334: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-30.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:14.200Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.003.20244",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-08-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-10T13:17:45.594Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21334: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-38231",
"datePublished": "2023-08-10T13:17:45.594Z",
"dateReserved": "2023-07-13T16:21:52.615Z",
"dateUpdated": "2024-08-02T17:30:14.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-28638
Vulnerability from cvelistv5
Published
2021-08-20 18:10
Modified
2024-09-16 16:17
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-51.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:47:33.120Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.004.30005",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30197",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.005.20054",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-07-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by a Heap-based Buffer overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "Heap-based Buffer Overflow (CWE-122)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-20T18:10:00",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-07-13T23:00:00.000Z",
"ID": "CVE-2021-28638",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.004.30005"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30197"
},
{
"version_affected": "\u003c=",
"version_value": "2021.005.20054"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by a Heap-based Buffer overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow (CWE-122)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-28638",
"datePublished": "2021-08-20T18:10:00.534012Z",
"dateReserved": "2021-03-16T00:00:00",
"dateUpdated": "2024-09-16T16:17:54.738Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-21063
Vulnerability from cvelistv5
Published
2021-02-11 20:07
Modified
2024-09-17 00:11
Severity ?
EPSS score ?
Summary
Acrobat Reader DC Buffer Overflow Vulnerability Could Lead to Arbitrary Code Execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-09.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:01:13.325Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.013.20074",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30018",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30188",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-11T20:07:37",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader DC Buffer Overflow Vulnerability Could Lead to Arbitrary Code Execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21063",
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC Buffer Overflow Vulnerability Could Lead to Arbitrary Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.013.20074"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30018"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30188"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "None",
"attackVector": "None",
"availabilityImpact": "None",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "None",
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-21063",
"datePublished": "2021-02-11T20:07:37.958484Z",
"dateReserved": "2020-12-18T00:00:00",
"dateUpdated": "2024-09-17T00:11:19.802Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-34238
Vulnerability from cvelistv5
Published
2023-09-11 13:34
Modified
2025-02-27 20:56
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-32.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:07:14.396Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-34238",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T21:49:58.199803Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-27T20:56:24.603Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "17.012.30229",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2022-04-12T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 20.005.30334 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-11T13:34:43.239Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-34238",
"datePublished": "2023-09-11T13:34:43.239Z",
"dateReserved": "2022-06-21T20:02:26.511Z",
"dateUpdated": "2025-02-27T20:56:24.603Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-38234
Vulnerability from cvelistv5
Published
2023-08-10 13:17
Modified
2025-02-27 21:05
Severity ?
EPSS score ?
Summary
ZDI-CAN-21359: Adobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-30.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:14.082Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38234",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T21:53:18.913464Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-27T21:05:12.871Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.003.20244",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-08-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-824",
"description": "Access of Uninitialized Pointer (CWE-824)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-10T13:17:25.022Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21359: Adobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-38234",
"datePublished": "2023-08-10T13:17:25.022Z",
"dateReserved": "2023-07-13T16:21:52.615Z",
"dateUpdated": "2025-02-27T21:05:12.871Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-24435
Vulnerability from cvelistv5
Published
2020-11-05 19:32
Modified
2024-09-17 04:04
Severity ?
EPSS score ?
Summary
Acrobat Reader DC Heap-based Buffer Overflow Could Lead to Arbitrary Code Execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb20-67.html | x_refsource_MISC | |
| https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1157 | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:12:08.674Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1157"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2017.011.30175",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.012.20048",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30005",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a heap-based buffer overflow vulnerability in the submitForm function, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .pdf file in Acrobat Reader."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "Heap-based Buffer Overflow (CWE-122)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-05T21:06:13",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1157"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader DC Heap-based Buffer Overflow Could Lead to Arbitrary Code Execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2020-11-03T23:00:00.000Z",
"ID": "CVE-2020-24435",
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC Heap-based Buffer Overflow Could Lead to Arbitrary Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2017.011.30175"
},
{
"version_affected": "\u003c=",
"version_value": "2020.012.20048"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30005"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a heap-based buffer overflow vulnerability in the submitForm function, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .pdf file in Acrobat Reader."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow (CWE-122)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
},
{
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1157",
"refsource": "MISC",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1157"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2020-24435",
"datePublished": "2020-11-05T19:32:12.132223Z",
"dateReserved": "2020-08-19T00:00:00",
"dateUpdated": "2024-09-17T04:04:27.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-26396
Vulnerability from cvelistv5
Published
2023-04-12 00:00
Modified
2025-03-05 19:07
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC for macOS installer (AcroRdrDC_2200220191_MUI.pkg) contains a local privilege escalation vulnerability.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:46:24.532Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-24.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26396",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:40:02.430669Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:07:14.657Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.001.20093",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30441",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-04-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Creation of Temporary File in Directory with Incorrect Permissions vulnerability that could result in privilege escalation in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-379",
"description": "Creation of Temporary File in Directory with Incorrect Permissions (CWE-379)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-12T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-24.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC for macOS installer (AcroRdrDC_2200220191_MUI.pkg) contains a local privilege escalation vulnerability."
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-26396",
"datePublished": "2023-04-12T00:00:00.000Z",
"dateReserved": "2023-02-22T00:00:00.000Z",
"dateUpdated": "2025-03-05T19:07:14.657Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-24434
Vulnerability from cvelistv5
Published
2020-11-05 19:32
Modified
2024-09-16 17:58
Severity ?
EPSS score ?
Summary
Acrobat Pro DC Out-Of-Bounds Read Vulnerability Could Lead to Information Disclosure
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb20-67.html | x_refsource_MISC | |
| https://www.zerodayinitiative.com/advisories/ZDI-20-1356/ | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:12:08.687Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1356/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2017.011.30175",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.012.20048",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30005",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-10T16:06:12",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1356/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Pro DC Out-Of-Bounds Read Vulnerability Could Lead to Information Disclosure",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2020-11-03T23:00:00.000Z",
"ID": "CVE-2020-24434",
"STATE": "PUBLIC",
"TITLE": "Acrobat Pro DC Out-Of-Bounds Read Vulnerability Could Lead to Information Disclosure"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2017.011.30175"
},
{
"version_affected": "\u003c=",
"version_value": "2020.012.20048"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30005"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 3.3,
"baseSeverity": "Low",
"confidentialityImpact": "Low",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1356/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1356/"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2020-24434",
"datePublished": "2020-11-05T19:32:19.894014Z",
"dateReserved": "2020-08-19T00:00:00",
"dateUpdated": "2024-09-16T17:58:21.747Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-29320
Vulnerability from cvelistv5
Published
2023-08-10 13:17
Modified
2024-08-02 14:07
Severity ?
EPSS score ?
Summary
ZDI-CAN-20712: Adobe Acrobat Blacklist Bypass Design flaw
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-30.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:07:46.079Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.003.20244",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-08-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Violation of Secure Design Principles vulnerability that could result in arbitrary code execution in the context of the current user by bypassing the API blacklisting feature. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-657",
"description": "Violation of Secure Design Principles (CWE-657)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-10T13:17:48.806Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-20712: Adobe Acrobat Blacklist Bypass Design flaw"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-29320",
"datePublished": "2023-08-10T13:17:48.806Z",
"dateReserved": "2023-04-04T20:46:42.583Z",
"dateUpdated": "2024-08-02T14:07:46.079Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-38235
Vulnerability from cvelistv5
Published
2023-08-10 13:17
Modified
2024-08-02 17:30
Severity ?
EPSS score ?
Summary
ZDI-CAN-21356: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-30.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:14.118Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.003.20244",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-08-01T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-14T12:30:59.866Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21356: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-38235",
"datePublished": "2023-08-10T13:17:35.014Z",
"dateReserved": "2023-07-13T16:21:52.616Z",
"dateUpdated": "2024-08-02T17:30:14.118Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-26408
Vulnerability from cvelistv5
Published
2023-04-12 00:00
Modified
2025-03-05 19:06
Severity ?
EPSS score ?
Summary
ZDI-CAN-20712: AnnotsString Object prototype pollution Restrictions Bypass Vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:46:24.597Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-24.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26408",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:39:45.429463Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:06:06.959Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.001.20093",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30441",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-04-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control (CWE-284)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-12T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-24.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-20712: AnnotsString Object prototype pollution Restrictions Bypass Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-26408",
"datePublished": "2023-04-12T00:00:00.000Z",
"dateReserved": "2023-02-22T00:00:00.000Z",
"dateUpdated": "2025-03-05T19:06:06.959Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-45062
Vulnerability from cvelistv5
Published
2022-01-14 19:05
Modified
2024-09-17 03:03
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-01.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:32:13.647Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "21.007.20099",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.004.30017",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.011.30204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-14T19:05:05",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-01-11T23:00:00.000Z",
"ID": "CVE-2021-45062",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "21.007.20099"
},
{
"version_affected": "\u003c=",
"version_value": "20.004.30017"
},
{
"version_affected": "\u003c=",
"version_value": "17.011.30204"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-45062",
"datePublished": "2022-01-14T19:05:05.488011Z",
"dateReserved": "2021-12-14T00:00:00",
"dateUpdated": "2024-09-17T03:03:13.160Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-39849
Vulnerability from cvelistv5
Published
2021-09-29 15:39
Modified
2024-09-16 19:31
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Null Pointer Dereference Could Lead To Application Denial-of-Service
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-55.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:20:33.369Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "DC 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.0-Classic 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.0-Classic 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "NULL Pointer Dereference (CWE-476)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-06T15:25:22",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Null Pointer Dereference Could Lead To Application Denial-of-Service",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-09-14T23:00:00.000Z",
"ID": "CVE-2021-39849",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Null Pointer Dereference Could Lead To Application Denial-of-Service"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "DC 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "20.0-Classic 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "17.0-Classic 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NULL Pointer Dereference (CWE-476)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-39849",
"datePublished": "2021-09-29T15:39:09.388882Z",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-09-16T19:31:05.895Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-34234
Vulnerability from cvelistv5
Published
2022-07-15 15:35
Modified
2025-04-23 18:00
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Doc printWithParams Use-After-Free Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-32.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:07:14.340Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-34234",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:06:12.640321Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T18:00:50.501Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20142",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30334",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30229",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-07-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-15T15:35:12.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Doc printWithParams Use-After-Free Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-07-12T23:00:00.000Z",
"ID": "CVE-2022-34234",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Doc printWithParams Use-After-Free Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20142"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.30334"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30229"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-34234",
"datePublished": "2022-07-15T15:35:12.247Z",
"dateReserved": "2022-06-21T00:00:00.000Z",
"dateUpdated": "2025-04-23T18:00:50.501Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-21062
Vulnerability from cvelistv5
Published
2021-02-11 20:07
Modified
2024-09-17 03:53
Severity ?
EPSS score ?
Summary
Acrobat Reader DC Buffer Overflow Vulnerability Could Lead To Arbitrary Code Execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-09.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:01:13.296Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.013.20074",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30018",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30188",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-11T20:07:28",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader DC Buffer Overflow Vulnerability Could Lead To Arbitrary Code Execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21062",
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC Buffer Overflow Vulnerability Could Lead To Arbitrary Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.013.20074"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30018"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30188"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "None",
"attackVector": "None",
"availabilityImpact": "None",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "None",
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-21062",
"datePublished": "2021-02-11T20:07:28.323107Z",
"dateReserved": "2020-12-18T00:00:00",
"dateUpdated": "2024-09-17T03:53:29.726Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-35666
Vulnerability from cvelistv5
Published
2022-08-11 14:45
Modified
2025-04-23 17:51
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader Improper Input Validation Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-39.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:36:44.403Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-39.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-35666",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:06:24.626764Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T17:51:56.094Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20169",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30362",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30249",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-08-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.001.20169 (and earlier), 20.005.30362 (and earlier) and 17.012.30249 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "Improper Input Validation (CWE-20)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-11T14:45:10.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-39.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader Improper Input Validation Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-08-09T23:00:00.000Z",
"ID": "CVE-2022-35666",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader Improper Input Validation Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20169"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.30362"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30249"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 22.001.20169 (and earlier), 20.005.30362 (and earlier) and 17.012.30249 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Input Validation (CWE-20)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-39.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-39.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-35666",
"datePublished": "2022-08-11T14:45:10.393Z",
"dateReserved": "2022-07-12T00:00:00.000Z",
"dateUpdated": "2025-04-23T17:51:56.094Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-29303
Vulnerability from cvelistv5
Published
2023-08-10 13:17
Modified
2024-08-02 14:07
Severity ?
EPSS score ?
Summary
ZDI-CAN-20970: Adobe Acrobat Reader DC AcroForm Annotation Use-After-Free Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-30.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:07:45.564Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.003.20244",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-08-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-10T13:17:44.653Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-20970: Adobe Acrobat Reader DC AcroForm Annotation Use-After-Free Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-29303",
"datePublished": "2023-08-10T13:17:44.653Z",
"dateReserved": "2023-04-04T20:46:42.578Z",
"dateUpdated": "2024-08-02T14:07:45.564Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-34223
Vulnerability from cvelistv5
Published
2022-07-15 15:34
Modified
2025-04-23 18:01
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC AcroForm currentValueIndices Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-32.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T08:16:17.315Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-34223",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:07:35.843861Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T18:01:24.511Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20142",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30334",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30229",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-07-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-15T15:34:03.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC AcroForm currentValueIndices Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-07-12T23:00:00.000Z",
"ID": "CVE-2022-34223",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC AcroForm currentValueIndices Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20142"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.30334"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30229"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-34223",
"datePublished": "2022-07-15T15:34:03.670Z",
"dateReserved": "2022-06-21T00:00:00.000Z",
"dateUpdated": "2025-04-23T18:01:24.511Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-44710
Vulnerability from cvelistv5
Published
2022-01-14 19:05
Modified
2024-09-16 17:54
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader Use-after-free could lead to Arbitrary code execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-01.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:25:17.066Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "21.007.20099",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.004.30017",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.011.30204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-14T19:05:39",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader Use-after-free could lead to Arbitrary code execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-01-11T23:00:00.000Z",
"ID": "CVE-2021-44710",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader Use-after-free could lead to Arbitrary code execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "21.007.20099"
},
{
"version_affected": "\u003c=",
"version_value": "20.004.30017"
},
{
"version_affected": "\u003c=",
"version_value": "17.011.30204"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-44710",
"datePublished": "2022-01-14T19:05:39.964717Z",
"dateReserved": "2021-12-07T00:00:00",
"dateUpdated": "2024-09-16T17:54:43.935Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-39836
Vulnerability from cvelistv5
Published
2021-09-29 15:37
Modified
2024-09-16 17:22
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC AcroForm buttonGetIcon Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-55.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:20:33.367Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "DC 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.0-Classic 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.0-Classic 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability in the processing of the AcroForm buttonGetIcon action that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-29T15:37:24",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC AcroForm buttonGetIcon Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-09-14T23:00:00.000Z",
"ID": "CVE-2021-39836",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC AcroForm buttonGetIcon Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "DC 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "20.0-Classic 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "17.0-Classic 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability in the processing of the AcroForm buttonGetIcon action that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-39836",
"datePublished": "2021-09-29T15:37:24.463271Z",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-09-16T17:22:58.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-27800
Vulnerability from cvelistv5
Published
2022-05-11 17:22
Modified
2024-09-16 18:56
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:59.807Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:22:46",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-27800",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-27800",
"datePublished": "2022-05-11T17:22:46.319076Z",
"dateReserved": "2022-03-23T00:00:00",
"dateUpdated": "2024-09-16T18:56:19.861Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28262
Vulnerability from cvelistv5
Published
2022-05-11 17:54
Modified
2024-09-17 01:40
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.893Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:54:07",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28262",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28262",
"datePublished": "2022-05-11T17:54:07.815850Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-17T01:40:54.639Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-28636
Vulnerability from cvelistv5
Published
2021-08-20 18:09
Modified
2024-09-16 16:27
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader Unquoted Search Path Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-51.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:47:32.983Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.004.30005",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30197",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.005.20054",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-07-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Uncontrolled Search Path Element vulnerability. An attacker with access to the victim\u0027s C:/ folder could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "Uncontrolled Search Path Element (CWE-427)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-20T18:09:58",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader Unquoted Search Path Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-07-13T23:00:00.000Z",
"ID": "CVE-2021-28636",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader Unquoted Search Path Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.004.30005"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30197"
},
{
"version_affected": "\u003c=",
"version_value": "2021.005.20054"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Uncontrolled Search Path Element vulnerability. An attacker with access to the victim\u0027s C:/ folder could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.3,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Uncontrolled Search Path Element (CWE-427)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-28636",
"datePublished": "2021-08-20T18:09:58.719860Z",
"dateReserved": "2021-03-16T00:00:00",
"dateUpdated": "2024-09-16T16:27:46.743Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-24431
Vulnerability from cvelistv5
Published
2020-11-05 19:31
Modified
2024-09-16 17:43
Severity ?
EPSS score ?
Summary
Acrobat Reader DC for macOS Dynamic Library Injection Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb20-67.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:12:08.653Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2017.011.30175",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.012.20048",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30005",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) for macOS are affected by a security feature bypass that could result in dynamic library code injection by the Adobe Reader process. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization (CWE-285)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-05T19:31:34",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader DC for macOS Dynamic Library Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2020-11-03T23:00:00.000Z",
"ID": "CVE-2020-24431",
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC for macOS Dynamic Library Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2017.011.30175"
},
{
"version_affected": "\u003c=",
"version_value": "2020.012.20048"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30005"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) for macOS are affected by a security feature bypass that could result in dynamic library code injection by the Adobe Reader process. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 4.4,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authorization (CWE-285)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2020-24431",
"datePublished": "2020-11-05T19:31:34.380266Z",
"dateReserved": "2020-08-19T00:00:00",
"dateUpdated": "2024-09-16T17:43:53.414Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-28552
Vulnerability from cvelistv5
Published
2021-08-24 17:50
Modified
2024-09-16 22:56
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC XFA Template Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-29.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:47:32.812Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2021.001.20155",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30025",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30196",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-06-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2021.001.20155 (and earlier), 2020.001.30025 (and earlier) and 2017.011.30196 (and earlier) are affected by an Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-24T17:50:53",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC XFA Template Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-06-08T23:00:00.000Z",
"ID": "CVE-2021-28552",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC XFA Template Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2021.001.20155"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30025"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30196"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2021.001.20155 (and earlier), 2020.001.30025 (and earlier) and 2017.011.30196 (and earlier) are affected by an Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "None",
"attackVector": "None",
"availabilityImpact": "None",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "None",
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-28552",
"datePublished": "2021-08-24T17:50:53.515867Z",
"dateReserved": "2021-03-16T00:00:00",
"dateUpdated": "2024-09-16T22:56:29.118Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-21034
Vulnerability from cvelistv5
Published
2021-02-11 19:42
Modified
2024-09-16 23:51
Severity ?
EPSS score ?
Summary
Acrobat Reader DC Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-09.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:01:12.503Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.013.20074",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30018",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30188",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to locally elevate privileges in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-11T19:42:21",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader DC Out-Of-Bounds Read Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21034",
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC Out-Of-Bounds Read Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.013.20074"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30018"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30188"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to locally elevate privileges in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "None",
"baseScore": 4.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-21034",
"datePublished": "2021-02-11T19:42:21.745919Z",
"dateReserved": "2020-12-18T00:00:00",
"dateUpdated": "2024-09-16T23:51:33.047Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-28560
Vulnerability from cvelistv5
Published
2021-09-02 16:08
Modified
2024-09-16 19:46
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader heap corruption vulnerability could lead to arbitrary code execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-29.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:47:32.950Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.001.30020",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.001.20150",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30194",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-05-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "Heap-based Buffer Overflow (CWE-122)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-02T16:08:03",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader heap corruption vulnerability could lead to arbitrary code execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-05-11T23:00:00.000Z",
"ID": "CVE-2021-28560",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader heap corruption vulnerability could lead to arbitrary code execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.001.30020"
},
{
"version_affected": "\u003c=",
"version_value": "2021.001.20150"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30194"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow (CWE-122)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-28560",
"datePublished": "2021-09-02T16:08:03.446790Z",
"dateReserved": "2021-03-16T00:00:00",
"dateUpdated": "2024-09-16T19:46:31.360Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20730
Vulnerability from cvelistv5
Published
2024-02-15 12:18
Modified
2025-02-13 17:32
Severity ?
EPSS score ?
Summary
TALOS-2023-1906 - Adobe Acrobat Reader Font CPAL integer overflow vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:-:*:*:*:pro:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:-:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:2020:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30539",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:2020:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30539",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20730",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-11T04:00:48.956519Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T17:10:43.381Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:59:42.953Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1906"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-02-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "Integer Overflow or Wraparound (CWE-190)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-15T12:20:12.705Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1906"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "TALOS-2023-1906 - Adobe Acrobat Reader Font CPAL integer overflow vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-20730",
"datePublished": "2024-02-15T12:18:43.890Z",
"dateReserved": "2023-12-04T16:52:22.970Z",
"dateUpdated": "2025-02-13T17:32:36.410Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-27162
Vulnerability from cvelistv5
Published
2025-03-11 18:10
Modified
2025-03-12 04:01
Severity ?
EPSS score ?
Summary
Acrobat Reader | Access of Uninitialized Pointer (CWE-824)
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb25-14.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-27162",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-11T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-12T04:01:26.558Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "25.001.20428",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-03-11T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-824",
"description": "Access of Uninitialized Pointer (CWE-824)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-11T18:10:12.272Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb25-14.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader | Access of Uninitialized Pointer (CWE-824)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2025-27162",
"datePublished": "2025-03-11T18:10:12.272Z",
"dateReserved": "2025-02-19T22:28:19.016Z",
"dateUpdated": "2025-03-12T04:01:26.558Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-28643
Vulnerability from cvelistv5
Published
2021-08-20 18:10
Modified
2024-09-16 22:03
Severity ?
EPSS score ?
Summary
Adobe Acrobat Pro DC embedDocAsDataObject Type Confusion Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-51.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:47:32.991Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.004.30005",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30197",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.005.20054",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-07-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by a Type Confusion vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027) (CWE-843)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-20T18:10:04",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Pro DC embedDocAsDataObject Type Confusion Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-07-13T23:00:00.000Z",
"ID": "CVE-2021-28643",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Pro DC embedDocAsDataObject Type Confusion Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.004.30005"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30197"
},
{
"version_affected": "\u003c=",
"version_value": "2021.005.20054"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by a Type Confusion vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 3.3,
"baseSeverity": "Low",
"confidentialityImpact": "Low",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027) (CWE-843)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-28643",
"datePublished": "2021-08-20T18:10:04.363832Z",
"dateReserved": "2021-03-16T00:00:00",
"dateUpdated": "2024-09-16T22:03:04.347Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30303
Vulnerability from cvelistv5
Published
2024-05-02 21:04
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
ZDI-CAN-23044: Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-07.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:-:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30303",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-03T19:38:36.994070Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:38:29.402Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.047Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-02-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-02T21:04:47.349Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-23044: Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-30303",
"datePublished": "2024-05-02T21:04:47.349Z",
"dateReserved": "2024-03-26T16:04:09.507Z",
"dateUpdated": "2024-08-02T01:32:07.047Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-26395
Vulnerability from cvelistv5
Published
2023-04-12 00:00
Modified
2025-03-05 19:07
Severity ?
EPSS score ?
Summary
Adobe Acrobat parsing PDF Out-of-bounds Write Arbitrary code execution
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:46:24.513Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-24.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26395",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:40:05.795713Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:07:20.862Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.001.20093",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30441",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-04-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-12T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-24.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat parsing PDF Out-of-bounds Write Arbitrary code execution "
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-26395",
"datePublished": "2023-04-12T00:00:00.000Z",
"dateReserved": "2023-02-22T00:00:00.000Z",
"dateUpdated": "2025-03-05T19:07:20.862Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-45063
Vulnerability from cvelistv5
Published
2022-01-14 19:05
Modified
2024-09-16 17:43
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC JP2 File Parsing Use-After-Free Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-01.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:32:13.599Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "21.007.20099",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.004.30017",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.011.30204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-14T19:05:16",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC JP2 File Parsing Use-After-Free Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-01-11T23:00:00.000Z",
"ID": "CVE-2021-45063",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC JP2 File Parsing Use-After-Free Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "21.007.20099"
},
{
"version_affected": "\u003c=",
"version_value": "20.004.30017"
},
{
"version_affected": "\u003c=",
"version_value": "17.011.30204"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 3.3,
"baseSeverity": "Low",
"confidentialityImpact": "Low",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-45063",
"datePublished": "2022-01-14T19:05:16.567348Z",
"dateReserved": "2021-12-14T00:00:00",
"dateUpdated": "2024-09-16T17:43:30.152Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-24432
Vulnerability from cvelistv5
Published
2020-11-05 19:32
Modified
2024-09-17 01:40
Severity ?
EPSS score ?
Summary
Acrobat Reader DC Arbitrary JavaScript Execution in PDF Documents
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb20-67.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:12:08.922Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2017.011.30175",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.012.20048",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30005",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) and Adobe Acrobat Pro DC 2017.011.30175 (and earlier) are affected by an improper input validation vulnerability that could result in arbitrary JavaScript execution in the context of the current user. To exploit this issue, an attacker must acquire and then modify a certified PDF document that is trusted by the victim. The attacker then needs to convince the victim to open the document."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "Improper Input Validation (CWE-20)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-05T19:32:03",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader DC Arbitrary JavaScript Execution in PDF Documents",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2020-11-03T23:00:00.000Z",
"ID": "CVE-2020-24432",
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC Arbitrary JavaScript Execution in PDF Documents"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2017.011.30175"
},
{
"version_affected": "\u003c=",
"version_value": "2020.012.20048"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30005"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) and Adobe Acrobat Pro DC 2017.011.30175 (and earlier) are affected by an improper input validation vulnerability that could result in arbitrary JavaScript execution in the context of the current user. To exploit this issue, an attacker must acquire and then modify a certified PDF document that is trusted by the victim. The attacker then needs to convince the victim to open the document."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "High",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 6.7,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Input Validation (CWE-20)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2020-24432",
"datePublished": "2020-11-05T19:32:03.521826Z",
"dateReserved": "2020-08-19T00:00:00",
"dateUpdated": "2024-09-17T01:40:49.942Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-28561
Vulnerability from cvelistv5
Published
2021-09-02 16:09
Modified
2024-09-17 04:29
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader memory corruption vulnerability could lead to remote code execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-29.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:47:32.663Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.001.30020",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.001.20150",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30194",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-05-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-02T16:09:00",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader memory corruption vulnerability could lead to remote code execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-05-11T23:00:00.000Z",
"ID": "CVE-2021-28561",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader memory corruption vulnerability could lead to remote code execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.001.30020"
},
{
"version_affected": "\u003c=",
"version_value": "2021.001.20150"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30194"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-28561",
"datePublished": "2021-09-02T16:09:00.089695Z",
"dateReserved": "2021-03-16T00:00:00",
"dateUpdated": "2024-09-17T04:29:11.263Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-39860
Vulnerability from cvelistv5
Published
2021-09-29 15:39
Modified
2024-09-17 00:37
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Search Plugin Null Pointer Dereference
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-55.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:20:33.678Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.004.30006",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30199",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.005.20060",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Pro DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive user memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "NULL Pointer Dereference (CWE-476)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-06T15:25:58",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Search Plugin Null Pointer Dereference",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-09-14T23:00:00.000Z",
"ID": "CVE-2021-39860",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Search Plugin Null Pointer Dereference"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.004.30006"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30199"
},
{
"version_affected": "\u003c=",
"version_value": "2021.005.20060"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Pro DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive user memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NULL Pointer Dereference (CWE-476)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-39860",
"datePublished": "2021-09-29T15:39:28.654218Z",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-09-17T00:37:16.411Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-44513
Vulnerability from cvelistv5
Published
2024-12-18 23:27
Modified
2024-12-20 17:42
Severity ?
EPSS score ?
Summary
Acrobat Reader | Out-of-bounds Write (CWE-787)
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-44513",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-20T16:59:49.919320Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-20T17:42:08.331Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2022-04-12T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-18T23:27:46.591Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader | Out-of-bounds Write (CWE-787)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-44513",
"datePublished": "2024-12-18T23:27:46.591Z",
"dateReserved": "2022-10-31T16:22:11.209Z",
"dateUpdated": "2024-12-20T17:42:08.331Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-44339
Vulnerability from cvelistv5
Published
2023-11-16 09:52
Modified
2024-08-02 20:07
Severity ?
EPSS score ?
Summary
ZDI-CAN-21422: Adobe Acrobat Reader DC AcroForm value Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:07:32.078Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.006.20360",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-11-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-16T09:52:48.276Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21422: Adobe Acrobat Reader DC AcroForm value Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-44339",
"datePublished": "2023-11-16T09:52:48.276Z",
"dateReserved": "2023-09-28T16:25:40.450Z",
"dateUpdated": "2024-08-02T20:07:32.078Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-28546
Vulnerability from cvelistv5
Published
2021-04-01 13:35
Modified
2024-09-16 23:10
Severity ?
EPSS score ?
Summary
Acrobat Reader DC Missing Support for Integrity Check
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-09.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:47:32.620Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.013.20074",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30018",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30188",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are missing support for an integrity check. An unauthenticated attacker could leverage this vulnerability to modify content in a certified PDF without invalidating the certification. Exploitation of this issue requires user interaction in that a victim must open the tampered file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-353",
"description": "Missing Support for Integrity Check (CWE-353)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-04-01T13:35:46",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader DC Missing Support for Integrity Check",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-28546",
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC Missing Support for Integrity Check"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.013.20074"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30018"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30188"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are missing support for an integrity check. An unauthenticated attacker could leverage this vulnerability to modify content in a certified PDF without invalidating the certification. Exploitation of this issue requires user interaction in that a victim must open the tampered file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Missing Support for Integrity Check (CWE-353)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-28546",
"datePublished": "2021-04-01T13:35:46.332288Z",
"dateReserved": "2021-03-16T00:00:00",
"dateUpdated": "2024-09-16T23:10:26.406Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-26425
Vulnerability from cvelistv5
Published
2023-04-12 00:00
Modified
2025-03-05 19:04
Severity ?
EPSS score ?
Summary
ZDI-CAN-19854: Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Remote Code Execution Vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:46:24.646Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-24.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26425",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:39:16.324575Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:04:55.936Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.001.20093",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30441",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-04-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-12T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-24.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-19854: Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-26425",
"datePublished": "2023-04-12T00:00:00.000Z",
"dateReserved": "2023-02-22T00:00:00.000Z",
"dateUpdated": "2025-03-05T19:04:55.936Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-26421
Vulnerability from cvelistv5
Published
2023-04-12 00:00
Modified
2025-03-05 19:05
Severity ?
EPSS score ?
Summary
ZDI-CAN-19832: Adobe Acrobat Reader DC Doc Object Integer Underflow Remote Code Execution Vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:46:24.605Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-24.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26421",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:39:28.619958Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:05:29.930Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.001.20093",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30441",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-04-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an Integer Underflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-191",
"description": "Integer Underflow (Wrap or Wraparound) (CWE-191)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-12T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-24.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-19832: Adobe Acrobat Reader DC Doc Object Integer Underflow Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-26421",
"datePublished": "2023-04-12T00:00:00.000Z",
"dateReserved": "2023-02-22T00:00:00.000Z",
"dateUpdated": "2025-03-05T19:05:29.930Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-35983
Vulnerability from cvelistv5
Published
2021-08-20 18:10
Modified
2024-09-17 00:40
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-51.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:47:42.561Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.004.30005",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30197",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.005.20054",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-07-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Use-after-free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-20T18:10:05",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-07-13T23:00:00.000Z",
"ID": "CVE-2021-35983",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.004.30005"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30197"
},
{
"version_affected": "\u003c=",
"version_value": "2021.005.20054"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Use-after-free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-35983",
"datePublished": "2021-08-20T18:10:05.619326Z",
"dateReserved": "2021-06-30T00:00:00",
"dateUpdated": "2024-09-17T00:40:37.527Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-27158
Vulnerability from cvelistv5
Published
2025-03-11 18:10
Modified
2025-03-12 13:08
Severity ?
EPSS score ?
Summary
Acrobat Reader | Access of Uninitialized Pointer (CWE-824)
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb25-14.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-27158",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-11T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-12T04:01:25.096Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-03-12T13:08:23.233Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2135"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "25.001.20428",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-03-11T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-824",
"description": "Access of Uninitialized Pointer (CWE-824)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-11T18:10:15.676Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb25-14.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader | Access of Uninitialized Pointer (CWE-824)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2025-27158",
"datePublished": "2025-03-11T18:10:15.676Z",
"dateReserved": "2025-02-19T22:28:19.015Z",
"dateUpdated": "2025-03-12T13:08:23.233Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-44714
Vulnerability from cvelistv5
Published
2022-01-14 19:05
Modified
2024-09-16 16:22
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader Missing Custom Protocols in Warning Message Prompts
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-01.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:25:16.997Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "21.007.20099",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.004.30017",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.011.30204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a Violation of Secure Design Principles that could lead to a Security feature bypass. Acrobat Reader DC displays a warning message when a user clicks on a PDF file, which could be used by an attacker to mislead the user. In affected versions, this warning message does not include custom protocols when used by the sender. User interaction is required to abuse this vulnerability as they would need to click \u0027allow\u0027 on the warning message of a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-657",
"description": "Violation of Secure Design Principles (CWE-657)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-14T19:05:41",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader Missing Custom Protocols in Warning Message Prompts",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-01-11T23:00:00.000Z",
"ID": "CVE-2021-44714",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader Missing Custom Protocols in Warning Message Prompts"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "21.007.20099"
},
{
"version_affected": "\u003c=",
"version_value": "20.004.30017"
},
{
"version_affected": "\u003c=",
"version_value": "17.011.30204"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a Violation of Secure Design Principles that could lead to a Security feature bypass. Acrobat Reader DC displays a warning message when a user clicks on a PDF file, which could be used by an attacker to mislead the user. In affected versions, this warning message does not include custom protocols when used by the sender. User interaction is required to abuse this vulnerability as they would need to click \u0027allow\u0027 on the warning message of a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "High",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 2.5,
"baseSeverity": "Low",
"confidentialityImpact": "Low",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Violation of Secure Design Principles (CWE-657)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-44714",
"datePublished": "2022-01-14T19:05:41.281496Z",
"dateReserved": "2021-12-07T00:00:00",
"dateUpdated": "2024-09-16T16:22:52.449Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-28553
Vulnerability from cvelistv5
Published
2021-09-02 16:07
Modified
2024-09-16 18:14
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader use-after-free vulnerability could lead to arbitrary code execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-29.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:47:32.486Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.001.30020",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.001.20150",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30194",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-05-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by an Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-02T16:07:36",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader use-after-free vulnerability could lead to arbitrary code execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-05-11T23:00:00.000Z",
"ID": "CVE-2021-28553",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader use-after-free vulnerability could lead to arbitrary code execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.001.30020"
},
{
"version_affected": "\u003c=",
"version_value": "2021.001.20150"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30194"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by an Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-28553",
"datePublished": "2021-09-02T16:07:36.430117Z",
"dateReserved": "2021-03-16T00:00:00",
"dateUpdated": "2024-09-16T18:14:36.743Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-44361
Vulnerability from cvelistv5
Published
2023-11-16 09:52
Modified
2024-08-02 20:07
Severity ?
EPSS score ?
Summary
ZDI-CAN-22041: Adobe Acrobat Reader DC AcroForm Doc Object Use-After-Free Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:07:32.178Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.006.20360",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-11-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-16T09:52:51.115Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-22041: Adobe Acrobat Reader DC AcroForm Doc Object Use-After-Free Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-44361",
"datePublished": "2023-11-16T09:52:51.115Z",
"dateReserved": "2023-09-28T16:25:40.454Z",
"dateUpdated": "2024-08-02T20:07:32.178Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-28551
Vulnerability from cvelistv5
Published
2021-08-24 17:51
Modified
2024-09-16 20:31
Severity ?
EPSS score ?
Summary
Adobe Acrobat Pro DC JPEG2000 Editing Out-Of-Bounds Read Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-29.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:47:32.627Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2021.001.20155",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30025",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30196",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-06-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2021.001.20155 (and earlier), 2020.001.30025 (and earlier) and 2017.011.30196 (and earlier) are affected by an Out-of-bounds read vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-24T17:51:00",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Pro DC JPEG2000 Editing Out-Of-Bounds Read Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-06-08T23:00:00.000Z",
"ID": "CVE-2021-28551",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Pro DC JPEG2000 Editing Out-Of-Bounds Read Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2021.001.20155"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30025"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30196"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2021.001.20155 (and earlier), 2020.001.30025 (and earlier) and 2017.011.30196 (and earlier) are affected by an Out-of-bounds read vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "None",
"attackVector": "None",
"availabilityImpact": "None",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "None",
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-28551",
"datePublished": "2021-08-24T17:51:00.886070Z",
"dateReserved": "2021-03-16T00:00:00",
"dateUpdated": "2024-09-16T20:31:33.390Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-45060
Vulnerability from cvelistv5
Published
2022-01-14 19:05
Modified
2024-09-17 01:35
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC TTF Font Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-01.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:32:13.637Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "21.007.20099",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.004.30017",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.011.30204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-14T19:05:19",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC TTF Font Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-01-11T23:00:00.000Z",
"ID": "CVE-2021-45060",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC TTF Font Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "21.007.20099"
},
{
"version_affected": "\u003c=",
"version_value": "20.004.30017"
},
{
"version_affected": "\u003c=",
"version_value": "17.011.30204"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-45060",
"datePublished": "2022-01-14T19:05:19.381359Z",
"dateReserved": "2021-12-14T00:00:00",
"dateUpdated": "2024-09-17T01:35:38.389Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-21035
Vulnerability from cvelistv5
Published
2021-02-11 19:42
Modified
2024-09-17 04:05
Severity ?
EPSS score ?
Summary
Acrobat Reader DC Use-After-Free Vulnerability Could Lead To Arbitrary Code Execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-09.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:01:12.494Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.013.20074",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30018",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30188",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-11T19:42:21",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader DC Use-After-Free Vulnerability Could Lead To Arbitrary Code Execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21035",
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC Use-After-Free Vulnerability Could Lead To Arbitrary Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.013.20074"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30018"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30188"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-21035",
"datePublished": "2021-02-11T19:42:21.260313Z",
"dateReserved": "2020-12-18T00:00:00",
"dateUpdated": "2024-09-17T04:05:05.905Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-21088
Vulnerability from cvelistv5
Published
2023-09-06 13:08
Modified
2024-08-03 18:01
Severity ?
EPSS score ?
Summary
Adobe Acrobat Pro DC Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-09.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:01:13.235Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2017.011.30188",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2021-02-09T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-06T13:08:12.094Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Pro DC Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-21088",
"datePublished": "2023-09-06T13:08:12.094Z",
"dateReserved": "2020-12-18T22:37:17.800Z",
"dateUpdated": "2024-08-03T18:01:13.235Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20728
Vulnerability from cvelistv5
Published
2024-02-15 12:18
Modified
2024-08-01 21:59
Severity ?
EPSS score ?
Summary
ZDI-CAN-22727: Adobe Acrobat Pro DC Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-07.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:-:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20728",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-15T16:46:55.968878Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:39:53.471Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:59:42.907Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-02-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-15T12:18:38.338Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-22727: Adobe Acrobat Pro DC Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-20728",
"datePublished": "2024-02-15T12:18:38.338Z",
"dateReserved": "2023-12-04T16:52:22.970Z",
"dateUpdated": "2024-08-01T21:59:42.907Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-21586
Vulnerability from cvelistv5
Published
2024-12-18 23:32
Modified
2024-12-19 16:39
Severity ?
EPSS score ?
Summary
Acrobat Reader | NULL Pointer Dereference (CWE-476)
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-01.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-21586",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-19T16:26:26.956863Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-19T16:39:14.090Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.003.20281",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-01-10T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a NULL Pointer Dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "NONE",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "NULL Pointer Dereference (CWE-476)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-18T23:32:03.651Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader | NULL Pointer Dereference (CWE-476)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-21586",
"datePublished": "2024-12-18T23:32:03.651Z",
"dateReserved": "2022-12-01T19:16:24.905Z",
"dateUpdated": "2024-12-19T16:39:14.090Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-21058
Vulnerability from cvelistv5
Published
2021-02-11 20:07
Modified
2024-09-16 16:12
Severity ?
EPSS score ?
Summary
Acrobat Reader DC Memory Corruption Vulnerability Could Lead to Arbitrary Code Execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-09.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:01:13.646Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.013.20074",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30018",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30188",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-11T20:07:13",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader DC Memory Corruption Vulnerability Could Lead to Arbitrary Code Execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21058",
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC Memory Corruption Vulnerability Could Lead to Arbitrary Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.013.20074"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30018"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30188"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "None",
"attackVector": "None",
"availabilityImpact": "None",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "None",
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-21058",
"datePublished": "2021-02-11T20:07:13.729220Z",
"dateReserved": "2020-12-18T00:00:00",
"dateUpdated": "2024-09-16T16:12:36.550Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30301
Vulnerability from cvelistv5
Published
2024-05-02 21:04
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
ZDI-CAN-23042: Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-07.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:-:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30301",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-03T19:37:35.336836Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:39:33.319Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.061Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-02-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-02T21:04:49.870Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-23042: Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-30301",
"datePublished": "2024-05-02T21:04:49.870Z",
"dateReserved": "2024-03-26T16:04:09.506Z",
"dateUpdated": "2024-08-02T01:32:07.061Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-38233
Vulnerability from cvelistv5
Published
2023-08-10 13:17
Modified
2024-08-02 17:30
Severity ?
EPSS score ?
Summary
ZDI-CAN-21337: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-30.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:14.217Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.003.20244",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-08-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-10T13:17:41.778Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21337: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-38233",
"datePublished": "2023-08-10T13:17:41.778Z",
"dateReserved": "2023-07-13T16:21:52.615Z",
"dateUpdated": "2024-08-02T17:30:14.217Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-21086
Vulnerability from cvelistv5
Published
2021-09-02 16:00
Modified
2024-09-17 02:56
Severity ?
EPSS score ?
Summary
Adobe Reader CoolType Arbitrary Stack Manipulation
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-09.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:01:13.275Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.013.20074",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30018",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30188",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-10-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Write vulnerability in the CoolType library. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-02T16:00:33",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Reader CoolType Arbitrary Stack Manipulation",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "23:00:00.000Z",
"ID": "CVE-2021-21086",
"STATE": "PUBLIC",
"TITLE": "Adobe Reader CoolType Arbitrary Stack Manipulation"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.013.20074"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30018"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30188"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Write vulnerability in the CoolType library. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "None",
"attackVector": "None",
"availabilityImpact": "None",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "None",
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-21086",
"datePublished": "2021-09-02T16:00:33.986671Z",
"dateReserved": "2020-12-18T00:00:00",
"dateUpdated": "2024-09-17T02:56:56.886Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28246
Vulnerability from cvelistv5
Published
2022-05-11 17:41
Modified
2024-09-16 17:08
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.892Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:41:17",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28246",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28246",
"datePublished": "2022-05-11T17:41:17.257577Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-16T17:08:47.339Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-28559
Vulnerability from cvelistv5
Published
2021-09-02 16:08
Modified
2024-09-17 04:25
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader privacy violation vulnerability could lead to privilege escalation
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-29.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:47:32.629Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.001.30020",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.001.20150",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30194",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-05-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by an Information Exposure vulnerability. An unauthenticated attacker could leverage this vulnerability to get access to restricted data stored within global variables and objects."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-359",
"description": "Exposure of Private Information (\u0027Privacy Violation\u0027) (CWE-359)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-02T16:08:40",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader privacy violation vulnerability could lead to privilege escalation",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-05-11T23:00:00.000Z",
"ID": "CVE-2021-28559",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader privacy violation vulnerability could lead to privilege escalation"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.001.30020"
},
{
"version_affected": "\u003c=",
"version_value": "2021.001.20150"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30194"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by an Information Exposure vulnerability. An unauthenticated attacker could leverage this vulnerability to get access to restricted data stored within global variables and objects."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Exposure of Private Information (\u0027Privacy Violation\u0027) (CWE-359)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-28559",
"datePublished": "2021-09-02T16:08:40.051617Z",
"dateReserved": "2021-03-16T00:00:00",
"dateUpdated": "2024-09-17T04:25:08.667Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-7819
Vulnerability from cvelistv5
Published
2023-09-11 13:50
Modified
2024-08-04 21:02
Severity ?
EPSS score ?
Summary
Adobe Acrobat Pro DC PostScript File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb19-17.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:02:18.598Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb19-17.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2019.010.20098",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2019-05-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 2019.010.20098 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-11T13:50:54.091Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb19-17.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Pro DC PostScript File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability "
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2019-7819",
"datePublished": "2023-09-11T13:50:54.091Z",
"dateReserved": "2019-02-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T21:02:18.598Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-21040
Vulnerability from cvelistv5
Published
2021-02-11 19:42
Modified
2024-09-16 19:35
Severity ?
EPSS score ?
Summary
Acrobat Reader DC Use-After-Free Vulnerability Could Lead To Arbitrary Code Execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-09.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:01:13.213Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.013.20074",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30018",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30188",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-11T19:42:21",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader DC Use-After-Free Vulnerability Could Lead To Arbitrary Code Execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21040",
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC Use-After-Free Vulnerability Could Lead To Arbitrary Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.013.20074"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30018"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30188"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "None",
"attackVector": "None",
"availabilityImpact": "None",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "None",
"userInteraction": "None",
"vectorString": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-21040",
"datePublished": "2021-02-11T19:42:21.056142Z",
"dateReserved": "2020-12-18T00:00:00",
"dateUpdated": "2024-09-16T19:35:12.398Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-41831
Vulnerability from cvelistv5
Published
2024-08-14 15:07
Modified
2024-08-15 03:56
Severity ?
EPSS score ?
Summary
ZDI-CAN-24569: Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-57.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20991",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20964",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "20.005.30636",
"status": "affected",
"version": "20.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "20.005.30635",
"status": "affected",
"version": "20.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30636",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30635",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20964",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20991",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-41831",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-14T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-15T03:56:00.949Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-08-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T15:07:30.307Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-24569: Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-41831",
"datePublished": "2024-08-14T15:07:30.307Z",
"dateReserved": "2024-07-22T17:16:40.932Z",
"dateUpdated": "2024-08-15T03:56:00.949Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-40725
Vulnerability from cvelistv5
Published
2021-10-07 15:07
Modified
2024-09-16 20:36
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC AcroForm listbox Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-55.html | x_refsource_MISC | |
| https://www.zerodayinitiative.com/advisories/ZDI-21-1250/ | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:51:06.944Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1250/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.004.30006",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30199",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.005.20060",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability when processing AcroForm listbox that could result in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T11:06:13",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1250/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC AcroForm listbox Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-09-14T23:00:00.000Z",
"ID": "CVE-2021-40725",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC AcroForm listbox Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.004.30006"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30199"
},
{
"version_affected": "\u003c=",
"version_value": "2021.005.20060"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability when processing AcroForm listbox that could result in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1250/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1250/"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-40725",
"datePublished": "2021-10-07T15:07:09.037564Z",
"dateReserved": "2021-09-08T00:00:00",
"dateUpdated": "2024-09-16T20:36:17.766Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-21089
Vulnerability from cvelistv5
Published
2021-09-30 14:01
Modified
2024-09-16 19:46
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC URI Parsing Out-Of-Bounds Read
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-09.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:01:13.834Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.013.20074",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30018",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30188",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to locally escalate privileges in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-30T14:01:30",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC URI Parsing Out-Of-Bounds Read",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21089",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC URI Parsing Out-Of-Bounds Read"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.013.20074"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30018"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30188"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to locally escalate privileges in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 3.3,
"baseSeverity": "Low",
"confidentialityImpact": "Low",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-21089",
"datePublished": "2021-09-30T14:01:30.466583Z",
"dateReserved": "2020-12-18T00:00:00",
"dateUpdated": "2024-09-16T19:46:37.647Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-35672
Vulnerability from cvelistv5
Published
2022-07-27 16:20
Modified
2024-09-16 16:22
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:36:44.418Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30314",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader version 22.001.20085 (and earlier), 20.005.30314 (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-27T16:20:50",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-35672",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.30314"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader version 22.001.20085 (and earlier), 20.005.30314 (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-35672",
"datePublished": "2022-07-27T16:20:50.452019Z",
"dateReserved": "2022-07-12T00:00:00",
"dateUpdated": "2024-09-16T16:22:55.894Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-26422
Vulnerability from cvelistv5
Published
2023-04-12 00:00
Modified
2025-03-05 19:05
Severity ?
EPSS score ?
Summary
ZDI-CAN-20176: Adobe Acrobat Reader DC AcroForm deleteItemAt Use-After-Free Remote Code Execution Vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:46:24.653Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-24.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26422",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:39:25.531841Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:05:23.135Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.001.20093",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30441",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-04-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-12T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-24.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-20176: Adobe Acrobat Reader DC AcroForm deleteItemAt Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-26422",
"datePublished": "2023-04-12T00:00:00.000Z",
"dateReserved": "2023-02-22T00:00:00.000Z",
"dateUpdated": "2025-03-05T19:05:23.135Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-27159
Vulnerability from cvelistv5
Published
2025-03-11 18:10
Modified
2025-03-12 04:01
Severity ?
EPSS score ?
Summary
Acrobat Reader | Use After Free (CWE-416)
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb25-14.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-27159",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-11T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-12T04:01:12.931Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "25.001.20428",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-03-11T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-11T18:10:10.399Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb25-14.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader | Use After Free (CWE-416)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2025-27159",
"datePublished": "2025-03-11T18:10:10.399Z",
"dateReserved": "2025-02-19T22:28:19.016Z",
"dateUpdated": "2025-03-12T04:01:12.931Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-34225
Vulnerability from cvelistv5
Published
2022-07-15 15:34
Modified
2025-04-23 18:01
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC AcroForm exportValues Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-32.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:07:14.335Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-34225",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:07:29.882179Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T18:01:10.730Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20142",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30334",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30229",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-07-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-15T15:34:16.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC AcroForm exportValues Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-07-12T23:00:00.000Z",
"ID": "CVE-2022-34225",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC AcroForm exportValues Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20142"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.30334"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30229"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-34225",
"datePublished": "2022-07-15T15:34:16.777Z",
"dateReserved": "2022-06-21T00:00:00.000Z",
"dateUpdated": "2025-04-23T18:01:10.730Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-38224
Vulnerability from cvelistv5
Published
2023-08-10 13:17
Modified
2025-02-27 21:05
Severity ?
EPSS score ?
Summary
ZDI-CAN-21122: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-30.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:14.091Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38224",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T21:53:17.555852Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-27T21:05:07.080Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.003.20244",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-08-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-10T13:17:25.780Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21122: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-38224",
"datePublished": "2023-08-10T13:17:25.780Z",
"dateReserved": "2023-07-13T16:21:52.614Z",
"dateUpdated": "2025-02-27T21:05:07.080Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-39855
Vulnerability from cvelistv5
Published
2021-09-29 15:39
Modified
2024-09-16 23:00
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC NTLMv2 SSO Information Disclosure via src Parameter
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-55.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:20:33.583Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.004.30006",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30199",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.005.20060",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC ActiveX Control versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issue requires user interaction in that a victim must open a maliciously crafted Microsoft Office file, or visit an attacker controlled web page."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Information Exposure (CWE-200)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-29T15:39:15",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC NTLMv2 SSO Information Disclosure via src Parameter",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-09-14T23:00:00.000Z",
"ID": "CVE-2021-39855",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC NTLMv2 SSO Information Disclosure via src Parameter"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.004.30006"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30199"
},
{
"version_affected": "\u003c=",
"version_value": "2021.005.20060"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC ActiveX Control versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issue requires user interaction in that a victim must open a maliciously crafted Microsoft Office file, or visit an attacker controlled web page."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Exposure (CWE-200)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-39855",
"datePublished": "2021-09-29T15:39:15.710516Z",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-09-16T23:00:28.957Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20765
Vulnerability from cvelistv5
Published
2024-02-29 16:35
Modified
2024-08-01 21:59
Severity ?
EPSS score ?
Summary
ZDI-CAN-22674: Adobe Acrobat Reader DC PDF File Parsing Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-07.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:-:*:*:*:pro:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:-:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:2020:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30539",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:2020:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30539",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20765",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-16T04:00:46.714333Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T17:26:55.262Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:59:42.869Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-02-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-29T16:35:04.403Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-22674: Adobe Acrobat Reader DC PDF File Parsing Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-20765",
"datePublished": "2024-02-29T16:35:04.403Z",
"dateReserved": "2023-12-04T16:52:22.979Z",
"dateUpdated": "2024-08-01T21:59:42.869Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-21579
Vulnerability from cvelistv5
Published
2023-01-18 00:00
Modified
2025-03-05 19:34
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Font Parsing Integer Overflow Remote Code Execution Vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:44:01.939Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-21579",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:44:55.412188Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:34:07.443Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30418",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.003.20282",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.003.20281",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-01-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "Integer Overflow or Wraparound (CWE-190)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-18T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Font Parsing Integer Overflow Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-21579",
"datePublished": "2023-01-18T00:00:00.000Z",
"dateReserved": "2022-12-01T00:00:00.000Z",
"dateUpdated": "2025-03-05T19:34:07.443Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-44367
Vulnerability from cvelistv5
Published
2023-11-16 09:52
Modified
2025-01-07 18:41
Severity ?
EPSS score ?
Summary
ZDI-CAN-21929: Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:07:33.172Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-44367",
"options": [
{
"Exploitation": "None"
},
{
"Automatable": "No"
},
{
"Technical Impact": "Total"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-11-16T13:58:43.489773Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-07T18:41:47.280Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.006.20360",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-11-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-16T09:52:44.714Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21929: Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-44367",
"datePublished": "2023-11-16T09:52:44.714Z",
"dateReserved": "2023-09-28T16:25:40.454Z",
"dateUpdated": "2025-01-07T18:41:47.280Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30312
Vulnerability from cvelistv5
Published
2024-05-15 10:00
Modified
2025-02-13 17:47
Severity ?
EPSS score ?
Summary
TALOS-2024-1952 - Adobe Acrobat Reader Font CPAL numColorRecords out-of-bounds read vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:-:*:*:*:pro:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:-:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:2020:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30574",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:2020:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30574",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30312",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-15T13:10:04.322642Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:38:59.711Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:06.650Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1952"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-05-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-10T17:06:23.116Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1952"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "TALOS-2024-1952 - Adobe Acrobat Reader Font CPAL numColorRecords out-of-bounds read vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-30312",
"datePublished": "2024-05-15T10:00:14.431Z",
"dateReserved": "2024-03-26T16:04:09.510Z",
"dateUpdated": "2025-02-13T17:47:49.501Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-21057
Vulnerability from cvelistv5
Published
2021-02-11 19:42
Modified
2024-09-17 02:06
Severity ?
EPSS score ?
Summary
Acrobat Reader DC Invalid Memory Read Due To An Uninitialized Pointer
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-09.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:01:13.279Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.013.20074",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30018",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30188",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a null pointer dereference vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve denial of service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "NULL Pointer Dereference (CWE-476)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-11T19:42:20",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader DC Invalid Memory Read Due To An Uninitialized Pointer",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21057",
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC Invalid Memory Read Due To An Uninitialized Pointer"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.013.20074"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30018"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30188"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a null pointer dereference vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve denial of service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "None",
"attackVector": "None",
"availabilityImpact": "None",
"baseScore": 6.6,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "None",
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NULL Pointer Dereference (CWE-476)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-21057",
"datePublished": "2021-02-11T19:42:20.751736Z",
"dateReserved": "2020-12-18T00:00:00",
"dateUpdated": "2024-09-17T02:06:56.385Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-27787
Vulnerability from cvelistv5
Published
2022-05-11 17:12
Modified
2024-09-16 17:58
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:59.938Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:12:04",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-27787",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-27787",
"datePublished": "2022-05-11T17:12:04.905853Z",
"dateReserved": "2022-03-23T00:00:00",
"dateUpdated": "2024-09-16T17:58:41.287Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-49531
Vulnerability from cvelistv5
Published
2024-12-10 19:54
Modified
2025-01-16 17:38
Severity ?
EPSS score ?
Summary
Acrobat Reader | NULL Pointer Dereference (CWE-476)
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-92.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-49531",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-10T20:39:31.677216Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-10T21:13:07.206Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30710",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-12-10T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 24.005.20307, 24.001.30213, 24.001.30193, 20.005.30730, 20.005.30710 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "NONE",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "NULL Pointer Dereference (CWE-476)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-16T17:38:51.010Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-92.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader | NULL Pointer Dereference (CWE-476)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-49531",
"datePublished": "2024-12-10T19:54:09.849Z",
"dateReserved": "2024-10-15T15:35:47.030Z",
"dateUpdated": "2025-01-16T17:38:51.010Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-44519
Vulnerability from cvelistv5
Published
2024-12-18 23:28
Modified
2024-12-19 16:39
Severity ?
EPSS score ?
Summary
Acrobat Reader | Use After Free (CWE-416)
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-44519",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-19T16:26:32.215996Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-19T16:39:31.613Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2022-04-12T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-18T23:28:15.314Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader | Use After Free (CWE-416)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-44519",
"datePublished": "2024-12-18T23:28:15.314Z",
"dateReserved": "2022-10-31T16:22:11.210Z",
"dateUpdated": "2024-12-19T16:39:31.613Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-39852
Vulnerability from cvelistv5
Published
2021-09-29 15:38
Modified
2024-09-16 18:39
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Null Pointer Dereference Could Lead To Application Denial-of-Service
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-55.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:20:33.656Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "DC 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.0-Classic 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.0-Classic 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "NULL Pointer Dereference (CWE-476)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-06T15:25:43",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Null Pointer Dereference Could Lead To Application Denial-of-Service",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-09-14T23:00:00.000Z",
"ID": "CVE-2021-39852",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Null Pointer Dereference Could Lead To Application Denial-of-Service"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "DC 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "20.0-Classic 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "17.0-Classic 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NULL Pointer Dereference (CWE-476)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-39852",
"datePublished": "2021-09-29T15:38:48.464583Z",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-09-16T18:39:03.334Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-34101
Vulnerability from cvelistv5
Published
2024-05-15 10:00
Modified
2024-08-02 02:42
Severity ?
EPSS score ?
Summary
ZDI-CAN-23614: Adobe Acrobat Reader DC PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-29.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:-:*:*:*:pro:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:-:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:2020:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30574",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:2020:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30574",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34101",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-15T13:10:47.781640Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:41:13.850Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:42:59.927Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-05-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-15T10:00:18.105Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-23614: Adobe Acrobat Reader DC PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-34101",
"datePublished": "2024-05-15T10:00:18.105Z",
"dateReserved": "2024-04-30T19:50:50.900Z",
"dateUpdated": "2024-08-02T02:42:59.927Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-39859
Vulnerability from cvelistv5
Published
2023-09-06 13:08
Modified
2024-08-04 02:20
Severity ?
EPSS score ?
Summary
Use After Free Adobe Acrobat Pro DC [HB-21-0339]
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-55.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:20:33.586Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2021.005.20060",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2021-09-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-06T13:08:09.697Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Use After Free Adobe Acrobat Pro DC [HB-21-0339]"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-39859",
"datePublished": "2023-09-06T13:08:09.697Z",
"dateReserved": "2021-08-23T20:02:58.060Z",
"dateUpdated": "2024-08-04T02:20:33.586Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-24091
Vulnerability from cvelistv5
Published
2022-03-18 17:59
Modified
2024-09-16 16:13
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-01.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:59:23.609Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "21.007.20099",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.004.30017",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.011.30204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious font file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-18T17:59:08",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-01-11T23:00:00.000Z",
"ID": "CVE-2022-24091",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "21.007.20099"
},
{
"version_affected": "\u003c=",
"version_value": "20.004.30017"
},
{
"version_affected": "\u003c=",
"version_value": "17.011.30204"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious font file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-24091",
"datePublished": "2022-03-18T17:59:08.803761Z",
"dateReserved": "2022-01-27T00:00:00",
"dateUpdated": "2024-09-16T16:13:58.054Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-27797
Vulnerability from cvelistv5
Published
2022-05-11 17:20
Modified
2024-09-16 22:02
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:59.982Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:20:13",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-27797",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-27797",
"datePublished": "2022-05-11T17:20:13.978278Z",
"dateReserved": "2022-03-23T00:00:00",
"dateUpdated": "2024-09-16T22:02:10.705Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-38227
Vulnerability from cvelistv5
Published
2023-08-10 13:17
Modified
2024-08-02 17:30
Severity ?
EPSS score ?
Summary
ZDI-CAN-21241: Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-30.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:14.132Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.003.20244",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-08-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-10T13:17:40.133Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21241: Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-38227",
"datePublished": "2023-08-10T13:17:40.133Z",
"dateReserved": "2023-07-13T16:21:52.615Z",
"dateUpdated": "2024-08-02T17:30:14.132Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-44742
Vulnerability from cvelistv5
Published
2022-01-14 19:05
Modified
2024-09-16 22:09
Severity ?
EPSS score ?
Summary
Adobe Reader Out-of-bounds Read Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-01.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:32:13.078Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "21.007.20099",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.004.30017",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.011.30204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-14T19:05:31",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Reader Out-of-bounds Read Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-01-11T23:00:00.000Z",
"ID": "CVE-2021-44742",
"STATE": "PUBLIC",
"TITLE": "Adobe Reader Out-of-bounds Read Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "21.007.20099"
},
{
"version_affected": "\u003c=",
"version_value": "20.004.30017"
},
{
"version_affected": "\u003c=",
"version_value": "17.011.30204"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 3.3,
"baseSeverity": "Low",
"confidentialityImpact": "Low",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-44742",
"datePublished": "2022-01-14T19:05:31.971317Z",
"dateReserved": "2021-12-08T00:00:00",
"dateUpdated": "2024-09-16T22:09:43.690Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-35669
Vulnerability from cvelistv5
Published
2022-07-27 16:19
Modified
2025-04-23 17:57
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-32.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:36:44.439Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-35669",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:05:39.418683Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T17:57:13.653Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20142",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30334",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30229",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 20.005.30334 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-27T16:19:06.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-35669",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20142"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.30334"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30229"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 20.005.30334 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-35669",
"datePublished": "2022-07-27T16:19:06.796Z",
"dateReserved": "2022-07-12T00:00:00.000Z",
"dateUpdated": "2025-04-23T17:57:13.653Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-44707
Vulnerability from cvelistv5
Published
2022-01-14 19:05
Modified
2024-09-16 18:29
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC OTF Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-01.html | x_refsource_MISC | |
| https://www.zerodayinitiative.com/advisories/ZDI-22-539/ | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:25:17.098Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-539/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "21.007.20099",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.004.30017",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.011.30204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-25T10:06:22",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-539/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC OTF Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-01-11T23:00:00.000Z",
"ID": "CVE-2021-44707",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC OTF Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "21.007.20099"
},
{
"version_affected": "\u003c=",
"version_value": "20.004.30017"
},
{
"version_affected": "\u003c=",
"version_value": "17.011.30204"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-539/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-539/"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-44707",
"datePublished": "2022-01-14T19:05:17.983580Z",
"dateReserved": "2021-12-07T00:00:00",
"dateUpdated": "2024-09-16T18:29:40.864Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-38228
Vulnerability from cvelistv5
Published
2023-08-10 13:17
Modified
2024-08-02 17:30
Severity ?
EPSS score ?
Summary
ZDI-CAN-21317: Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-30.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:14.190Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.003.20244",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-08-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-10T13:17:46.431Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21317: Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-38228",
"datePublished": "2023-08-10T13:17:46.431Z",
"dateReserved": "2023-07-13T16:21:52.615Z",
"dateUpdated": "2024-08-02T17:30:14.190Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-34094
Vulnerability from cvelistv5
Published
2024-05-15 10:00
Modified
2024-08-02 02:42
Severity ?
EPSS score ?
Summary
ZDI-CAN-23474: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-29.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:-:*:*:*:pro:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:-:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:2020:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30574",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:2020:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30574",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34094",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-15T13:04:20.234501Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:41:53.305Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:42:59.892Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-05-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-15T10:00:07.983Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-23474: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-34094",
"datePublished": "2024-05-15T10:00:07.983Z",
"dateReserved": "2024-04-30T19:50:50.898Z",
"dateUpdated": "2024-08-02T02:42:59.892Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28255
Vulnerability from cvelistv5
Published
2022-05-11 17:48
Modified
2024-09-16 17:03
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.887Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:48:36",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28255",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28255",
"datePublished": "2022-05-11T17:48:36.261104Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-16T17:03:44.288Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-27793
Vulnerability from cvelistv5
Published
2022-05-11 17:17
Modified
2024-09-16 23:41
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:33:00.489Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:17:03",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-27793",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-27793",
"datePublished": "2022-05-11T17:17:03.882917Z",
"dateReserved": "2022-03-23T00:00:00",
"dateUpdated": "2024-09-16T23:41:51.590Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30302
Vulnerability from cvelistv5
Published
2024-05-02 21:04
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
ZDI-CAN-23077: Adobe Acrobat Reader DC AcroForm Use-After-Free Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-07.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30302",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-03T15:33:11.014518Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:38:31.023Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.164Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-02-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-02T21:04:51.668Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-23077: Adobe Acrobat Reader DC AcroForm Use-After-Free Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-30302",
"datePublished": "2024-05-02T21:04:51.668Z",
"dateReserved": "2024-03-26T16:04:09.506Z",
"dateUpdated": "2024-08-02T01:32:07.164Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-39841
Vulnerability from cvelistv5
Published
2021-09-29 15:37
Modified
2024-09-16 19:57
Severity ?
EPSS score ?
Summary
Adobe Acrobat Pro DC DocMedia Type Confusion Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-55.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:20:33.354Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "DC 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.0-Classic 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.0-Classic 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Type Confusion vulnerability. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027) (CWE-843)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-29T15:37:59",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Pro DC DocMedia Type Confusion Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-09-14T23:00:00.000Z",
"ID": "CVE-2021-39841",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Pro DC DocMedia Type Confusion Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "DC 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "20.0-Classic 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "17.0-Classic 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Type Confusion vulnerability. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027) (CWE-843)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-39841",
"datePublished": "2021-09-29T15:37:59.212865Z",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-09-16T19:57:31.095Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-44706
Vulnerability from cvelistv5
Published
2022-01-14 19:05
Modified
2024-09-16 16:28
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader Collab.registerReview Use-After-Free Remote Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-01.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:25:17.099Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "21.007.20099",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.004.30017",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.011.30204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-14T19:05:20",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader Collab.registerReview Use-After-Free Remote Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-01-11T23:00:00.000Z",
"ID": "CVE-2021-44706",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader Collab.registerReview Use-After-Free Remote Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "21.007.20099"
},
{
"version_affected": "\u003c=",
"version_value": "20.004.30017"
},
{
"version_affected": "\u003c=",
"version_value": "17.011.30204"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-44706",
"datePublished": "2022-01-14T19:05:20.970604Z",
"dateReserved": "2021-12-07T00:00:00",
"dateUpdated": "2024-09-16T16:28:46.010Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-39844
Vulnerability from cvelistv5
Published
2021-09-29 15:38
Modified
2024-09-16 20:27
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader CalRGB Out-of-Bounds Read Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-55.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:20:33.322Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "DC 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.0-Classic 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.0-Classic 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-29T15:38:16",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader CalRGB Out-of-Bounds Read Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-09-14T23:00:00.000Z",
"ID": "CVE-2021-39844",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader CalRGB Out-of-Bounds Read Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "DC 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "20.0-Classic 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "17.0-Classic 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 3.3,
"baseSeverity": "Low",
"confidentialityImpact": "Low",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-39844",
"datePublished": "2021-09-29T15:38:16.957788Z",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-09-16T20:27:35.616Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-41830
Vulnerability from cvelistv5
Published
2024-08-14 15:07
Modified
2024-08-15 03:55
Severity ?
EPSS score ?
Summary
Talos Security Advisory for Adobe (TALOS-2024-2009)
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-57.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20991",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20964",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "20.005.30636",
"status": "affected",
"version": "20.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "20.005.30635",
"status": "affected",
"version": "20.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30636",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30635",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20964",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20991",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-41830",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-14T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-15T03:55:59.354Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-14T16:03:25.773Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2009"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-08-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T15:07:25.451Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Talos Security Advisory for Adobe (TALOS-2024-2009)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-41830",
"datePublished": "2024-08-14T15:07:25.451Z",
"dateReserved": "2024-07-22T17:16:40.931Z",
"dateUpdated": "2024-08-15T03:55:59.354Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-38240
Vulnerability from cvelistv5
Published
2023-08-10 13:17
Modified
2025-02-27 21:04
Severity ?
EPSS score ?
Summary
ZDI-CAN-21245: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-30.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:14.339Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38240",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T21:50:28.912570Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-27T21:04:38.826Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.003.20244",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-08-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-10T13:17:28.966Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21245: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-38240",
"datePublished": "2023-08-10T13:17:28.966Z",
"dateReserved": "2023-07-13T16:21:52.616Z",
"dateUpdated": "2025-02-27T21:04:38.826Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-26418
Vulnerability from cvelistv5
Published
2023-04-12 00:00
Modified
2025-03-05 19:05
Severity ?
EPSS score ?
Summary
ZDI-CAN-20311: Adobe Acrobat Reader DC AcroForm exportAsFDFStr Use-After-Free Remote Code Execution Vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:46:24.550Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-24.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26418",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:39:37.312232Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:05:51.254Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.001.20093",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30441",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-04-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-12T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-24.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-20311: Adobe Acrobat Reader DC AcroForm exportAsFDFStr Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-26418",
"datePublished": "2023-04-12T00:00:00.000Z",
"dateReserved": "2023-02-22T00:00:00.000Z",
"dateUpdated": "2025-03-05T19:05:51.254Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-24433
Vulnerability from cvelistv5
Published
2020-11-05 19:32
Modified
2024-09-16 21:57
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Local Privilege Escalation via Installer Component
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb20-67.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:12:08.682Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2017.011.30175",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.012.20048",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30005",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a local privilege escalation vulnerability that could enable a user without administrator privileges to delete arbitrary files and potentially execute arbitrary code as SYSTEM. Exploitation of this issue requires an attacker to socially engineer a victim, or the attacker must already have some access to the environment."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control (CWE-284)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-05T19:32:40",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Local Privilege Escalation via Installer Component",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2020-11-03T23:00:00.000Z",
"ID": "CVE-2020-24433",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Local Privilege Escalation via Installer Component"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2017.011.30175"
},
{
"version_affected": "\u003c=",
"version_value": "2020.012.20048"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30005"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a local privilege escalation vulnerability that could enable a user without administrator privileges to delete arbitrary files and potentially execute arbitrary code as SYSTEM. Exploitation of this issue requires an attacker to socially engineer a victim, or the attacker must already have some access to the environment."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Control (CWE-284)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2020-24433",
"datePublished": "2020-11-05T19:32:40.769026Z",
"dateReserved": "2020-08-19T00:00:00",
"dateUpdated": "2024-09-16T21:57:31.905Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-44704
Vulnerability from cvelistv5
Published
2022-01-14 19:05
Modified
2024-09-17 02:16
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader Use-After-Free could lead to Arbitrary code execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-01.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:25:17.044Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "21.007.20099",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.004.30017",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.011.30204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-14T19:05:30",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader Use-After-Free could lead to Arbitrary code execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-01-11T23:00:00.000Z",
"ID": "CVE-2021-44704",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader Use-After-Free could lead to Arbitrary code execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "21.007.20099"
},
{
"version_affected": "\u003c=",
"version_value": "20.004.30017"
},
{
"version_affected": "\u003c=",
"version_value": "17.011.30204"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-44704",
"datePublished": "2022-01-14T19:05:30.471632Z",
"dateReserved": "2021-12-07T00:00:00",
"dateUpdated": "2024-09-17T02:16:53.775Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28263
Vulnerability from cvelistv5
Published
2022-05-11 17:54
Modified
2024-09-16 17:48
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.905Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:54:54",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28263",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28263",
"datePublished": "2022-05-11T17:54:54.942059Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-16T17:48:17.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-39845
Vulnerability from cvelistv5
Published
2021-09-29 15:38
Modified
2024-09-17 04:19
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader Page Tree Node Recursive Stack Overflow
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-55.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:20:33.673Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.004.30006",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30199",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.005.20060",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a stack overflow vulnerability due to insecure handling of a crafted PDF file, potentially resulting in memory corruption in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted PDF file in Acrobat Reader."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow (CWE-121)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-28T21:51:35",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader Page Tree Node Recursive Stack Overflow",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-09-14T23:00:00.000Z",
"ID": "CVE-2021-39845",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader Page Tree Node Recursive Stack Overflow"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.004.30006"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30199"
},
{
"version_affected": "\u003c=",
"version_value": "2021.005.20060"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a stack overflow vulnerability due to insecure handling of a crafted PDF file, potentially resulting in memory corruption in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted PDF file in Acrobat Reader."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stack-based Buffer Overflow (CWE-121)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-39845",
"datePublished": "2021-09-29T15:38:22.930184Z",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-09-17T04:19:49.560Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-44359
Vulnerability from cvelistv5
Published
2023-11-16 09:52
Modified
2024-12-18 18:08
Severity ?
EPSS score ?
Summary
ZDI-CAN-21936: Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:07:32.683Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-44359",
"options": [
{
"Exploitation": "None"
},
{
"Automatable": "No"
},
{
"Technical Impact": "Total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-18T18:07:48.528358Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-18T18:08:02.950Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.006.20360",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-11-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-16T09:52:55.230Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21936: Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-44359",
"datePublished": "2023-11-16T09:52:55.230Z",
"dateReserved": "2023-09-28T16:25:40.453Z",
"dateUpdated": "2024-12-18T18:08:02.950Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-24429
Vulnerability from cvelistv5
Published
2020-11-05 19:31
Modified
2024-09-17 01:02
Severity ?
EPSS score ?
Summary
Acrobat Reader DC for macOS Signature Verification Bypass Could Lead to Privilege Escalation
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb20-67.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:12:08.806Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2017.011.30175",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.012.20048",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30005",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) for macOS are affected by a signature verification bypass that could result in local privilege escalation. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "Improper Verification of Cryptographic Signature (CWE-347)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-05T19:31:44",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader DC for macOS Signature Verification Bypass Could Lead to Privilege Escalation",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2020-11-03T23:00:00.000Z",
"ID": "CVE-2020-24429",
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC for macOS Signature Verification Bypass Could Lead to Privilege Escalation"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2017.011.30175"
},
{
"version_affected": "\u003c=",
"version_value": "2020.012.20048"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30005"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) for macOS are affected by a signature verification bypass that could result in local privilege escalation. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "High",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.7,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Changed",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Verification of Cryptographic Signature (CWE-347)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2020-24429",
"datePublished": "2020-11-05T19:31:44.277278Z",
"dateReserved": "2020-08-19T00:00:00",
"dateUpdated": "2024-09-17T01:02:02.155Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-21608
Vulnerability from cvelistv5
Published
2023-01-18 00:00
Modified
2025-02-04 16:13
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC resetForm Use-After-Free Remote Code Execution Vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:44:01.532Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-21608",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T16:09:17.035410Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-10-10",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2023-21608"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T16:13:51.013Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30418",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.003.20282",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.003.20281",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-01-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-18T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC resetForm Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-21608",
"datePublished": "2023-01-18T00:00:00.000Z",
"dateReserved": "2022-12-01T00:00:00.000Z",
"dateUpdated": "2025-02-04T16:13:51.013Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-44360
Vulnerability from cvelistv5
Published
2023-11-16 09:52
Modified
2024-08-02 20:07
Severity ?
EPSS score ?
Summary
ZDI-CAN-21882: Adobe Acrobat Reader DC PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:07:32.174Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.006.20360",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-11-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T15:57:49.738Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21882: Adobe Acrobat Reader DC PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-44360",
"datePublished": "2023-11-16T09:52:56.492Z",
"dateReserved": "2023-09-28T16:25:40.454Z",
"dateUpdated": "2024-08-02T20:07:32.174Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-35987
Vulnerability from cvelistv5
Published
2021-08-20 18:10
Modified
2024-09-17 00:15
Severity ?
EPSS score ?
Summary
Adobe Acrobat Pro DC PDFLibTool Out-of-Bound Read
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-51.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:47:43.436Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.004.30005",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30197",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.005.20054",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-07-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-20T18:10:09",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Pro DC PDFLibTool Out-of-Bound Read",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-07-13T23:00:00.000Z",
"ID": "CVE-2021-35987",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Pro DC PDFLibTool Out-of-Bound Read"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.004.30005"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30197"
},
{
"version_affected": "\u003c=",
"version_value": "2021.005.20054"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 3.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-35987",
"datePublished": "2021-08-20T18:10:09.217537Z",
"dateReserved": "2021-06-30T00:00:00",
"dateUpdated": "2024-09-17T00:15:46.022Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30284
Vulnerability from cvelistv5
Published
2024-05-15 10:00
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
ZDI-CAN-23466: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-29.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:-:*:*:*:pro:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:-:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:2020:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30574",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:2020:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30574",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30284",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-15T13:02:29.215010Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:38:35.684Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:06.683Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-05-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-15T10:00:16.717Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-23466: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-30284",
"datePublished": "2024-05-15T10:00:16.717Z",
"dateReserved": "2024-03-26T16:04:09.504Z",
"dateUpdated": "2024-08-02T01:32:06.683Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-41834
Vulnerability from cvelistv5
Published
2024-08-14 15:07
Modified
2024-08-14 15:56
Severity ?
EPSS score ?
Summary
ZDI-CAN-24311: Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-57.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20991",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20964",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "20.005.30636",
"status": "affected",
"version": "20.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "20.005.30635",
"status": "affected",
"version": "20.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30636",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30635",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20964",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20991",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-41834",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-14T15:52:50.061967Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T15:56:20.215Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-08-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T15:07:27.957Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-24311: Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-41834",
"datePublished": "2024-08-14T15:07:27.957Z",
"dateReserved": "2024-07-22T17:16:40.933Z",
"dateUpdated": "2024-08-14T15:56:20.215Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-28564
Vulnerability from cvelistv5
Published
2021-09-02 16:09
Modified
2024-09-16 19:55
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader out-of-bounds write vulnerability could lead to arbitrary code execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-29.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:47:32.970Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.001.30020",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.001.20150",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30194",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-05-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by an Out-of-bounds Write vulnerability within the ImageTool component. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-02T16:09:14",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader out-of-bounds write vulnerability could lead to arbitrary code execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-05-11T23:00:00.000Z",
"ID": "CVE-2021-28564",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader out-of-bounds write vulnerability could lead to arbitrary code execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.001.30020"
},
{
"version_affected": "\u003c=",
"version_value": "2021.001.20150"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30194"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by an Out-of-bounds Write vulnerability within the ImageTool component. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-28564",
"datePublished": "2021-09-02T16:09:14.082134Z",
"dateReserved": "2021-03-16T00:00:00",
"dateUpdated": "2024-09-16T19:55:43.561Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-39842
Vulnerability from cvelistv5
Published
2021-09-29 15:38
Modified
2024-09-17 01:10
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC messageHandler.OnMessage Use-After-Free Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-55.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:20:33.594Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "DC 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.0-Classic 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.0-Classic 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-29T15:38:04",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC messageHandler.OnMessage Use-After-Free Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-09-14T23:00:00.000Z",
"ID": "CVE-2021-39842",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC messageHandler.OnMessage Use-After-Free Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "DC 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "20.0-Classic 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "17.0-Classic 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-39842",
"datePublished": "2021-09-29T15:38:04.665765Z",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-09-17T01:10:29.759Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-38237
Vulnerability from cvelistv5
Published
2023-08-10 13:17
Modified
2025-02-27 21:04
Severity ?
EPSS score ?
Summary
ZDI-CAN-21244: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-30.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:14.272Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38237",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T21:50:26.474378Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-27T21:04:28.444Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.003.20244",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-08-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-10T13:17:30.548Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21244: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-38237",
"datePublished": "2023-08-10T13:17:30.548Z",
"dateReserved": "2023-07-13T16:21:52.616Z",
"dateUpdated": "2025-02-27T21:04:28.444Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-28642
Vulnerability from cvelistv5
Published
2021-08-20 18:10
Modified
2024-09-17 04:04
Severity ?
EPSS score ?
Summary
Adobe Acrobat Pro DC Out-of-Bounds Write Arbitrary Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-51.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:47:32.977Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.004.30005",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30197",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.005.20054",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-07-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Out-of-bounds write vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-20T18:10:02",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Pro DC Out-of-Bounds Write Arbitrary Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-07-13T23:00:00.000Z",
"ID": "CVE-2021-28642",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Pro DC Out-of-Bounds Write Arbitrary Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.004.30005"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30197"
},
{
"version_affected": "\u003c=",
"version_value": "2021.005.20054"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Out-of-bounds write vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-28642",
"datePublished": "2021-08-20T18:10:02.513316Z",
"dateReserved": "2021-03-16T00:00:00",
"dateUpdated": "2024-09-17T04:04:27.503Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-34232
Vulnerability from cvelistv5
Published
2022-07-15 15:35
Modified
2025-04-23 18:00
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation print Use-After-Free Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-32.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:07:14.409Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-34232",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:06:08.209736Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T18:00:42.867Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20142",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30334",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30229",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-07-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-15T15:35:18.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation print Use-After-Free Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-07-12T23:00:00.000Z",
"ID": "CVE-2022-34232",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation print Use-After-Free Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20142"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.30334"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30229"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-34232",
"datePublished": "2022-07-15T15:35:18.584Z",
"dateReserved": "2022-06-21T00:00:00.000Z",
"dateUpdated": "2025-04-23T18:00:42.867Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-44709
Vulnerability from cvelistv5
Published
2022-01-14 19:05
Modified
2024-09-16 20:47
Severity ?
EPSS score ?
Summary
Adobe Acrobat Pro DC Heap Overflow Vulnerability could lead to Arbitrary code execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-01.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:25:17.109Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "21.007.20099",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.004.30017",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.011.30204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a heap overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "Heap-based Buffer Overflow (CWE-122)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-14T19:05:10",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Pro DC Heap Overflow Vulnerability could lead to Arbitrary code execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-01-11T23:00:00.000Z",
"ID": "CVE-2021-44709",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Pro DC Heap Overflow Vulnerability could lead to Arbitrary code execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "21.007.20099"
},
{
"version_affected": "\u003c=",
"version_value": "20.004.30017"
},
{
"version_affected": "\u003c=",
"version_value": "17.011.30204"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a heap overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow (CWE-122)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-44709",
"datePublished": "2022-01-14T19:05:10.672675Z",
"dateReserved": "2021-12-07T00:00:00",
"dateUpdated": "2024-09-16T20:47:24.514Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-27794
Vulnerability from cvelistv5
Published
2022-05-11 17:17
Modified
2024-09-17 03:49
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:59.819Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by the use of a variable that has not been initialized when processing of embedded fonts, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .pdf file"
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-824",
"description": "Access of Uninitialized Pointer (CWE-824)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:17:56",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-27794",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by the use of a variable that has not been initialized when processing of embedded fonts, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .pdf file"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Access of Uninitialized Pointer (CWE-824)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-27794",
"datePublished": "2022-05-11T17:17:56.608205Z",
"dateReserved": "2022-03-23T00:00:00",
"dateUpdated": "2024-09-17T03:49:06.272Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-44366
Vulnerability from cvelistv5
Published
2023-11-16 09:52
Modified
2024-12-18 18:09
Severity ?
EPSS score ?
Summary
ZDI-CAN-21928: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:07:32.892Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-44366",
"options": [
{
"Exploitation": "None"
},
{
"Automatable": "No"
},
{
"Technical Impact": "Total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-18T18:08:45.831030Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-18T18:09:05.579Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.006.20360",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-11-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-16T09:52:54.439Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21928: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-44366",
"datePublished": "2023-11-16T09:52:54.439Z",
"dateReserved": "2023-09-28T16:25:40.454Z",
"dateUpdated": "2024-12-18T18:09:05.579Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-27801
Vulnerability from cvelistv5
Published
2022-05-11 17:23
Modified
2024-09-17 03:07
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:59.969Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:23:46",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-27801",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-27801",
"datePublished": "2022-05-11T17:23:46.982154Z",
"dateReserved": "2022-03-23T00:00:00",
"dateUpdated": "2024-09-17T03:07:48.360Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-44705
Vulnerability from cvelistv5
Published
2022-01-14 19:05
Modified
2024-09-16 20:42
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader Use-After-Free could lead to Arbitrary code execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-01.html | x_refsource_MISC | |
| https://www.zerodayinitiative.com/advisories/ZDI-22-540/ | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:25:16.996Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-540/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "21.007.20099",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.004.30017",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.011.30204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-25T10:06:20",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-540/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader Use-After-Free could lead to Arbitrary code execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-01-11T23:00:00.000Z",
"ID": "CVE-2021-44705",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader Use-After-Free could lead to Arbitrary code execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "21.007.20099"
},
{
"version_affected": "\u003c=",
"version_value": "20.004.30017"
},
{
"version_affected": "\u003c=",
"version_value": "17.011.30204"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-540/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-540/"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-44705",
"datePublished": "2022-01-14T19:05:38.582320Z",
"dateReserved": "2021-12-07T00:00:00",
"dateUpdated": "2024-09-16T20:42:54.397Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-42342
Vulnerability from cvelistv5
Published
2022-10-14 19:45
Modified
2025-04-23 16:47
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:03:45.924Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-46.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-42342",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:03:23.554342Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T16:47:54.081Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30381",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.002.20212",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.002.20212 (and earlier) and 20.005.30381 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-14T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-46.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-42342",
"datePublished": "2022-10-14T19:45:28.878Z",
"dateReserved": "2022-10-03T00:00:00.000Z",
"dateUpdated": "2025-04-23T16:47:54.081Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-38241
Vulnerability from cvelistv5
Published
2023-08-10 13:17
Modified
2025-02-27 21:04
Severity ?
EPSS score ?
Summary
ZDI-CAN-21246: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-30.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:14.188Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38241",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T21:50:33.348785Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-27T21:04:59.719Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.003.20244",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-08-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-10T13:17:26.555Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21246: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-38241",
"datePublished": "2023-08-10T13:17:26.555Z",
"dateReserved": "2023-07-13T16:21:52.616Z",
"dateUpdated": "2025-02-27T21:04:59.719Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-24441
Vulnerability from cvelistv5
Published
2020-11-12 14:34
Modified
2024-09-16 20:37
Severity ?
EPSS score ?
Summary
Improper Access Control in Adobe Acrobat Reader for Android
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/reader-mobile/apsb20-71.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:12:08.985Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/reader-mobile/apsb20-71.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "20.6.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-11-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader for Android version 20.6.2 (and earlier) does not properly restrict access to directories created by the application. This could result in disclosure of sensitive information stored in databases used by the application. Exploitation requires a victim to download and run a malicious application."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control (CWE-284)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-12T14:34:59",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/reader-mobile/apsb20-71.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Improper Access Control in Adobe Acrobat Reader for Android",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2020-11-10T23:00:00.000Z",
"ID": "CVE-2020-24441",
"STATE": "PUBLIC",
"TITLE": "Improper Access Control in Adobe Acrobat Reader for Android"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "20.6.2"
},
{
"version_affected": "\u003c=",
"version_value": "None"
},
{
"version_affected": "\u003c=",
"version_value": "None"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader for Android version 20.6.2 (and earlier) does not properly restrict access to directories created by the application. This could result in disclosure of sensitive information stored in databases used by the application. Exploitation requires a victim to download and run a malicious application."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Control (CWE-284)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/reader-mobile/apsb20-71.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/reader-mobile/apsb20-71.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2020-24441",
"datePublished": "2020-11-12T14:34:59.853436Z",
"dateReserved": "2020-08-19T00:00:00",
"dateUpdated": "2024-09-16T20:37:42.363Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20729
Vulnerability from cvelistv5
Published
2024-02-15 12:18
Modified
2025-02-13 17:32
Severity ?
EPSS score ?
Summary
TALOS-2023-1890 - Adobe Acrobat Reader Annot3D object zoom event use-after-free vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:-:*:*:*:pro:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:-:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:2020:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30539",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:2020:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30539",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20729",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-12T04:00:32.222524Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T17:10:59.691Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:59:42.944Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1890"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-02-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-15T12:20:11.708Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1890"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "TALOS-2023-1890 - Adobe Acrobat Reader Annot3D object zoom event use-after-free vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-20729",
"datePublished": "2024-02-15T12:18:35.932Z",
"dateReserved": "2023-12-04T16:52:22.970Z",
"dateUpdated": "2025-02-13T17:32:35.793Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28251
Vulnerability from cvelistv5
Published
2022-05-11 17:45
Modified
2024-09-16 19:05
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.657Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:45:04",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28251",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28251",
"datePublished": "2022-05-11T17:45:04.137738Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-16T19:05:06.136Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-21585
Vulnerability from cvelistv5
Published
2023-01-18 00:00
Modified
2025-03-05 19:33
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:44:01.398Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-21585",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:41:28.952406Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:33:53.177Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30418",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.003.20282",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.003.20281",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-01-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-18T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-21585",
"datePublished": "2023-01-18T00:00:00.000Z",
"dateReserved": "2022-12-01T00:00:00.000Z",
"dateUpdated": "2025-03-05T19:33:53.177Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-38232
Vulnerability from cvelistv5
Published
2023-08-10 13:17
Modified
2025-02-27 21:04
Severity ?
EPSS score ?
Summary
ZDI-CAN-21357: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-30.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:14.401Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38232",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T21:50:21.597697Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-27T21:04:07.011Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.003.20244",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-08-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-10T13:17:34.237Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21357: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-38232",
"datePublished": "2023-08-10T13:17:34.237Z",
"dateReserved": "2023-07-13T16:21:52.615Z",
"dateUpdated": "2025-02-27T21:04:07.011Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28259
Vulnerability from cvelistv5
Published
2022-05-11 17:51
Modified
2024-09-16 23:51
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.893Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:51:55",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28259",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28259",
"datePublished": "2022-05-11T17:51:55.393116Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-16T23:51:51.241Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-34227
Vulnerability from cvelistv5
Published
2023-09-11 13:22
Modified
2024-08-03 09:07
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC AcroForm value Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-32.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:07:14.309Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "17.012.30229",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2022-07-12T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-11T13:22:04.204Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC AcroForm value Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-34227",
"datePublished": "2023-09-11T13:22:04.204Z",
"dateReserved": "2022-06-21T20:02:26.508Z",
"dateUpdated": "2024-08-03T09:07:14.309Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-21061
Vulnerability from cvelistv5
Published
2021-02-11 19:42
Modified
2024-09-16 23:56
Severity ?
EPSS score ?
Summary
Acrobat Pro DC Use-After-Free Vulnerability Could Lead to Information Disclosure
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-09.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:01:13.343Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.013.20074",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30018",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30188",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Pro DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use-after-free vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-11T19:42:20",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Pro DC Use-After-Free Vulnerability Could Lead to Information Disclosure",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21061",
"STATE": "PUBLIC",
"TITLE": "Acrobat Pro DC Use-After-Free Vulnerability Could Lead to Information Disclosure"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.013.20074"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30018"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30188"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Pro DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use-after-free vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "None",
"attackVector": "None",
"availabilityImpact": "None",
"baseScore": 3.3,
"baseSeverity": "Low",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "None",
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-21061",
"datePublished": "2021-02-11T19:42:20.443828Z",
"dateReserved": "2020-12-18T00:00:00",
"dateUpdated": "2024-09-16T23:56:33.798Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28235
Vulnerability from cvelistv5
Published
2022-05-11 17:31
Modified
2024-09-16 17:22
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.705Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:31:21",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28235",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28235",
"datePublished": "2022-05-11T17:31:21.670736Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-16T17:22:36.607Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-21037
Vulnerability from cvelistv5
Published
2021-02-11 19:42
Modified
2024-09-16 18:48
Severity ?
EPSS score ?
Summary
Acrobat Reader DC Path Traversal Vulnerability Could Lead To Arbitrary Code Execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-09.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:01:12.547Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.013.20074",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30018",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30188",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Path Traversal vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) (CWE-22)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-11T19:42:20",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader DC Path Traversal Vulnerability Could Lead To Arbitrary Code Execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21037",
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC Path Traversal Vulnerability Could Lead To Arbitrary Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.013.20074"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30018"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30188"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Path Traversal vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "None",
"attackVector": "None",
"availabilityImpact": "None",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "None",
"userInteraction": "None",
"vectorString": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) (CWE-22)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-21037",
"datePublished": "2021-02-11T19:42:20.864858Z",
"dateReserved": "2020-12-18T00:00:00",
"dateUpdated": "2024-09-16T18:48:46.853Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-35678
Vulnerability from cvelistv5
Published
2022-08-11 14:44
Modified
2025-04-23 17:52
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-39.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:36:44.482Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-39.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-35678",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:05:30.325807Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T17:52:16.594Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20169",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30362",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30249",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-08-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.001.20169 (and earlier), 20.005.30362 (and earlier) and 17.012.30249 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-11T14:44:26.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-39.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-08-09T23:00:00.000Z",
"ID": "CVE-2022-35678",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20169"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.30362"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30249"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 22.001.20169 (and earlier), 20.005.30362 (and earlier) and 17.012.30249 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-39.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-39.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-35678",
"datePublished": "2022-08-11T14:44:26.633Z",
"dateReserved": "2022-07-12T00:00:00.000Z",
"dateUpdated": "2025-04-23T17:52:16.594Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-44703
Vulnerability from cvelistv5
Published
2022-01-14 19:05
Modified
2024-09-17 00:21
Severity ?
EPSS score ?
Summary
Adobe Acrobat Pro DC Stack Overflow Vulnerability Arbitrary code execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-01.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:25:16.960Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "21.007.20099",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.004.30017",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.011.30204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a stack buffer overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow (CWE-121)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-14T19:05:37",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Pro DC Stack Overflow Vulnerability Arbitrary code execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-01-11T23:00:00.000Z",
"ID": "CVE-2021-44703",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Pro DC Stack Overflow Vulnerability Arbitrary code execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "21.007.20099"
},
{
"version_affected": "\u003c=",
"version_value": "20.004.30017"
},
{
"version_affected": "\u003c=",
"version_value": "17.011.30204"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a stack buffer overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stack-based Buffer Overflow (CWE-121)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-44703",
"datePublished": "2022-01-14T19:05:37.179765Z",
"dateReserved": "2021-12-07T00:00:00",
"dateUpdated": "2024-09-17T00:21:43.020Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-24428
Vulnerability from cvelistv5
Published
2020-11-05 19:31
Modified
2024-09-16 20:21
Severity ?
EPSS score ?
Summary
Acrobat Reader DC for macOS Race Condition Vulnerability Could Lead to Privilege Escalation
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb20-67.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:12:08.716Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2017.011.30175",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.012.20048",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30005",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) for macOS are affected by a time-of-check time-of-use (TOCTOU) race condition vulnerability that could result in local privilege escalation. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "Time-of-check Time-of-use (TOCTOU) Race Condition (CWE-367)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-05T19:31:26",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader DC for macOS Race Condition Vulnerability Could Lead to Privilege Escalation",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2020-11-03T23:00:00.000Z",
"ID": "CVE-2020-24428",
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC for macOS Race Condition Vulnerability Could Lead to Privilege Escalation"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2017.011.30175"
},
{
"version_affected": "\u003c=",
"version_value": "2020.012.20048"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30005"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) for macOS are affected by a time-of-check time-of-use (TOCTOU) race condition vulnerability that could result in local privilege escalation. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "High",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.7,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Changed",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Time-of-check Time-of-use (TOCTOU) Race Condition (CWE-367)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2020-24428",
"datePublished": "2020-11-05T19:31:26.779929Z",
"dateReserved": "2020-08-19T00:00:00",
"dateUpdated": "2024-09-16T20:21:30.729Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28247
Vulnerability from cvelistv5
Published
2022-05-11 17:42
Modified
2024-09-16 18:17
Severity ?
EPSS score ?
Summary
Adobe Acrobat Uninstaller Hard Link Leads To Remote Code Execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.637Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an uncontrolled search path vulnerability that could lead to local privilege escalation. Exploitation of this issue requires user interaction in that a victim must run the uninstaller with Admin privileges."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "Uncontrolled Search Path Element (CWE-427)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:42:04",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Uninstaller Hard Link Leads To Remote Code Execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28247",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Uninstaller Hard Link Leads To Remote Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an uncontrolled search path vulnerability that could lead to local privilege escalation. Exploitation of this issue requires user interaction in that a victim must run the uninstaller with Admin privileges."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "High",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 6.7,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Uncontrolled Search Path Element (CWE-427)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28247",
"datePublished": "2022-05-11T17:42:04.643883Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-16T18:17:53.217Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20736
Vulnerability from cvelistv5
Published
2024-02-15 12:18
Modified
2024-08-01 21:59
Severity ?
EPSS score ?
Summary
ZDI-CAN-22822: Adobe Acrobat Pro DC AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-07.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20736",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-29T18:43:28.267580Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:40:26.743Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:59:42.872Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-02-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-15T12:18:37.547Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-22822: Adobe Acrobat Pro DC AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-20736",
"datePublished": "2024-02-15T12:18:37.547Z",
"dateReserved": "2023-12-04T16:52:22.971Z",
"dateUpdated": "2024-08-01T21:59:42.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-22240
Vulnerability from cvelistv5
Published
2023-01-27 00:00
Modified
2025-03-05 19:27
Severity ?
EPSS score ?
Summary
ZDI-CAN-19517: Adobe Acrobat Reader DC AcroForm Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:07:04.879Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22240",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:44:28.512765Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:27:44.403Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30418",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.003.20282",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.003.20281",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-01-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-27T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-19517: Adobe Acrobat Reader DC AcroForm Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-22240",
"datePublished": "2023-01-27T00:00:00.000Z",
"dateReserved": "2022-12-19T00:00:00.000Z",
"dateUpdated": "2025-03-05T19:27:44.403Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28244
Vulnerability from cvelistv5
Published
2022-05-11 17:39
Modified
2024-09-17 01:41
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC CSP Bypass Leads To Privilege Escalation
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.651Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a violation of secure design principles through bypassing the content security policy, which could result in an attacker sending arbitrarily configured requests to the cross-origin attack target domain. Exploitation requires user interaction in which the victim needs to access a crafted PDF file on an attacker\u0027s server."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-657",
"description": "Violation of Secure Design Principles (CWE-657)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:39:13",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC CSP Bypass Leads To Privilege Escalation",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28244",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC CSP Bypass Leads To Privilege Escalation"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a violation of secure design principles through bypassing the content security policy, which could result in an attacker sending arbitrarily configured requests to the cross-origin attack target domain. Exploitation requires user interaction in which the victim needs to access a crafted PDF file on an attacker\u0027s server."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 6.3,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Changed",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Violation of Secure Design Principles (CWE-657)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28244",
"datePublished": "2022-05-11T17:39:13.587890Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-17T01:41:08.519Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-38239
Vulnerability from cvelistv5
Published
2023-08-10 13:17
Modified
2025-02-27 21:04
Severity ?
EPSS score ?
Summary
ZDI-CAN-21242: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-30.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:14.264Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38239",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T21:50:30.357696Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-27T21:04:45.197Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.003.20244",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-08-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-10T13:17:28.116Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21242: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-38239",
"datePublished": "2023-08-10T13:17:28.116Z",
"dateReserved": "2023-07-13T16:21:52.616Z",
"dateUpdated": "2025-02-27T21:04:45.197Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-24436
Vulnerability from cvelistv5
Published
2020-11-05 19:32
Modified
2024-09-16 23:40
Severity ?
EPSS score ?
Summary
Acrobat Pro DC PDF Export Out-Of-Bounds Write Vulnerability Could Lead to Arbitrary Code Execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb20-67.html | x_refsource_MISC | |
| https://www.zerodayinitiative.com/advisories/ZDI-20-1355/ | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:12:08.727Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1355/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2017.011.30175",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.012.20048",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30005",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Pro DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an out-of-bounds write vulnerability that could result in writing past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. This vulnerability requires user interaction to exploit in that the victim must open a malicious document."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-10T16:06:18",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1355/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Pro DC PDF Export Out-Of-Bounds Write Vulnerability Could Lead to Arbitrary Code Execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2020-11-03T23:00:00.000Z",
"ID": "CVE-2020-24436",
"STATE": "PUBLIC",
"TITLE": "Acrobat Pro DC PDF Export Out-Of-Bounds Write Vulnerability Could Lead to Arbitrary Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2017.011.30175"
},
{
"version_affected": "\u003c=",
"version_value": "2020.012.20048"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30005"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Pro DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an out-of-bounds write vulnerability that could result in writing past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. This vulnerability requires user interaction to exploit in that the victim must open a malicious document."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1355/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1355/"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2020-24436",
"datePublished": "2020-11-05T19:32:57.919064Z",
"dateReserved": "2020-08-19T00:00:00",
"dateUpdated": "2024-09-16T23:40:58.040Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-26407
Vulnerability from cvelistv5
Published
2023-04-12 00:00
Modified
2025-03-05 19:06
Severity ?
EPSS score ?
Summary
ZDI-CAN-20712: Net.HTTP.request Arbitrary Command Execution
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:46:24.655Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-24.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26407",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:39:50.339803Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:06:13.378Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.001.20093",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30441",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-04-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "Improper Input Validation (CWE-20)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-12T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-24.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-20712: Net.HTTP.request Arbitrary Command Execution"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-26407",
"datePublished": "2023-04-12T00:00:00.000Z",
"dateReserved": "2023-02-22T00:00:00.000Z",
"dateUpdated": "2025-03-05T19:06:13.378Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-24104
Vulnerability from cvelistv5
Published
2022-05-11 17:08
Modified
2024-09-17 03:59
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:59:23.724Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:08:48",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-24104",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-24104",
"datePublished": "2022-05-11T17:08:48.324244Z",
"dateReserved": "2022-01-27T00:00:00",
"dateUpdated": "2024-09-17T03:59:02.036Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-39854
Vulnerability from cvelistv5
Published
2021-09-29 15:39
Modified
2024-09-17 01:12
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Null Pointer Dereference Could Lead To Application Denial-of-Service
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-55.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:20:33.671Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "DC 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.0-Classic 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.0-Classic 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "NULL Pointer Dereference (CWE-476)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-06T15:25:29",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Null Pointer Dereference Could Lead To Application Denial-of-Service",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-09-14T23:00:00.000Z",
"ID": "CVE-2021-39854",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Null Pointer Dereference Could Lead To Application Denial-of-Service"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "DC 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "20.0-Classic 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "17.0-Classic 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NULL Pointer Dereference (CWE-476)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-39854",
"datePublished": "2021-09-29T15:39:21.116592Z",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-09-17T01:12:16.574Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-34230
Vulnerability from cvelistv5
Published
2022-07-15 15:35
Modified
2025-04-23 18:00
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader Use After Free could lead to Arbitrary code execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-32.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:07:14.324Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-34230",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:07:20.414440Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T18:00:36.013Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20142",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30334",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30229",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-07-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-15T15:35:24.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader Use After Free could lead to Arbitrary code execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-07-12T23:00:00.000Z",
"ID": "CVE-2022-34230",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader Use After Free could lead to Arbitrary code execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20142"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.30334"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30229"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-34230",
"datePublished": "2022-07-15T15:35:24.677Z",
"dateReserved": "2022-06-21T00:00:00.000Z",
"dateUpdated": "2025-04-23T18:00:36.013Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-22242
Vulnerability from cvelistv5
Published
2023-01-27 00:00
Modified
2025-03-05 19:27
Severity ?
EPSS score ?
Summary
ZDI-CAN-19515: Adobe Acrobat Reader DC AcroForm Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:07:05.470Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22242",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:44:23.224493Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:27:30.759Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30418",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.003.20282",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.003.20281",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-01-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-27T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-19515: Adobe Acrobat Reader DC AcroForm Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-22242",
"datePublished": "2023-01-27T00:00:00.000Z",
"dateReserved": "2022-12-19T00:00:00.000Z",
"dateUpdated": "2025-03-05T19:27:30.759Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-22241
Vulnerability from cvelistv5
Published
2023-01-27 00:00
Modified
2025-03-05 19:27
Severity ?
EPSS score ?
Summary
ZDI-CAN-19516: Adobe Acrobat Reader DC AcroForm Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:07:05.462Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22241",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:44:25.861297Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:27:37.408Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30418",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.003.20282",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.003.20281",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-01-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-27T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-19516: Adobe Acrobat Reader DC AcroForm Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-22241",
"datePublished": "2023-01-27T00:00:00.000Z",
"dateReserved": "2022-12-19T00:00:00.000Z",
"dateUpdated": "2025-03-05T19:27:37.408Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-27798
Vulnerability from cvelistv5
Published
2022-05-11 17:20
Modified
2024-09-16 23:20
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC zoomType Out-Of-Bounds Write Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:59.824Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:20:59",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC zoomType Out-Of-Bounds Write Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-27798",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC zoomType Out-Of-Bounds Write Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-27798",
"datePublished": "2022-05-11T17:20:59.435459Z",
"dateReserved": "2022-03-23T00:00:00",
"dateUpdated": "2024-09-16T23:20:30.600Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-28639
Vulnerability from cvelistv5
Published
2021-08-20 18:09
Modified
2024-09-16 16:32
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC setAction Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-51.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:47:32.964Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.004.30005",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30197",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.005.20054",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-07-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Use-after-free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-20T18:09:59",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC setAction Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-07-13T23:00:00.000Z",
"ID": "CVE-2021-28639",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC setAction Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.004.30005"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30197"
},
{
"version_affected": "\u003c=",
"version_value": "2021.005.20054"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Use-after-free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-28639",
"datePublished": "2021-08-20T18:09:59.619692Z",
"dateReserved": "2021-03-16T00:00:00",
"dateUpdated": "2024-09-16T16:32:30.704Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-16470
Vulnerability from cvelistv5
Published
2023-09-11 13:50
Modified
2024-08-05 01:17
Severity ?
EPSS score ?
Summary
CoolType.dll crash - Tianfu Cup
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb19-55.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:17:40.256Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb19-55.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2019.021.20056",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2019-12-10T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 2019.021.20056 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow (CWE-121)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-11T13:50:57.732Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb19-55.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "CoolType.dll crash - Tianfu Cup"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2019-16470",
"datePublished": "2023-09-11T13:50:57.732Z",
"dateReserved": "2019-09-19T00:00:00.000Z",
"dateUpdated": "2024-08-05T01:17:40.256Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-44715
Vulnerability from cvelistv5
Published
2022-01-14 19:05
Modified
2024-09-16 18:23
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Out-of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-01.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:32:12.219Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "21.007.20099",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.004.30017",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.011.30204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-14T19:05:26",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Out-of-Bounds Read Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-01-11T23:00:00.000Z",
"ID": "CVE-2021-44715",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Out-of-Bounds Read Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "21.007.20099"
},
{
"version_affected": "\u003c=",
"version_value": "20.004.30017"
},
{
"version_affected": "\u003c=",
"version_value": "17.011.30204"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 3.3,
"baseSeverity": "Low",
"confidentialityImpact": "Low",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-44715",
"datePublished": "2022-01-14T19:05:26.266847Z",
"dateReserved": "2021-12-07T00:00:00",
"dateUpdated": "2024-09-16T18:23:36.068Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-34217
Vulnerability from cvelistv5
Published
2022-07-15 15:33
Modified
2025-04-23 18:01
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-32.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T08:16:17.301Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-34217",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:07:38.725243Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T18:01:31.537Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20142",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30334",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30229",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-07-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an Out-Of-Bounds Write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-15T15:33:45.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-07-12T23:00:00.000Z",
"ID": "CVE-2022-34217",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20142"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.30334"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30229"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an Out-Of-Bounds Write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-34217",
"datePublished": "2022-07-15T15:33:45.727Z",
"dateReserved": "2022-06-21T00:00:00.000Z",
"dateUpdated": "2025-04-23T18:01:31.537Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28234
Vulnerability from cvelistv5
Published
2022-05-11 17:29
Modified
2024-09-17 02:56
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Heap Overflow Could Lead to RCE
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.947Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a heap-based buffer overflow vulnerability due to insecure handling of a crafted .pdf file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .pdf file"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "Heap-based Buffer Overflow (CWE-122)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:29:44",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Heap Overflow Could Lead to RCE",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28234",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Heap Overflow Could Lead to RCE"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a heap-based buffer overflow vulnerability due to insecure handling of a crafted .pdf file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .pdf file"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow (CWE-122)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28234",
"datePublished": "2022-05-11T17:29:44.104266Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-17T02:56:40.239Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-21060
Vulnerability from cvelistv5
Published
2021-02-11 19:42
Modified
2025-04-23 19:46
Severity ?
EPSS score ?
Summary
Acrobat Pro DC Improper File Parsing Could Lead to Information Disclosure
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-09.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:01:12.606Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-21060",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:13:53.935726Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T19:46:15.577Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.013.20074",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30018",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30188",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-02-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Pro DC versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an improper input validation vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "Improper Input Validation (CWE-20)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-11T19:42:19.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Pro DC Improper File Parsing Could Lead to Information Disclosure",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21060",
"STATE": "PUBLIC",
"TITLE": "Acrobat Pro DC Improper File Parsing Could Lead to Information Disclosure"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.013.20074"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30018"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30188"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Pro DC versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an improper input validation vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "None",
"attackVector": "None",
"availabilityImpact": "None",
"baseScore": 4.6,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "None",
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Input Validation (CWE-20)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-21060",
"datePublished": "2021-02-11T19:42:19.946Z",
"dateReserved": "2020-12-18T00:00:00.000Z",
"dateUpdated": "2025-04-23T19:46:15.577Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-35671
Vulnerability from cvelistv5
Published
2022-08-11 14:44
Modified
2025-04-23 17:52
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-39.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:36:44.409Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-39.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-35671",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:05:25.247137Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T17:52:03.451Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20169",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30362",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30249",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-08-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.001.20169 (and earlier), 20.005.30362 (and earlier) and 17.012.30249 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-11T14:44:54.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-39.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-08-09T23:00:00.000Z",
"ID": "CVE-2022-35671",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20169"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.30362"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30249"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 22.001.20169 (and earlier), 20.005.30362 (and earlier) and 17.012.30249 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-39.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-39.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-35671",
"datePublished": "2022-08-11T14:44:54.825Z",
"dateReserved": "2022-07-12T00:00:00.000Z",
"dateUpdated": "2025-04-23T17:52:03.451Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-44337
Vulnerability from cvelistv5
Published
2023-11-16 09:52
Modified
2025-01-07 18:42
Severity ?
EPSS score ?
Summary
ZDI-CAN-21509: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:07:32.178Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-44337",
"options": [
{
"Exploitation": "None"
},
{
"Automatable": "No"
},
{
"Technical Impact": "Total"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-11-22T05:00:22.378740Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-07T18:42:27.725Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.006.20360",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-11-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-16T09:52:43.530Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21509: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-44337",
"datePublished": "2023-11-16T09:52:43.530Z",
"dateReserved": "2023-09-28T16:25:40.449Z",
"dateUpdated": "2025-01-07T18:42:27.725Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-44340
Vulnerability from cvelistv5
Published
2023-11-16 09:52
Modified
2024-11-25 21:02
Severity ?
EPSS score ?
Summary
ZDI-CAN-21424: Adobe Acrobat Reader DC PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:07:32.138Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-44340",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-25T21:02:06.292023Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-25T21:02:18.132Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.006.20360",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-11-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T15:49:25.932Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21424: Adobe Acrobat Reader DC PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-44340",
"datePublished": "2023-11-16T09:52:53.197Z",
"dateReserved": "2023-09-28T16:25:40.450Z",
"dateUpdated": "2024-11-25T21:02:18.132Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28838
Vulnerability from cvelistv5
Published
2022-05-11 18:00
Modified
2024-09-16 21:07
Severity ?
EPSS score ?
Summary
Adobe Acrobat Pro DC Doc flattenPages Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:03:53.152Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Acrobat Acrobat Pro DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T18:00:37",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Pro DC Doc flattenPages Use-After-Free Remote Code Execution Vulnerability",
"x_ConverterErrors": {
"DATE_PUBLIC": {
"error": "v4 DATE_PUBLIC is invalid",
"message": "(\u0027Unknown string format:\u0027, \u0027NoneT23:00:00.000Z\u0027)"
}
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "NoneT23:00:00.000Z",
"ID": "CVE-2022-28838",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Pro DC Doc flattenPages Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Acrobat Pro DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28838",
"datePublished": "2022-05-11T18:00:37.961597Z",
"dateReserved": "2022-04-08T00:00:00",
"dateUpdated": "2024-09-16T21:07:56.576Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-28555
Vulnerability from cvelistv5
Published
2021-09-02 16:07
Modified
2024-09-17 04:14
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader out-of-bounds Read could lead to information disclosure
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-29.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:47:32.609Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.001.30020",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.001.20150",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30194",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-05-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to get access to sensitive information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-02T16:07:05",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader out-of-bounds Read could lead to information disclosure",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-05-11T23:00:00.000Z",
"ID": "CVE-2021-28555",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader out-of-bounds Read could lead to information disclosure"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.001.30020"
},
{
"version_affected": "\u003c=",
"version_value": "2021.001.20150"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30194"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to get access to sensitive information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-28555",
"datePublished": "2021-09-02T16:07:05.736993Z",
"dateReserved": "2021-03-16T00:00:00",
"dateUpdated": "2024-09-17T04:14:36.613Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-21046
Vulnerability from cvelistv5
Published
2021-02-11 19:42
Modified
2024-09-16 17:28
Severity ?
EPSS score ?
Summary
Acrobat Reader DC Buffer Overflow Vulnerability Could Lead To Arbitrary Code Execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-09.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:01:13.254Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.013.20074",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30018",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30188",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to cause an application denial-of-service. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-11T19:42:20",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader DC Buffer Overflow Vulnerability Could Lead To Arbitrary Code Execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21046",
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC Buffer Overflow Vulnerability Could Lead To Arbitrary Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.013.20074"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30018"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30188"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to cause an application denial-of-service. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "None",
"attackVector": "None",
"availabilityImpact": "None",
"baseScore": 4,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "None",
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-21046",
"datePublished": "2021-02-11T19:42:20.652298Z",
"dateReserved": "2020-12-18T00:00:00",
"dateUpdated": "2024-09-16T17:28:41.723Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-34095
Vulnerability from cvelistv5
Published
2024-05-15 10:00
Modified
2024-08-02 02:42
Severity ?
EPSS score ?
Summary
ZDI-CAN-23475: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-29.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:-:*:*:*:pro:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:-:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:2020:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThan": "20.005.30574",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:2020:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30574",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34095",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-15T13:05:18.235063Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:42:16.059Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:42:59.886Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-05-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-15T10:00:12.362Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-23475: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-34095",
"datePublished": "2024-05-15T10:00:12.362Z",
"dateReserved": "2024-04-30T19:50:50.898Z",
"dateUpdated": "2024-08-02T02:42:59.886Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-44338
Vulnerability from cvelistv5
Published
2023-11-16 09:52
Modified
2024-12-18 18:10
Severity ?
EPSS score ?
Summary
ZDI-CAN-21493: Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:07:32.146Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-44338",
"options": [
{
"Exploitation": "None"
},
{
"Automatable": "No"
},
{
"Technical Impact": "Total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-18T18:10:03.607098Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-18T18:10:20.516Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.006.20360",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-11-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-16T09:52:52.451Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21493: Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-44338",
"datePublished": "2023-11-16T09:52:52.451Z",
"dateReserved": "2023-09-28T16:25:40.449Z",
"dateUpdated": "2024-12-18T18:10:20.516Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-39863
Vulnerability from cvelistv5
Published
2021-09-29 15:40
Modified
2024-09-17 03:13
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Heap-based Buffer Overflow Vulnerability Could Lead To Arbitrary Code Execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-55.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:20:33.649Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "DC 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.0-Classic 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.0-Classic 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "Heap-based Buffer Overflow (CWE-122)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-29T15:40:54",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Heap-based Buffer Overflow Vulnerability Could Lead To Arbitrary Code Execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-09-14T23:00:00.000Z",
"ID": "CVE-2021-39863",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Heap-based Buffer Overflow Vulnerability Could Lead To Arbitrary Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "DC 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "20.0-Classic 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "17.0-Classic 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow (CWE-122)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-39863",
"datePublished": "2021-09-29T15:40:54.558647Z",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-09-17T03:13:55.776Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-44357
Vulnerability from cvelistv5
Published
2023-11-16 09:52
Modified
2024-08-02 20:07
Severity ?
EPSS score ?
Summary
ZDI-CAN-21930: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:07:32.169Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.006.20360",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-11-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T15:55:46.621Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21930: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-44357",
"datePublished": "2023-11-16T09:52:59.244Z",
"dateReserved": "2023-09-28T16:25:40.453Z",
"dateUpdated": "2024-08-02T20:07:32.169Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-45107
Vulnerability from cvelistv5
Published
2024-09-05 08:48
Modified
2024-09-05 12:59
Severity ?
EPSS score ?
Summary
ZDI-CAN-24186: Adobe Acrobat Reader DC Doc Object Use-After-Free Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-57.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-45107",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T12:58:43.223043Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T12:59:01.912Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20991",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-08-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30636, 24.002.20964, 24.001.30123, 24.002.20991 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T08:48:09.064Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-24186: Adobe Acrobat Reader DC Doc Object Use-After-Free Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-45107",
"datePublished": "2024-09-05T08:48:09.064Z",
"dateReserved": "2024-08-21T23:00:59.341Z",
"dateUpdated": "2024-09-05T12:59:01.912Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-38449
Vulnerability from cvelistv5
Published
2022-10-14 19:45
Modified
2025-04-23 16:47
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:54:03.613Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-46.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-38449",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:03:17.987566Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T16:47:31.205Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30381",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.002.20212",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.002.20212 (and earlier) and 20.005.30381 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-14T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-46.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-38449",
"datePublished": "2022-10-14T19:45:29.621Z",
"dateReserved": "2022-08-18T00:00:00.000Z",
"dateUpdated": "2025-04-23T16:47:31.205Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-38242
Vulnerability from cvelistv5
Published
2023-08-10 13:17
Modified
2025-02-27 21:04
Severity ?
EPSS score ?
Summary
ZDI-CAN-21387: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-30.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:14.209Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38242",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T21:50:27.656973Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-27T21:04:33.533Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.003.20244",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-08-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-10T13:17:29.730Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21387: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-38242",
"datePublished": "2023-08-10T13:17:29.730Z",
"dateReserved": "2023-07-13T16:21:52.616Z",
"dateUpdated": "2025-02-27T21:04:33.533Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-21041
Vulnerability from cvelistv5
Published
2021-02-11 19:42
Modified
2024-09-16 18:18
Severity ?
EPSS score ?
Summary
Acrobat Reader DC Use-After-Free Vulnerability Could Lead To Arbitrary Code Execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-09.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:01:13.244Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.013.20074",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30018",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30188",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a use-after-free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-11T19:42:21",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader DC Use-After-Free Vulnerability Could Lead To Arbitrary Code Execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21041",
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC Use-After-Free Vulnerability Could Lead To Arbitrary Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.013.20074"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30018"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30188"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a use-after-free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "None",
"attackVector": "None",
"availabilityImpact": "None",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "None",
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-21041",
"datePublished": "2021-02-11T19:42:21.545775Z",
"dateReserved": "2020-12-18T00:00:00",
"dateUpdated": "2024-09-16T18:18:49.483Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-28634
Vulnerability from cvelistv5
Published
2021-08-20 18:09
Modified
2024-09-16 17:08
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader AcrobatUtils.scpt Extension OS Command Injection Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-51.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:47:33.062Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.004.30005",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30197",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.005.20054",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-07-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Improper Neutralization of Special Elements used in an OS Command. An authenticated attacker could leverage this vulnerability to achieve arbitrary code execution on the host machine in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027) (CWE-78)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-20T18:09:55",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader AcrobatUtils.scpt Extension OS Command Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-07-13T23:00:00.000Z",
"ID": "CVE-2021-28634",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader AcrobatUtils.scpt Extension OS Command Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.004.30005"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30197"
},
{
"version_affected": "\u003c=",
"version_value": "2021.005.20054"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Improper Neutralization of Special Elements used in an OS Command. An authenticated attacker could leverage this vulnerability to achieve arbitrary code execution on the host machine in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 8.2,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Changed",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027) (CWE-78)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-28634",
"datePublished": "2021-08-20T18:09:55.972912Z",
"dateReserved": "2021-03-16T00:00:00",
"dateUpdated": "2024-09-16T17:08:17.137Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-44516
Vulnerability from cvelistv5
Published
2024-12-18 23:28
Modified
2024-12-19 16:39
Severity ?
EPSS score ?
Summary
Acrobat Reader | Out-of-bounds Read (CWE-125)
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-44516",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-19T16:26:34.633673Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-19T16:39:43.119Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2022-04-12T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-18T23:28:07.839Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader | Out-of-bounds Read (CWE-125)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-44516",
"datePublished": "2024-12-18T23:28:07.839Z",
"dateReserved": "2022-10-31T16:22:11.210Z",
"dateUpdated": "2024-12-19T16:39:43.119Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-38223
Vulnerability from cvelistv5
Published
2023-08-10 13:17
Modified
2024-08-02 17:30
Severity ?
EPSS score ?
Summary
ZDI-CAN-21063: Adobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-30.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:14.096Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.003.20244",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-08-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Access of Uninitialized Pointer that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-824",
"description": "Access of Uninitialized Pointer (CWE-824)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-10T13:17:38.719Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21063: Adobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-38223",
"datePublished": "2023-08-10T13:17:38.719Z",
"dateReserved": "2023-07-13T16:21:52.614Z",
"dateUpdated": "2024-08-02T17:30:14.096Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-34100
Vulnerability from cvelistv5
Published
2024-05-15 10:00
Modified
2024-08-02 02:42
Severity ?
EPSS score ?
Summary
Use-After-Free vulnerability in the latest Adobe Acrobat Reader DC when open malicious PDF file
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-29.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:-:*:*:*:pro:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:-:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:2020:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30574",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:2020:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30574",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34100",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-15T13:08:30.628601Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:41:00.321Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:42:59.965Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-05-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-15T10:00:18.857Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Use-After-Free vulnerability in the latest Adobe Acrobat Reader DC when open malicious PDF file"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-34100",
"datePublished": "2024-05-15T10:00:18.857Z",
"dateReserved": "2024-04-30T19:50:50.899Z",
"dateUpdated": "2024-08-02T02:42:59.965Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-40730
Vulnerability from cvelistv5
Published
2021-10-15 14:21
Modified
2025-04-23 19:25
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC JPEG2000 Parsing Use-After-Free Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-104.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:51:07.047Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-104.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-40730",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:10:23.910385Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T19:25:06.087Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "21.007.20095",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "21.007.20096",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.004.30015",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.011.30202",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-10-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 21.007.20096 (and earlier), 20.004.30015 (and earlier), and 17.011.30202 (and earlier) is affected by a use-after-free that allow a remote attacker to disclose sensitive information on affected installations of of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPG2000 images."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-15T14:21:54.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-104.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC JPEG2000 Parsing Use-After-Free Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-10-12T23:00:00.000Z",
"ID": "CVE-2021-40730",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC JPEG2000 Parsing Use-After-Free Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "21.007.20095"
},
{
"version_affected": "\u003c=",
"version_value": "21.007.20096"
},
{
"version_affected": "\u003c=",
"version_value": "20.004.30015"
},
{
"version_affected": "\u003c=",
"version_value": "17.011.30202"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 21.007.20096 (and earlier), 20.004.30015 (and earlier), and 17.011.30202 (and earlier) is affected by a use-after-free that allow a remote attacker to disclose sensitive information on affected installations of of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPG2000 images."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 3.3,
"baseSeverity": "Low",
"confidentialityImpact": "Low",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-104.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-104.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-40730",
"datePublished": "2021-10-15T14:21:55.008Z",
"dateReserved": "2021-09-08T00:00:00.000Z",
"dateUpdated": "2025-04-23T19:25:06.087Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-28631
Vulnerability from cvelistv5
Published
2021-08-24 17:51
Modified
2024-09-16 20:22
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC AcroForm Field Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-37.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:47:33.079Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-37.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2021.001.20155",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30025",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30196",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-06-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2021.001.20155 (and earlier), 2020.001.30025 (and earlier) and 2017.011.30196 (and earlier) are affected by an Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-24T17:51:09",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-37.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC AcroForm Field Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-06-08T23:00:00.000Z",
"ID": "CVE-2021-28631",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC AcroForm Field Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2021.001.20155"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30025"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30196"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2021.001.20155 (and earlier), 2020.001.30025 (and earlier) and 2017.011.30196 (and earlier) are affected by an Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "None",
"attackVector": "None",
"availabilityImpact": "None",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "None",
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-37.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-37.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-28631",
"datePublished": "2021-08-24T17:51:09.799297Z",
"dateReserved": "2021-03-16T00:00:00",
"dateUpdated": "2024-09-16T20:22:51.330Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-39420
Vulnerability from cvelistv5
Published
2024-08-14 15:07
Modified
2024-09-16 12:30
Severity ?
EPSS score ?
Summary
Acrobat Reader | Time-of-check Time-of-use (TOCTOU) Race Condition (CWE-367)
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-70.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20991",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20964",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "20.005.30636",
"status": "affected",
"version": "20.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "20.005.30635",
"status": "affected",
"version": "20.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30636",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30635",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20964",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20991",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39420",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-11T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-12T03:55:41.200Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-09-10T16:02:47.394Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "24.003.20054",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-09-10T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30636, 24.002.21005, 24.001.30159, 20.005.30655, 24.002.20965, 24.002.20964, 24.001.30123, 24.003.20054 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to arbitrary code execution. This vulnerability arises when the timing of actions changes the state of a resource between the checking of a condition and the use of the resource, allowing an attacker to manipulate the resource in a harmful way. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "HIGH",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "Time-of-check Time-of-use (TOCTOU) Race Condition (CWE-367)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-16T12:30:11.437Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-70.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader | Time-of-check Time-of-use (TOCTOU) Race Condition (CWE-367)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-39420",
"datePublished": "2024-08-14T15:07:28.784Z",
"dateReserved": "2024-06-24T20:32:06.595Z",
"dateUpdated": "2024-09-16T12:30:11.437Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-44701
Vulnerability from cvelistv5
Published
2022-01-14 19:05
Modified
2024-09-16 19:36
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-01.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:25:16.961Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "21.007.20099",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.004.30017",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.011.30204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-14T19:05:11",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-01-11T23:00:00.000Z",
"ID": "CVE-2021-44701",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "21.007.20099"
},
{
"version_affected": "\u003c=",
"version_value": "20.004.30017"
},
{
"version_affected": "\u003c=",
"version_value": "17.011.30204"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-44701",
"datePublished": "2022-01-14T19:05:12.066561Z",
"dateReserved": "2021-12-07T00:00:00",
"dateUpdated": "2024-09-16T19:36:19.910Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-44708
Vulnerability from cvelistv5
Published
2022-01-14 19:05
Modified
2024-09-16 23:15
Severity ?
EPSS score ?
Summary
Adobe Acrobat Pro DC Heap Overflow could lead to Arbitrary code execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-01.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:25:17.102Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "21.007.20099",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.004.30017",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.011.30204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a heap overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "Heap-based Buffer Overflow (CWE-122)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-14T19:05:28",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Pro DC Heap Overflow could lead to Arbitrary code execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-01-11T23:00:00.000Z",
"ID": "CVE-2021-44708",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Pro DC Heap Overflow could lead to Arbitrary code execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "21.007.20099"
},
{
"version_affected": "\u003c=",
"version_value": "20.004.30017"
},
{
"version_affected": "\u003c=",
"version_value": "17.011.30204"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a heap overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow (CWE-122)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-44708",
"datePublished": "2022-01-14T19:05:28.892408Z",
"dateReserved": "2021-12-07T00:00:00",
"dateUpdated": "2024-09-16T23:15:56.634Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-27785
Vulnerability from cvelistv5
Published
2022-05-11 17:10
Modified
2024-09-16 17:14
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:59.805Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of fonts that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:10:19",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-27785",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of fonts that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-27785",
"datePublished": "2022-05-11T17:10:19.826062Z",
"dateReserved": "2022-03-23T00:00:00",
"dateUpdated": "2024-09-16T17:14:10.031Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-21017
Vulnerability from cvelistv5
Published
2021-02-11 19:42
Modified
2025-02-04 21:35
Severity ?
EPSS score ?
Summary
Acrobat Reader DC Heap-based Buffer Overflow Vulnerability Could Lead To Arbitrary Code Execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-09.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:53:23.127Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-21017",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T21:28:57.359205Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2021-11-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2021-21017"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T21:35:15.709Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.013.20074",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30018",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30188",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-02-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a heap-based buffer overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "Heap-based Buffer Overflow (CWE-122)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-11T19:42:20.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader DC Heap-based Buffer Overflow Vulnerability Could Lead To Arbitrary Code Execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21017",
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC Heap-based Buffer Overflow Vulnerability Could Lead To Arbitrary Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.013.20074"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30018"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30188"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a heap-based buffer overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "None",
"attackVector": "None",
"availabilityImpact": "None",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "None",
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow (CWE-122)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-21017",
"datePublished": "2021-02-11T19:42:20.225Z",
"dateReserved": "2020-12-18T00:00:00.000Z",
"dateUpdated": "2025-02-04T21:35:15.709Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-49533
Vulnerability from cvelistv5
Published
2024-12-10 19:54
Modified
2024-12-11 12:04
Severity ?
EPSS score ?
Summary
Acrobat Reader | Out-of-bounds Read (CWE-125)
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-92.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-49533",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-10T20:39:32.842453Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-10T21:13:14.514Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-12-11T12:04:30.444Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2070"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30710",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-12-10T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 24.005.20307, 24.001.30213, 24.001.30193, 20.005.30730, 20.005.30710 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-10T19:54:09.047Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-92.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader | Out-of-bounds Read (CWE-125)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-49533",
"datePublished": "2024-12-10T19:54:09.047Z",
"dateReserved": "2024-10-15T15:35:47.031Z",
"dateUpdated": "2024-12-11T12:04:30.444Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-39838
Vulnerability from cvelistv5
Published
2021-09-29 15:37
Modified
2024-09-16 18:54
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC AcroForm buttonGetCaption Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-55.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:20:33.587Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "DC 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.0-Classic 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.0-Classic 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability in the processing of the AcroForm buttonGetCaption action that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-29T15:37:47",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC AcroForm buttonGetCaption Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-09-14T23:00:00.000Z",
"ID": "CVE-2021-39838",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC AcroForm buttonGetCaption Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "DC 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "20.0-Classic 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "17.0-Classic 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability in the processing of the AcroForm buttonGetCaption action that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-39838",
"datePublished": "2021-09-29T15:37:47.094024Z",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-09-16T18:54:36.334Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-44518
Vulnerability from cvelistv5
Published
2024-12-18 23:28
Modified
2024-12-19 16:39
Severity ?
EPSS score ?
Summary
Acrobat Reader | Use After Free (CWE-416)
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-44518",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-19T16:27:56.359469Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-19T16:39:19.866Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2022-04-12T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-18T23:28:21.380Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader | Use After Free (CWE-416)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-44518",
"datePublished": "2024-12-18T23:28:21.380Z",
"dateReserved": "2022-10-31T16:22:11.210Z",
"dateUpdated": "2024-12-19T16:39:19.866Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-39424
Vulnerability from cvelistv5
Published
2024-08-14 15:07
Modified
2024-08-15 03:55
Severity ?
EPSS score ?
Summary
ZDI-CAN-24309: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-57.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20991",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20964",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "20.005.30636",
"status": "affected",
"version": "20.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "20.005.30635",
"status": "affected",
"version": "20.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30636",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30635",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20964",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20991",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39424",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-14T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-15T03:55:55.776Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-08-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T15:07:26.473Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-24309: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-39424",
"datePublished": "2024-08-14T15:07:26.473Z",
"dateReserved": "2024-06-24T20:32:06.595Z",
"dateUpdated": "2024-08-15T03:55:55.776Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-42339
Vulnerability from cvelistv5
Published
2022-10-14 19:45
Modified
2025-04-23 16:47
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC XFA Parsing Stack Overflow Remote Code Execution
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:03:45.945Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-46.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-42339",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:04:06.986082Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T16:47:46.104Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30381",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.002.20212",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.002.20212 (and earlier) and 20.005.30381 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow (CWE-121)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-14T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-46.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC XFA Parsing Stack Overflow Remote Code Execution"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-42339",
"datePublished": "2022-10-14T19:45:29.127Z",
"dateReserved": "2022-10-03T00:00:00.000Z",
"dateUpdated": "2025-04-23T16:47:46.104Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-44711
Vulnerability from cvelistv5
Published
2022-01-14 19:05
Modified
2024-09-16 16:17
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC annotation gestures integer overflow vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-01.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:25:17.019Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "21.007.20099",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.004.30017",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.011.30204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "Integer Overflow or Wraparound (CWE-190)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-14T19:05:14",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC annotation gestures integer overflow vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-01-11T23:00:00.000Z",
"ID": "CVE-2021-44711",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC annotation gestures integer overflow vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "21.007.20099"
},
{
"version_affected": "\u003c=",
"version_value": "20.004.30017"
},
{
"version_affected": "\u003c=",
"version_value": "17.011.30204"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer Overflow or Wraparound (CWE-190)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-44711",
"datePublished": "2022-01-14T19:05:14.975906Z",
"dateReserved": "2021-12-07T00:00:00",
"dateUpdated": "2024-09-16T16:17:46.197Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-35691
Vulnerability from cvelistv5
Published
2022-10-14 19:45
Modified
2025-04-23 16:47
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader NULL Pointer Dereference Application denial-of-service
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:36:44.459Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-46.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-35691",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:03:21.027984Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T16:47:38.566Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30381",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.002.20212",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-10-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.002.20212 (and earlier) and 20.005.30381 (and earlier) are affected by a NULL Pointer Dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "NULL Pointer Dereference (CWE-476)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-14T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-46.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader NULL Pointer Dereference Application denial-of-service"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-35691",
"datePublished": "2022-10-14T19:45:29.360Z",
"dateReserved": "2022-07-12T00:00:00.000Z",
"dateUpdated": "2025-04-23T16:47:38.566Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-26419
Vulnerability from cvelistv5
Published
2023-04-12 00:00
Modified
2025-03-05 19:05
Severity ?
EPSS score ?
Summary
ZDI-CAN-20274: Adobe Acrobat Reader DC AcroForm removeField Use-After-Free Remote Code Execution Vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:46:24.526Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-24.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26419",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:39:34.072732Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:05:43.127Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.001.20093",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30441",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-04-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-12T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-24.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-20274: Adobe Acrobat Reader DC AcroForm removeField Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-26419",
"datePublished": "2023-04-12T00:00:00.000Z",
"dateReserved": "2023-02-22T00:00:00.000Z",
"dateUpdated": "2025-03-05T19:05:43.127Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-28632
Vulnerability from cvelistv5
Published
2021-08-24 17:50
Modified
2024-09-16 20:21
Severity ?
EPSS score ?
Summary
ZDI-CAN-13471: Adobe Acrobat Reader DC AcroForm Field Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-37.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:47:32.990Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-37.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2021.001.20155",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30025",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30196",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-06-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2021.001.20155 (and earlier), 2020.001.30025 (and earlier) and 2017.011.30196 (and earlier) are affected by an Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-24T17:50:46",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-37.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-13471: Adobe Acrobat Reader DC AcroForm Field Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-06-08T23:00:00.000Z",
"ID": "CVE-2021-28632",
"STATE": "PUBLIC",
"TITLE": "ZDI-CAN-13471: Adobe Acrobat Reader DC AcroForm Field Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2021.001.20155"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30025"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30196"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2021.001.20155 (and earlier), 2020.001.30025 (and earlier) and 2017.011.30196 (and earlier) are affected by an Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "None",
"attackVector": "None",
"availabilityImpact": "None",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "None",
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-37.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-37.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-28632",
"datePublished": "2021-08-24T17:50:46.923732Z",
"dateReserved": "2021-03-16T00:00:00",
"dateUpdated": "2024-09-16T20:21:51.345Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28245
Vulnerability from cvelistv5
Published
2022-05-11 17:40
Modified
2024-09-17 04:08
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.663Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:40:00",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28245",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28245",
"datePublished": "2022-05-11T17:40:00.764209Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-17T04:08:59.119Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-35986
Vulnerability from cvelistv5
Published
2021-08-20 18:10
Modified
2024-09-16 23:25
Severity ?
EPSS score ?
Summary
Adobe Acrobat Pro DC getAnnot Type Confusion Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-51.html | x_refsource_MISC | |
| https://www.zerodayinitiative.com/advisories/ZDI-21-1145/ | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:47:43.514Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1145/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.004.30005",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30197",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.005.20054",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-07-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Type Confusion vulnerability. An unauthenticated attacker could leverage this vulnerability to read arbitrary system information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027) (CWE-843)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-13T11:06:14",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1145/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Pro DC getAnnot Type Confusion Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-07-13T23:00:00.000Z",
"ID": "CVE-2021-35986",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Pro DC getAnnot Type Confusion Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.004.30005"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30197"
},
{
"version_affected": "\u003c=",
"version_value": "2021.005.20054"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Type Confusion vulnerability. An unauthenticated attacker could leverage this vulnerability to read arbitrary system information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 3.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027) (CWE-843)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1145/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1145/"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-35986",
"datePublished": "2021-08-20T18:10:08.345956Z",
"dateReserved": "2021-06-30T00:00:00",
"dateUpdated": "2024-09-16T23:25:45.679Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-38236
Vulnerability from cvelistv5
Published
2023-08-10 13:17
Modified
2024-08-02 17:30
Severity ?
EPSS score ?
Summary
ZDI-CAN-21247: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-30.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:14.345Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.003.20244",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-08-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-10T13:17:36.335Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21247: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-38236",
"datePublished": "2023-08-10T13:17:36.335Z",
"dateReserved": "2023-07-13T16:21:52.616Z",
"dateUpdated": "2024-08-02T17:30:14.345Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28242
Vulnerability from cvelistv5
Published
2022-05-11 17:37
Modified
2024-09-16 18:13
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.685Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:37:36",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28242",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28242",
"datePublished": "2022-05-11T17:37:36.811211Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-16T18:13:47.069Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-34215
Vulnerability from cvelistv5
Published
2022-07-15 15:33
Modified
2025-04-23 18:01
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Polygon Out-Of-Bounds Read Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-32.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T08:16:17.287Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-34215",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:07:42.428204Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T18:01:37.587Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20142",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30334",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30229",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-07-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-15T15:33:29.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Polygon Out-Of-Bounds Read Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-07-12T23:00:00.000Z",
"ID": "CVE-2022-34215",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Polygon Out-Of-Bounds Read Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20142"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.30334"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30229"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-34215",
"datePublished": "2022-07-15T15:33:29.800Z",
"dateReserved": "2022-06-21T00:00:00.000Z",
"dateUpdated": "2025-04-23T18:01:37.587Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-34224
Vulnerability from cvelistv5
Published
2023-09-11 13:22
Modified
2024-08-03 08:16
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC AcroForm setItems Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-32.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T08:16:17.317Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "17.012.30229",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2022-07-12T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-11T13:22:00.943Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC AcroForm setItems Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-34224",
"datePublished": "2023-09-11T13:22:00.943Z",
"dateReserved": "2022-06-21T20:02:26.507Z",
"dateUpdated": "2024-08-03T08:16:17.317Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-27161
Vulnerability from cvelistv5
Published
2025-03-11 18:10
Modified
2025-03-12 04:01
Severity ?
EPSS score ?
Summary
Acrobat Reader | Out-of-bounds Read (CWE-125)
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb25-14.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-27161",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-11T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-12T04:01:14.294Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "25.001.20428",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-03-11T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-11T18:10:14.806Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb25-14.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader | Out-of-bounds Read (CWE-125)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2025-27161",
"datePublished": "2025-03-11T18:10:14.806Z",
"dateReserved": "2025-02-19T22:28:19.016Z",
"dateUpdated": "2025-03-12T04:01:14.294Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-49532
Vulnerability from cvelistv5
Published
2024-12-10 19:54
Modified
2024-12-11 12:04
Severity ?
EPSS score ?
Summary
Acrobat Reader | Out-of-bounds Read (CWE-125)
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-92.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-49532",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-10T20:39:28.940652Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-10T21:12:51.422Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-12-11T12:04:29.314Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2064"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30710",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-12-10T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 24.005.20307, 24.001.30213, 24.001.30193, 20.005.30730, 20.005.30710 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-10T19:54:11.601Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-92.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader | Out-of-bounds Read (CWE-125)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-49532",
"datePublished": "2024-12-10T19:54:11.601Z",
"dateReserved": "2024-10-15T15:35:47.030Z",
"dateUpdated": "2024-12-11T12:04:29.314Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-27795
Vulnerability from cvelistv5
Published
2022-05-11 17:18
Modified
2024-09-17 00:26
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC AcroForm isDefaultChecked Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:59.976Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:18:48",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC AcroForm isDefaultChecked Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-27795",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC AcroForm isDefaultChecked Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-27795",
"datePublished": "2022-05-11T17:18:48.317132Z",
"dateReserved": "2022-03-23T00:00:00",
"dateUpdated": "2024-09-17T00:26:59.660Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-24092
Vulnerability from cvelistv5
Published
2022-03-18 17:59
Modified
2024-09-17 01:37
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-01.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:59:23.666Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "21.007.20099",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.004.30017",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.011.30204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious font file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-18T17:59:07",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-01-11T23:00:00.000Z",
"ID": "CVE-2022-24092",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "21.007.20099"
},
{
"version_affected": "\u003c=",
"version_value": "20.004.30017"
},
{
"version_affected": "\u003c=",
"version_value": "17.011.30204"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious font file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-24092",
"datePublished": "2022-03-18T17:59:07.910459Z",
"dateReserved": "2022-01-27T00:00:00",
"dateUpdated": "2024-09-17T01:37:09.238Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-38229
Vulnerability from cvelistv5
Published
2023-08-10 13:17
Modified
2024-08-02 17:30
Severity ?
EPSS score ?
Summary
ZDI-CAN-21310: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-30.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:14.205Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.003.20244",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-08-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds read vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-14T12:28:48.519Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21310: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-38229",
"datePublished": "2023-08-10T13:17:43.079Z",
"dateReserved": "2023-07-13T16:21:52.615Z",
"dateUpdated": "2024-08-02T17:30:14.205Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-24431
Vulnerability from cvelistv5
Published
2025-03-11 18:10
Modified
2025-03-12 04:01
Severity ?
EPSS score ?
Summary
Acrobat Reader | Out-of-bounds Read (CWE-125)
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb25-14.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24431",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-11T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-12T04:01:15.651Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "25.001.20428",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-03-11T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-11T18:10:16.624Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb25-14.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader | Out-of-bounds Read (CWE-125)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2025-24431",
"datePublished": "2025-03-11T18:10:16.624Z",
"dateReserved": "2025-01-21T17:00:45.702Z",
"dateUpdated": "2025-03-12T04:01:15.651Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-27788
Vulnerability from cvelistv5
Published
2022-05-11 17:12
Modified
2024-09-17 02:58
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:33:00.157Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:12:56",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-27788",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-27788",
"datePublished": "2022-05-11T17:12:56.095599Z",
"dateReserved": "2022-03-23T00:00:00",
"dateUpdated": "2024-09-17T02:58:01.673Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-21611
Vulnerability from cvelistv5
Published
2023-01-18 00:00
Modified
2025-03-05 19:30
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader Creation of Temporary File in Directory with Incorrect Permissions Privilege escalation
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:44:01.151Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-21611",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:44:33.939108Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:30:16.193Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30418",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.003.20282",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.003.20281",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-01-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Creation of Temporary File in Directory with Incorrect Permissions vulnerability that could result in privilege escalation in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-379",
"description": "Creation of Temporary File in Directory with Incorrect Permissions (CWE-379)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-18T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader Creation of Temporary File in Directory with Incorrect Permissions Privilege escalation"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-21611",
"datePublished": "2023-01-18T00:00:00.000Z",
"dateReserved": "2022-12-01T00:00:00.000Z",
"dateUpdated": "2025-03-05T19:30:16.193Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-27164
Vulnerability from cvelistv5
Published
2025-03-11 18:10
Modified
2025-03-12 13:08
Severity ?
EPSS score ?
Summary
Acrobat Reader | Out-of-bounds Read (CWE-125)
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb25-14.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-27164",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-11T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-12T04:01:20.798Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-03-12T13:08:25.246Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2136"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "25.001.20428",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-03-11T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-11T18:10:14.018Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb25-14.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader | Out-of-bounds Read (CWE-125)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2025-27164",
"datePublished": "2025-03-11T18:10:14.018Z",
"dateReserved": "2025-02-19T22:28:19.017Z",
"dateUpdated": "2025-03-12T13:08:25.246Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-35988
Vulnerability from cvelistv5
Published
2021-08-20 18:10
Modified
2024-09-17 00:25
Severity ?
EPSS score ?
Summary
Adobe Acrobat Pro DC Out-of-Bounds Read Bug
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-51.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:47:43.032Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.004.30005",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30197",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.005.20054",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-07-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-20T18:10:11",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Pro DC Out-of-Bounds Read Bug",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-07-13T23:00:00.000Z",
"ID": "CVE-2021-35988",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Pro DC Out-of-Bounds Read Bug"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.004.30005"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30197"
},
{
"version_affected": "\u003c=",
"version_value": "2021.005.20054"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 3.3,
"baseSeverity": "Low",
"confidentialityImpact": "Low",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-35988",
"datePublished": "2021-08-20T18:10:11.044635Z",
"dateReserved": "2021-06-30T00:00:00",
"dateUpdated": "2024-09-17T00:25:32.948Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-28641
Vulnerability from cvelistv5
Published
2021-08-20 18:10
Modified
2024-09-16 16:49
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader Use-After-Free Arbitrary Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-51.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:47:32.988Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.004.30005",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30197",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.005.20054",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-07-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Use-after-free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-20T18:10:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader Use-After-Free Arbitrary Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-07-13T23:00:00.000Z",
"ID": "CVE-2021-28641",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader Use-After-Free Arbitrary Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.004.30005"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30197"
},
{
"version_affected": "\u003c=",
"version_value": "2021.005.20054"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Use-after-free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-28641",
"datePublished": "2021-08-20T18:10:01.489422Z",
"dateReserved": "2021-03-16T00:00:00",
"dateUpdated": "2024-09-16T16:49:06.147Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-38245
Vulnerability from cvelistv5
Published
2023-08-10 13:17
Modified
2024-08-02 17:39
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC ActiveX Control (AxAcroPDFLib.AxAcroPDF) src NTLMv2 SSO Hash Theft Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-30.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:39:11.983Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.003.20244",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-08-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issue requires user interaction in that a victim must open a maliciously crafted Microsoft Office file, or visit an attacker controlled web page."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Information Exposure (CWE-200)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-10T13:17:37.919Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC ActiveX Control (AxAcroPDFLib.AxAcroPDF) src NTLMv2 SSO Hash Theft Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-38245",
"datePublished": "2023-08-10T13:17:37.919Z",
"dateReserved": "2023-07-13T16:21:52.617Z",
"dateUpdated": "2024-08-02T17:39:11.983Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-24438
Vulnerability from cvelistv5
Published
2020-11-05 19:32
Modified
2024-09-16 16:17
Severity ?
EPSS score ?
Summary
Acrobat Reader DC Use-After-Free Vulnerability Could Lead to Information Disclosure
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb20-67.html | x_refsource_MISC | |
| https://www.zerodayinitiative.com/advisories/ZDI-20-1357/ | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:12:08.709Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1357/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2017.011.30175",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.012.20048",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30005",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a use-after-free vulnerability that could result in a memory address leak. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-10T16:06:16",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1357/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader DC Use-After-Free Vulnerability Could Lead to Information Disclosure",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2020-11-03T23:00:00.000Z",
"ID": "CVE-2020-24438",
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC Use-After-Free Vulnerability Could Lead to Information Disclosure"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2017.011.30175"
},
{
"version_affected": "\u003c=",
"version_value": "2020.012.20048"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30005"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a use-after-free vulnerability that could result in a memory address leak. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 3.3,
"baseSeverity": "Low",
"confidentialityImpact": "Low",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1357/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1357/"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2020-24438",
"datePublished": "2020-11-05T19:32:30.948147Z",
"dateReserved": "2020-08-19T00:00:00",
"dateUpdated": "2024-09-16T16:17:57.147Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-39861
Vulnerability from cvelistv5
Published
2021-09-29 15:40
Modified
2024-09-17 02:36
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Catalog Plugin Out-of-Bounds Read Bug
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-55.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:20:33.684Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.004.30006",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30199",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.005.20060",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-29T15:40:09",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Catalog Plugin Out-of-Bounds Read Bug",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-09-14T23:00:00.000Z",
"ID": "CVE-2021-39861",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Catalog Plugin Out-of-Bounds Read Bug"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.004.30006"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30199"
},
{
"version_affected": "\u003c=",
"version_value": "2021.005.20060"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-39861",
"datePublished": "2021-09-29T15:40:09.348510Z",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-09-17T02:36:53.038Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-44512
Vulnerability from cvelistv5
Published
2024-12-18 23:28
Modified
2024-12-19 16:39
Severity ?
EPSS score ?
Summary
Acrobat Reader | Out-of-bounds Write (CWE-787)
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-44512",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-19T16:27:58.961511Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-19T16:39:37.536Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2022-04-12T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-18T23:28:09.769Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader | Out-of-bounds Write (CWE-787)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-44512",
"datePublished": "2024-12-18T23:28:09.769Z",
"dateReserved": "2022-10-31T16:22:11.208Z",
"dateUpdated": "2024-12-19T16:39:37.536Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-26369
Vulnerability from cvelistv5
Published
2023-09-13 08:17
Modified
2025-02-04 18:04
Severity ?
EPSS score ?
Summary
[Google Project Zero] Adobe Acrobat DC OOBW 0-day actively exploited in the wild
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-34.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:46:24.438Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-34.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26369",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T17:54:19.873110Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-09-14",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2023-26369"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T18:04:19.183Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30514",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-09-12T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 23.003.20284 (and earlier), 20.005.30516 (and earlier) and 20.005.30514 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-13T08:17:43.954Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-34.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "[Google Project Zero] Adobe Acrobat DC OOBW 0-day actively exploited in the wild"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-26369",
"datePublished": "2023-09-13T08:17:43.954Z",
"dateReserved": "2023-02-22T19:47:52.380Z",
"dateUpdated": "2025-02-04T18:04:19.183Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-44712
Vulnerability from cvelistv5
Published
2022-01-14 19:05
Modified
2024-09-16 18:08
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader Memory Corruption could lead to Application denial-of-service
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-01.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:25:17.044Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "21.007.20099",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.004.30017",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.011.30204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Access of Memory Location After End of Buffer vulnerability that could lead to application denial-of-service. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-788",
"description": "Access of Memory Location After End of Buffer (CWE-788)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-14T19:05:34",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader Memory Corruption could lead to Application denial-of-service",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-01-11T23:00:00.000Z",
"ID": "CVE-2021-44712",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader Memory Corruption could lead to Application denial-of-service"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "21.007.20099"
},
{
"version_affected": "\u003c=",
"version_value": "20.004.30017"
},
{
"version_affected": "\u003c=",
"version_value": "17.011.30204"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Access of Memory Location After End of Buffer vulnerability that could lead to application denial-of-service. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Access of Memory Location After End of Buffer (CWE-788)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-44712",
"datePublished": "2022-01-14T19:05:34.498871Z",
"dateReserved": "2021-12-07T00:00:00",
"dateUpdated": "2024-09-16T18:08:52.604Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28254
Vulnerability from cvelistv5
Published
2022-05-11 17:47
Modified
2024-09-16 19:10
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.901Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:47:20",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28254",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28254",
"datePublished": "2022-05-11T17:47:20.020925Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-16T19:10:01.242Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-28637
Vulnerability from cvelistv5
Published
2021-08-20 18:09
Modified
2024-09-17 02:31
Severity ?
EPSS score ?
Summary
Adobe Acrobat Pro DC PDFLibTool Out-of-Bounds Read Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-51.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:47:33.028Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.004.30005",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30197",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.005.20054",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-07-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an out-of-bounds read vulnerability. An unauthenticated attacker could leverage this vulnerability achieve arbitrary read / write system information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-20T18:09:56",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Pro DC PDFLibTool Out-of-Bounds Read Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-07-13T23:00:00.000Z",
"ID": "CVE-2021-28637",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Pro DC PDFLibTool Out-of-Bounds Read Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.004.30005"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30197"
},
{
"version_affected": "\u003c=",
"version_value": "2021.005.20054"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an out-of-bounds read vulnerability. An unauthenticated attacker could leverage this vulnerability achieve arbitrary read / write system information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-28637",
"datePublished": "2021-08-20T18:09:56.881003Z",
"dateReserved": "2021-03-16T00:00:00",
"dateUpdated": "2024-09-17T02:31:36.889Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-21607
Vulnerability from cvelistv5
Published
2023-01-18 00:00
Modified
2025-03-05 19:33
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader Improper Input Validation Remote Code Execution Vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:44:01.457Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-21607",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:44:42.648479Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:33:14.839Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30418",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.003.20282",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.003.20281",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-01-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "Improper Input Validation (CWE-20)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-18T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader Improper Input Validation Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-21607",
"datePublished": "2023-01-18T00:00:00.000Z",
"dateReserved": "2022-12-01T00:00:00.000Z",
"dateUpdated": "2025-03-05T19:33:14.839Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28268
Vulnerability from cvelistv5
Published
2022-05-11 17:58
Modified
2024-09-16 23:06
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.899Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:58:37",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28268",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 3.3,
"baseSeverity": "Low",
"confidentialityImpact": "Low",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28268",
"datePublished": "2022-05-11T17:58:37.505865Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-16T23:06:44.946Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-44713
Vulnerability from cvelistv5
Published
2022-01-14 19:05
Modified
2024-09-16 23:31
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Use After Free could lead to Application denial-of-service
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-01.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:25:17.035Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "21.007.20099",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.004.30017",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.011.30204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in application denial of service. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-14T19:05:33",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Use After Free could lead to Application denial-of-service",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-01-11T23:00:00.000Z",
"ID": "CVE-2021-44713",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Use After Free could lead to Application denial-of-service"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "21.007.20099"
},
{
"version_affected": "\u003c=",
"version_value": "20.004.30017"
},
{
"version_affected": "\u003c=",
"version_value": "17.011.30204"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in application denial of service. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-44713",
"datePublished": "2022-01-14T19:05:33.279303Z",
"dateReserved": "2021-12-07T00:00:00",
"dateUpdated": "2024-09-16T23:31:42.320Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-29299
Vulnerability from cvelistv5
Published
2023-08-10 13:17
Modified
2024-08-02 14:07
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader Untrusted Search Path Application denial-of-service
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-30.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:07:44.392Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.003.20244",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-08-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Untrusted Search Path vulnerability that could lead to Application denial-of-service. An attacker could leverage this vulnerability if the default PowerShell Set-ExecutionPolicy is set to Unrestricted, making the attack complexity high. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 4.7,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "HIGH",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "NONE",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 4.7,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-426",
"description": "Untrusted Search Path (CWE-426)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-10T13:17:48.014Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader Untrusted Search Path Application denial-of-service"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-29299",
"datePublished": "2023-08-10T13:17:48.014Z",
"dateReserved": "2023-04-04T20:46:42.577Z",
"dateUpdated": "2024-08-02T14:07:44.392Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-28545
Vulnerability from cvelistv5
Published
2021-04-01 13:35
Modified
2024-09-17 03:03
Severity ?
EPSS score ?
Summary
Acrobat Reader DC Missing Support for Integrity Check
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-09.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:47:32.733Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.013.20074",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30018",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30188",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are missing support for an integrity check. An unauthenticated attacker would have the ability to completely manipulate data in a certified PDF without invalidating the original certification. Exploitation of this issue requires user interaction in that a victim must open the tampered file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-353",
"description": "Missing Support for Integrity Check (CWE-353)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-28T12:41:45",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader DC Missing Support for Integrity Check",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-28545",
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC Missing Support for Integrity Check"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.013.20074"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30018"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30188"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are missing support for an integrity check. An unauthenticated attacker would have the ability to completely manipulate data in a certified PDF without invalidating the original certification. Exploitation of this issue requires user interaction in that a victim must open the tampered file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "None",
"baseScore": 8.1,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Missing Support for Integrity Check (CWE-353)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-28545",
"datePublished": "2021-04-01T13:35:24.968885Z",
"dateReserved": "2021-03-16T00:00:00",
"dateUpdated": "2024-09-17T03:03:35.066Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28269
Vulnerability from cvelistv5
Published
2022-05-11 17:59
Modified
2024-09-17 02:21
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Use-After-Free Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.653Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of Annotation objects that could result in a memory leak in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:59:15",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Use-After-Free Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28269",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Use-After-Free Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of Annotation objects that could result in a memory leak in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 3.3,
"baseSeverity": "Low",
"confidentialityImpact": "Low",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28269",
"datePublished": "2022-05-11T17:59:15.360913Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-17T02:21:37.596Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20727
Vulnerability from cvelistv5
Published
2024-02-15 12:18
Modified
2024-08-01 21:59
Severity ?
EPSS score ?
Summary
[TianfuCup] out-of-bounds access vulnerability when parsing jpeg2000
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-07.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:-:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20727",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-15T17:07:59.351233Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:40:48.953Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:59:42.963Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-02-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-15T12:18:42.282Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "[TianfuCup] out-of-bounds access vulnerability when parsing jpeg2000"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-20727",
"datePublished": "2024-02-15T12:18:42.282Z",
"dateReserved": "2023-12-04T16:52:22.969Z",
"dateUpdated": "2024-08-01T21:59:42.963Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-44515
Vulnerability from cvelistv5
Published
2024-12-18 23:23
Modified
2024-12-19 16:39
Severity ?
EPSS score ?
Summary
Acrobat Reader | Out-of-bounds Read (CWE-125)
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-44515",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-19T16:26:36.942093Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-19T16:39:49.563Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2022-04-12T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-18T23:23:08.432Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader | Out-of-bounds Read (CWE-125)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-44515",
"datePublished": "2024-12-18T23:23:08.432Z",
"dateReserved": "2022-10-31T16:22:11.209Z",
"dateUpdated": "2024-12-19T16:39:49.563Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28250
Vulnerability from cvelistv5
Published
2022-05-11 17:44
Modified
2024-09-17 02:11
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Use-After-Free Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.904Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:44:23",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Use-After-Free Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28250",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Use-After-Free Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28250",
"datePublished": "2022-05-11T17:44:24.010164Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-17T02:11:08.925Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-44514
Vulnerability from cvelistv5
Published
2024-12-18 23:19
Modified
2024-12-19 16:39
Severity ?
EPSS score ?
Summary
Acrobat Reader | Use After Free (CWE-416)
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-44514",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-19T16:28:02.166020Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-19T16:39:54.890Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2022-04-12T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-18T23:19:57.206Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader | Use After Free (CWE-416)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-44514",
"datePublished": "2024-12-18T23:19:57.206Z",
"dateReserved": "2022-10-31T16:22:11.209Z",
"dateUpdated": "2024-12-19T16:39:54.890Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-38226
Vulnerability from cvelistv5
Published
2023-08-10 13:17
Modified
2024-08-02 17:30
Severity ?
EPSS score ?
Summary
ZDI-CAN-21240: Adobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-30.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:14.193Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.003.20244",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-08-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-824",
"description": "Access of Uninitialized Pointer (CWE-824)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-10T13:17:47.227Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21240: Adobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-38226",
"datePublished": "2023-08-10T13:17:47.227Z",
"dateReserved": "2023-07-13T16:21:52.615Z",
"dateUpdated": "2024-08-02T17:30:14.193Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28253
Vulnerability from cvelistv5
Published
2022-05-11 17:46
Modified
2024-09-17 03:44
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.895Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:46:32",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28253",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28253",
"datePublished": "2022-05-11T17:46:32.496975Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-17T03:44:25.091Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-28635
Vulnerability from cvelistv5
Published
2021-08-20 18:09
Modified
2024-09-16 19:47
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader Use-After-Free Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-51.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:47:33.036Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.004.30005",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30197",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.005.20054",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-07-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by a use-after-free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-20T18:09:57",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader Use-After-Free Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-07-13T23:00:00.000Z",
"ID": "CVE-2021-28635",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader Use-After-Free Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.004.30005"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30197"
},
{
"version_affected": "\u003c=",
"version_value": "2021.005.20054"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by a use-after-free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-28635",
"datePublished": "2021-08-20T18:09:57.787673Z",
"dateReserved": "2021-03-16T00:00:00",
"dateUpdated": "2024-09-16T19:47:28.846Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-35981
Vulnerability from cvelistv5
Published
2021-08-20 18:10
Modified
2024-09-16 17:14
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC launchURL Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-51.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:47:43.541Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.004.30005",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30197",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.005.20054",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-07-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Use-after-free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-20T18:10:07",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC launchURL Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-07-13T23:00:00.000Z",
"ID": "CVE-2021-35981",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC launchURL Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.004.30005"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30197"
},
{
"version_affected": "\u003c=",
"version_value": "2021.005.20054"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Use-after-free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-35981",
"datePublished": "2021-08-20T18:10:07.447087Z",
"dateReserved": "2021-06-30T00:00:00",
"dateUpdated": "2024-09-16T17:14:27.832Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-27791
Vulnerability from cvelistv5
Published
2022-05-11 17:15
Modified
2024-09-16 20:31
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Font Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:59.885Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a stack-based buffer overflow vulnerability due to insecure processing of a font, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .pdf file"
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow (CWE-121)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:15:29",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Font Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-27791",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Font Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a stack-based buffer overflow vulnerability due to insecure processing of a font, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .pdf file"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stack-based Buffer Overflow (CWE-121)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-27791",
"datePublished": "2022-05-11T17:15:29.873263Z",
"dateReserved": "2022-03-23T00:00:00",
"dateUpdated": "2024-09-16T20:31:31.266Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-39853
Vulnerability from cvelistv5
Published
2021-09-29 15:38
Modified
2024-09-17 02:26
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Null Pointer Dereference Could Lead To Application Denial-of-Service
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-55.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:20:33.643Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "DC 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.0-Classic 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.0-Classic 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "NULL Pointer Dereference (CWE-476)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-06T15:25:50",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Null Pointer Dereference Could Lead To Application Denial-of-Service",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-09-14T23:00:00.000Z",
"ID": "CVE-2021-39853",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Null Pointer Dereference Could Lead To Application Denial-of-Service"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "DC 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "20.0-Classic 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "17.0-Classic 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NULL Pointer Dereference (CWE-476)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-39853",
"datePublished": "2021-09-29T15:38:27.913216Z",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-09-17T02:26:40.499Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-34233
Vulnerability from cvelistv5
Published
2022-07-15 15:36
Modified
2025-04-23 18:00
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Doc print Use-After-Free Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-32.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:07:14.325Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-34233",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:05:58.487685Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T18:00:16.914Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20142",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30334",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30229",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-07-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-15T15:36:05.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Doc print Use-After-Free Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-07-12T23:00:00.000Z",
"ID": "CVE-2022-34233",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Doc print Use-After-Free Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20142"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.30334"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30229"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-34233",
"datePublished": "2022-07-15T15:36:05.864Z",
"dateReserved": "2022-06-21T00:00:00.000Z",
"dateUpdated": "2025-04-23T18:00:16.914Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-39851
Vulnerability from cvelistv5
Published
2021-09-29 15:38
Modified
2024-09-17 00:06
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Null Pointer Dereference Could Lead To Application Denial-of-Service
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-55.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:20:33.333Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "DC 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.0-Classic 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.0-Classic 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "NULL Pointer Dereference (CWE-476)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-06T15:25:36",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Null Pointer Dereference Could Lead To Application Denial-of-Service",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-09-14T23:00:00.000Z",
"ID": "CVE-2021-39851",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Null Pointer Dereference Could Lead To Application Denial-of-Service"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "DC 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "20.0-Classic 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "17.0-Classic 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NULL Pointer Dereference (CWE-476)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-39851",
"datePublished": "2021-09-29T15:38:33.352199Z",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-09-17T00:06:08.644Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-26397
Vulnerability from cvelistv5
Published
2023-04-12 00:00
Modified
2025-03-05 19:07
Severity ?
EPSS score ?
Summary
[ZS-VR-22-112] Adobe Acrobat Out-of-bounds Read Memory leak
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:46:24.513Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-24.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26397",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:37:39.305795Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:07:07.216Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.001.20093",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30441",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-04-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-12T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-24.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "[ZS-VR-22-112] Adobe Acrobat Out-of-bounds Read Memory leak"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-26397",
"datePublished": "2023-04-12T00:00:00.000Z",
"dateReserved": "2023-02-22T00:00:00.000Z",
"dateUpdated": "2025-03-05T19:07:07.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-28557
Vulnerability from cvelistv5
Published
2021-09-02 16:07
Modified
2024-09-16 17:53
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader out-of-bounds read in PDFLibTool could lead to information exposure
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-29.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:47:32.640Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.001.30020",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.001.20150",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30194",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-05-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to leak sensitive system information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-02T16:07:47",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader out-of-bounds read in PDFLibTool could lead to information exposure",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-05-11T23:00:00.000Z",
"ID": "CVE-2021-28557",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader out-of-bounds read in PDFLibTool could lead to information exposure"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.001.30020"
},
{
"version_affected": "\u003c=",
"version_value": "2021.001.20150"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30194"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to leak sensitive system information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "None",
"baseScore": 4.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-28557",
"datePublished": "2021-09-02T16:07:47.857320Z",
"dateReserved": "2021-03-16T00:00:00",
"dateUpdated": "2024-09-16T17:53:43.348Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-34228
Vulnerability from cvelistv5
Published
2022-07-15 15:36
Modified
2025-04-23 18:00
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-32.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:07:14.308Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-34228",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:07:17.481927Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T18:00:09.917Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20142",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30334",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30229",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-07-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-824",
"description": "Access of Uninitialized Pointer (CWE-824)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-15T15:36:10.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-07-12T23:00:00.000Z",
"ID": "CVE-2022-34228",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20142"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.30334"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30229"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Access of Uninitialized Pointer (CWE-824)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-34228",
"datePublished": "2022-07-15T15:36:10.429Z",
"dateReserved": "2022-06-21T00:00:00.000Z",
"dateUpdated": "2025-04-23T18:00:09.917Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28264
Vulnerability from cvelistv5
Published
2022-05-11 17:55
Modified
2024-09-16 18:29
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.892Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:55:40",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28264",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28264",
"datePublished": "2022-05-11T17:55:40.126402Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-16T18:29:11.361Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-24430
Vulnerability from cvelistv5
Published
2020-11-05 19:31
Modified
2024-09-16 19:31
Severity ?
EPSS score ?
Summary
Acrobat Pro DC Use-After-Free vulnerability Could Lead to Arbitrary Code Execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb20-67.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:12:08.958Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2017.011.30175",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.012.20048",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30005",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a use-after-free vulnerability when handling malicious JavaScript. This vulnerability could result in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-05T19:31:52",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Pro DC Use-After-Free vulnerability Could Lead to Arbitrary Code Execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2020-11-03T23:00:00.000Z",
"ID": "CVE-2020-24430",
"STATE": "PUBLIC",
"TITLE": "Acrobat Pro DC Use-After-Free vulnerability Could Lead to Arbitrary Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2017.011.30175"
},
{
"version_affected": "\u003c=",
"version_value": "2020.012.20048"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30005"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a use-after-free vulnerability when handling malicious JavaScript. This vulnerability could result in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2020-24430",
"datePublished": "2020-11-05T19:31:52.869877Z",
"dateReserved": "2020-08-19T00:00:00",
"dateUpdated": "2024-09-16T19:31:04.719Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-27790
Vulnerability from cvelistv5
Published
2022-05-11 17:14
Modified
2024-09-17 00:46
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:33:00.331Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of fonts that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:14:44",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-27790",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of fonts that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-27790",
"datePublished": "2022-05-11T17:14:44.242299Z",
"dateReserved": "2022-03-23T00:00:00",
"dateUpdated": "2024-09-17T00:46:10.123Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-21606
Vulnerability from cvelistv5
Published
2023-01-18 00:00
Modified
2025-03-05 19:33
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:44:01.429Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-21606",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:44:45.894552Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:33:21.085Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30418",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.003.20282",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.003.20281",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-01-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-18T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-21606",
"datePublished": "2023-01-18T00:00:00.000Z",
"dateReserved": "2022-12-01T00:00:00.000Z",
"dateUpdated": "2025-03-05T19:33:21.085Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-21612
Vulnerability from cvelistv5
Published
2023-01-18 00:00
Modified
2025-03-05 19:30
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader Creation of Temporary File in Directory with Incorrect Permissions Privilege escalation
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:44:01.590Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-21612",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:44:31.066845Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:30:03.760Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30418",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.003.20282",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.003.20281",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-01-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Creation of Temporary File in Directory with Incorrect Permissions vulnerability that could result in privilege escalation in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-379",
"description": "Creation of Temporary File in Directory with Incorrect Permissions (CWE-379)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-18T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader Creation of Temporary File in Directory with Incorrect Permissions Privilege escalation "
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-21612",
"datePublished": "2023-01-18T00:00:00.000Z",
"dateReserved": "2022-12-01T00:00:00.000Z",
"dateUpdated": "2025-03-05T19:30:03.760Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28267
Vulnerability from cvelistv5
Published
2022-05-11 17:57
Modified
2024-09-16 18:48
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.667Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:57:49",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28267",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28267",
"datePublished": "2022-05-11T17:57:49.256949Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-16T18:48:54.072Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-45112
Vulnerability from cvelistv5
Published
2024-09-13 08:58
Modified
2024-09-13 13:42
Severity ?
EPSS score ?
Summary
Acrobat Reader | Access of Resource Using Incompatible Type ('Type Confusion') (CWE-843)
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-70.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.003.20054",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.21005",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30159",
"status": "affected",
"version": "24.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30159",
"status": "affected",
"version": "24.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "20.005.30655",
"status": "affected",
"version": "20.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30636",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30635",
"status": "affected",
"version": "20.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20991",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30635",
"status": "affected",
"version": "20.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:macos:*:*",
"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.21005",
"status": "affected",
"version": "20.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "24.003.20054",
"status": "affected",
"version": "20.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-45112",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-13T13:33:51.760518Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T13:42:56.318Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "24.003.20054",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-09-10T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 24.002.21005, 24.001.30159, 20.005.30655, 24.003.20054 and earlier are affected by a Type Confusion vulnerability that could result in arbitrary code execution in the context of the current user. This issue occurs when a resource is accessed using a type that is not compatible with the actual object type, leading to a logic error that an attacker could exploit. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027) (CWE-843)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T08:58:58.128Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-70.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader | Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027) (CWE-843)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-45112",
"datePublished": "2024-09-13T08:58:58.128Z",
"dateReserved": "2024-08-21T23:00:59.342Z",
"dateUpdated": "2024-09-13T13:42:56.318Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-39839
Vulnerability from cvelistv5
Published
2021-09-29 15:37
Modified
2024-09-16 19:10
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC AcroForm getItemAt Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-55.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:20:33.797Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "DC 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.0-Classic 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.0-Classic 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability in the processing of the AcroForm getItem action that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-29T15:37:41",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC AcroForm getItemAt Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-09-14T23:00:00.000Z",
"ID": "CVE-2021-39839",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC AcroForm getItemAt Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "DC 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "20.0-Classic 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "17.0-Classic 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability in the processing of the AcroForm getItem action that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-39839",
"datePublished": "2021-09-29T15:37:41.809944Z",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-09-16T19:10:45.602Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-24102
Vulnerability from cvelistv5
Published
2022-05-11 17:06
Modified
2024-09-17 04:05
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:59:23.519Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:06:12",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-24102",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-24102",
"datePublished": "2022-05-11T17:06:12.292206Z",
"dateReserved": "2022-01-27T00:00:00",
"dateUpdated": "2024-09-17T04:05:10.682Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-35980
Vulnerability from cvelistv5
Published
2023-09-06 13:08
Modified
2024-08-04 00:47
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader SpellDictionaryExport Path Traversal Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-51.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:47:43.331Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2021.005.20054",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2021-07-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by a Path traversal vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) (CWE-22)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-06T13:08:07.188Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader SpellDictionaryExport Path Traversal Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-35980",
"datePublished": "2023-09-06T13:08:07.188Z",
"dateReserved": "2021-06-30T18:34:04.853Z",
"dateUpdated": "2024-08-04T00:47:43.331Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20735
Vulnerability from cvelistv5
Published
2024-02-15 12:18
Modified
2025-02-13 17:32
Severity ?
EPSS score ?
Summary
TALOS-2023-1905 - Adobe Acrobat Reader Font CPAL numColorRecords out-of-bounds read vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:-:*:*:*:pro:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:-:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:2020:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30539",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:2020:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30539",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20735",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-11T19:24:39.957891Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T17:09:31.363Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:59:42.906Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1905"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-02-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-15T12:20:17.052Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1905"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "TALOS-2023-1905 - Adobe Acrobat Reader Font CPAL numColorRecords out-of-bounds read vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-20735",
"datePublished": "2024-02-15T12:18:35.130Z",
"dateReserved": "2023-12-04T16:52:22.970Z",
"dateUpdated": "2025-02-13T17:32:37.615Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-21059
Vulnerability from cvelistv5
Published
2021-02-11 20:07
Modified
2024-09-16 17:09
Severity ?
EPSS score ?
Summary
Acrobat Reader DC Buffer Overflow Vulnerability Could Lead to Arbitrary Code Execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-09.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:01:13.273Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.013.20074",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30018",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30188",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-11T20:07:21",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader DC Buffer Overflow Vulnerability Could Lead to Arbitrary Code Execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21059",
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC Buffer Overflow Vulnerability Could Lead to Arbitrary Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.013.20074"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30018"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30188"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "None",
"attackVector": "None",
"availabilityImpact": "None",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "None",
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-21059",
"datePublished": "2021-02-11T20:07:21.455056Z",
"dateReserved": "2020-12-18T00:00:00",
"dateUpdated": "2024-09-16T17:09:15.262Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28241
Vulnerability from cvelistv5
Published
2022-05-11 17:36
Modified
2024-09-17 00:21
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.650Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:36:35",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28241",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28241",
"datePublished": "2022-05-11T17:36:36.007258Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-17T00:21:51.769Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-21613
Vulnerability from cvelistv5
Published
2023-01-18 00:00
Modified
2025-03-05 19:29
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:44:01.530Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-21613",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:41:19.403260Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:29:53.040Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30418",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.003.20282",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.003.20281",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-01-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-18T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-21613",
"datePublished": "2023-01-18T00:00:00.000Z",
"dateReserved": "2022-12-01T00:00:00.000Z",
"dateUpdated": "2025-03-05T19:29:53.040Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-39857
Vulnerability from cvelistv5
Published
2021-09-29 15:39
Modified
2025-04-23 19:25
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Information Disclosure via ActiveX LoadFile
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-55.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:20:33.671Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-39857",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:10:42.853841Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T19:25:48.699Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "DC 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.0-Classic 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.0-Classic 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-09-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader DC add-on for Internet Explorer versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to check for existence of local files. Exploitation of this issue requires user interaction in that a victim must visit an attacker controlled web page."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Information Exposure (CWE-200)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-29T15:39:03.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Information Disclosure via ActiveX LoadFile",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-09-14T23:00:00.000Z",
"ID": "CVE-2021-39857",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Information Disclosure via ActiveX LoadFile"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "DC 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "20.0-Classic 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "17.0-Classic 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader DC add-on for Internet Explorer versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to check for existence of local files. Exploitation of this issue requires user interaction in that a victim must visit an attacker controlled web page."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "None",
"baseScore": 3.8,
"baseSeverity": "Low",
"confidentialityImpact": "Low",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Exposure (CWE-200)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-39857",
"datePublished": "2021-09-29T15:39:03.125Z",
"dateReserved": "2021-08-23T00:00:00.000Z",
"dateUpdated": "2025-04-23T19:25:48.699Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28256
Vulnerability from cvelistv5
Published
2022-05-11 17:49
Modified
2024-09-16 20:13
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Use-After-Free Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.902Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:49:17",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Use-After-Free Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28256",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Use-After-Free Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28256",
"datePublished": "2022-05-11T17:49:17.907317Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-16T20:13:12.236Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-38248
Vulnerability from cvelistv5
Published
2023-08-10 13:17
Modified
2025-02-27 21:04
Severity ?
EPSS score ?
Summary
ZDI-CAN-21494: Adobe Acrobat Reader DC PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-30.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:39:11.983Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38248",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T21:50:22.732269Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-27T21:04:12.688Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.003.20244",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-08-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-10T13:17:33.447Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21494: Adobe Acrobat Reader DC PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-38248",
"datePublished": "2023-08-10T13:17:33.447Z",
"dateReserved": "2023-07-13T16:21:52.617Z",
"dateUpdated": "2025-02-27T21:04:12.688Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28230
Vulnerability from cvelistv5
Published
2022-05-11 17:26
Modified
2024-09-16 18:39
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC AcroForm calculateNow Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.419Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:26:33",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC AcroForm calculateNow Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28230",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC AcroForm calculateNow Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28230",
"datePublished": "2022-05-11T17:26:33.975140Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-16T18:39:47.929Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-39858
Vulnerability from cvelistv5
Published
2021-09-29 15:40
Modified
2024-09-16 17:28
Severity ?
EPSS score ?
Summary
Adobe Acrobat Pro DC PostScript File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-55.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:20:33.646Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "DC 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.0-Classic 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.0-Classic 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-29T15:40:18",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Pro DC PostScript File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-09-14T23:00:00.000Z",
"ID": "CVE-2021-39858",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Pro DC PostScript File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "DC 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "20.0-Classic 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "17.0-Classic 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 3.3,
"baseSeverity": "Low",
"confidentialityImpact": "Low",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-39858",
"datePublished": "2021-09-29T15:40:18.020904Z",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-09-16T17:28:16.407Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-34216
Vulnerability from cvelistv5
Published
2022-07-15 15:33
Modified
2024-09-17 00:00
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC PDF Parsing Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-32.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T08:16:17.316Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20142",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30334",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30229",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-15T15:33:10",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC PDF Parsing Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-07-12T23:00:00.000Z",
"ID": "CVE-2022-34216",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC PDF Parsing Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20142"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.30334"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30229"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-34216",
"datePublished": "2022-07-15T15:33:10.566859Z",
"dateReserved": "2022-06-21T00:00:00",
"dateUpdated": "2024-09-17T00:00:52.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-38450
Vulnerability from cvelistv5
Published
2022-10-14 19:45
Modified
2025-04-23 16:48
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC XFA Parsing Stack Overflow Remote Code Execution Vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:54:03.688Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-46.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-38450",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:04:11.035404Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T16:48:02.283Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30381",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.002.20212",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.002.20212 (and earlier) and 20.005.30381 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow (CWE-121)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-14T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-46.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC XFA Parsing Stack Overflow Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-38450",
"datePublished": "2022-10-14T19:45:28.615Z",
"dateReserved": "2022-08-18T00:00:00.000Z",
"dateUpdated": "2025-04-23T16:48:02.283Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-21033
Vulnerability from cvelistv5
Published
2021-02-11 19:42
Modified
2024-09-16 20:21
Severity ?
EPSS score ?
Summary
Acrobat Reader DC Use-After-Free Vulnerability Could Lead To Arbitrary Code Execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-09.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:01:12.493Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.013.20074",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30018",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30188",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-11T19:42:21",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader DC Use-After-Free Vulnerability Could Lead To Arbitrary Code Execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21033",
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC Use-After-Free Vulnerability Could Lead To Arbitrary Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.013.20074"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30018"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30188"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-21033",
"datePublished": "2021-02-11T19:42:21.453463Z",
"dateReserved": "2020-12-18T00:00:00",
"dateUpdated": "2024-09-16T20:21:29.111Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-34236
Vulnerability from cvelistv5
Published
2022-07-15 15:35
Modified
2025-04-23 18:00
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-32.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:07:14.307Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-34236",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:06:01.301272Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T18:00:22.888Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20142",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30334",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30229",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-07-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-15T15:35:59.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-07-12T23:00:00.000Z",
"ID": "CVE-2022-34236",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20142"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.30334"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30229"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-34236",
"datePublished": "2022-07-15T15:35:59.574Z",
"dateReserved": "2022-06-21T00:00:00.000Z",
"dateUpdated": "2025-04-23T18:00:22.888Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-38222
Vulnerability from cvelistv5
Published
2023-08-10 13:17
Modified
2024-08-02 17:30
Severity ?
EPSS score ?
Summary
ZDI-CAN-21103: Adobe Acrobat Reader DC AcroForm spawnPageFromTemplate Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-30.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:14.190Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.003.20244",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-08-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-10T13:17:40.922Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21103: Adobe Acrobat Reader DC AcroForm spawnPageFromTemplate Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-38222",
"datePublished": "2023-08-10T13:17:40.922Z",
"dateReserved": "2023-07-13T16:21:52.614Z",
"dateUpdated": "2024-08-02T17:30:14.190Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-40726
Vulnerability from cvelistv5
Published
2021-10-07 15:07
Modified
2024-09-17 01:35
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC AcroForm Field Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-55.html | x_refsource_MISC | |
| https://www.zerodayinitiative.com/advisories/ZDI-21-1249/ | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:51:06.682Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1249/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.004.30006",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30199",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.005.20060",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability when processing AcroForm field that could result in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T11:06:18",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1249/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC AcroForm Field Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-09-14T23:00:00.000Z",
"ID": "CVE-2021-40726",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC AcroForm Field Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.004.30006"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30199"
},
{
"version_affected": "\u003c=",
"version_value": "2021.005.20060"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability when processing AcroForm field that could result in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1249/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1249/"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-40726",
"datePublished": "2021-10-07T15:07:03.524485Z",
"dateReserved": "2021-09-08T00:00:00",
"dateUpdated": "2024-09-17T01:35:46.554Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-34237
Vulnerability from cvelistv5
Published
2022-07-15 15:35
Modified
2025-04-23 18:00
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Font Parsing Use-After-Free Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-32.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:07:14.413Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-34237",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:06:04.681192Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T18:00:29.974Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20142",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30334",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30229",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-07-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-15T15:35:30.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Font Parsing Use-After-Free Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-07-12T23:00:00.000Z",
"ID": "CVE-2022-34237",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Font Parsing Use-After-Free Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20142"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.30334"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30229"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-34237",
"datePublished": "2022-07-15T15:35:30.669Z",
"dateReserved": "2022-06-21T00:00:00.000Z",
"dateUpdated": "2025-04-23T18:00:29.974Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-49535
Vulnerability from cvelistv5
Published
2024-12-10 19:54
Modified
2025-01-23 18:03
Severity ?
EPSS score ?
Summary
Acrobat Reader | Improper Restriction of XML External Entity Reference ('XXE') (CWE-611)
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-92.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-49535",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-10T20:39:34.048115Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-10T21:13:22.251Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30710",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-12-10T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 24.005.20307, 24.001.30213, 24.001.30193, 20.005.30730, 20.005.30710 and earlier are affected by an Improper Restriction of XML External Entity Reference (\u0027XXE\u0027) vulnerability that allows an attacker to provide malicious XML input containing a reference to an external entity, potentially leading to unauthorized read access outside the Acrobat sandbox. Exploitation of this issue requires user interaction in that a victim must process a malicious XML document."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 6.3,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "CHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "CHANGED",
"temporalScore": 6.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "Improper Restriction of XML External Entity Reference (\u0027XXE\u0027) (CWE-611)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-23T18:03:58.087Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-92.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader | Improper Restriction of XML External Entity Reference (\u0027XXE\u0027) (CWE-611)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-49535",
"datePublished": "2024-12-10T19:54:08.271Z",
"dateReserved": "2024-10-15T15:35:47.031Z",
"dateUpdated": "2025-01-23T18:03:58.087Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-21609
Vulnerability from cvelistv5
Published
2023-01-18 00:00
Modified
2025-03-05 19:33
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC AcroForm Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:44:01.601Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-21609",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:44:39.597217Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:33:09.173Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30418",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.003.20282",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.003.20281",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-01-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-18T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC AcroForm Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-21609",
"datePublished": "2023-01-18T00:00:00.000Z",
"dateReserved": "2022-12-01T00:00:00.000Z",
"dateUpdated": "2025-03-05T19:33:09.173Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-26420
Vulnerability from cvelistv5
Published
2023-04-12 00:00
Modified
2025-03-05 19:05
Severity ?
EPSS score ?
Summary
ZDI-CAN-20227: Adobe Acrobat Reader DC AcroForm addField Use-After-Free Remote Code Execution Vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:46:24.551Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-24.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26420",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:39:31.556175Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:05:36.517Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.001.20093",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30441",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-04-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-12T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-24.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-20227: Adobe Acrobat Reader DC AcroForm addField Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-26420",
"datePublished": "2023-04-12T00:00:00.000Z",
"dateReserved": "2023-02-22T00:00:00.000Z",
"dateUpdated": "2025-03-05T19:05:36.517Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-27796
Vulnerability from cvelistv5
Published
2022-05-11 17:19
Modified
2024-09-17 03:27
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC AcroForm isBoxChecked Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:59.939Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:19:31",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC AcroForm isBoxChecked Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-27796",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC AcroForm isBoxChecked Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-27796",
"datePublished": "2022-05-11T17:19:31.046623Z",
"dateReserved": "2022-03-23T00:00:00",
"dateUpdated": "2024-09-17T03:27:55.026Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-27789
Vulnerability from cvelistv5
Published
2022-05-11 17:13
Modified
2024-09-16 22:20
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:59.997Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:13:59",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-27789",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-27789",
"datePublished": "2022-05-11T17:13:59.728311Z",
"dateReserved": "2022-03-23T00:00:00",
"dateUpdated": "2024-09-16T22:20:23.182Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-39837
Vulnerability from cvelistv5
Published
2021-09-29 15:37
Modified
2024-09-16 22:45
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC AcroForm deleteItemAt Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-55.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:20:33.386Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "DC 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.0-Classic 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.0-Classic 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability in the processing of the AcroForm deleteItemAt action that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-29T15:37:36",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC AcroForm deleteItemAt Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-09-14T23:00:00.000Z",
"ID": "CVE-2021-39837",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC AcroForm deleteItemAt Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "DC 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "20.0-Classic 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "17.0-Classic 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability in the processing of the AcroForm deleteItemAt action that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-39837",
"datePublished": "2021-09-29T15:37:36.433777Z",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-09-16T22:45:18.760Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-21614
Vulnerability from cvelistv5
Published
2023-01-18 00:00
Modified
2025-03-05 19:29
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:44:01.930Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-21614",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:41:15.726034Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:29:43.476Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30418",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.003.20282",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.003.20281",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-01-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-31T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-21614",
"datePublished": "2023-01-18T00:00:00.000Z",
"dateReserved": "2022-12-01T00:00:00.000Z",
"dateUpdated": "2025-03-05T19:29:43.476Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-41835
Vulnerability from cvelistv5
Published
2024-08-14 15:07
Modified
2024-08-14 16:03
Severity ?
EPSS score ?
Summary
TALOS-2024-2003 | Adobe Acrobat Reader Font Packed Point Numbers Out-Of-Bounds Read Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-57.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20991",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20964",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "20.005.30636",
"status": "affected",
"version": "20.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "20.005.30635",
"status": "affected",
"version": "20.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30636",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30635",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20964",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20991",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-41835",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-14T15:53:03.938819Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T15:56:29.779Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-14T16:03:30.336Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2003"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-08-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T15:07:27.209Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "TALOS-2024-2003 | Adobe Acrobat Reader Font Packed Point Numbers Out-Of-Bounds Read Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-41835",
"datePublished": "2024-08-14T15:07:27.209Z",
"dateReserved": "2024-07-22T17:16:40.934Z",
"dateUpdated": "2024-08-14T16:03:30.336Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-27174
Vulnerability from cvelistv5
Published
2025-03-11 18:10
Modified
2025-03-12 04:01
Severity ?
EPSS score ?
Summary
Acrobat Reader | Use After Free (CWE-416)
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb25-14.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-27174",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-11T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-12T04:01:10.179Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "25.001.20428",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-03-11T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-11T18:10:13.126Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb25-14.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader | Use After Free (CWE-416)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2025-27174",
"datePublished": "2025-03-11T18:10:13.126Z",
"dateReserved": "2025-02-19T22:28:19.019Z",
"dateUpdated": "2025-03-12T04:01:10.179Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28257
Vulnerability from cvelistv5
Published
2022-05-11 17:50
Modified
2024-09-16 17:44
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.654Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:50:17",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28257",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28257",
"datePublished": "2022-05-11T17:50:17.893985Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-16T17:44:08.683Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28261
Vulnerability from cvelistv5
Published
2022-05-11 17:53
Modified
2024-09-17 01:51
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.904Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:53:28",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28261",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28261",
"datePublished": "2022-05-11T17:53:28.084635Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-17T01:51:01.647Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-21605
Vulnerability from cvelistv5
Published
2023-01-18 00:00
Modified
2025-03-05 19:33
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Font Parsing Heap-based Buffer Overflow Arbitrary code execution
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:44:01.333Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-21605",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:44:48.708753Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:33:27.684Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30418",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.003.20282",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.003.20281",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-01-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "Heap-based Buffer Overflow (CWE-122)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-18T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Font Parsing Heap-based Buffer Overflow Arbitrary code execution"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-21605",
"datePublished": "2023-01-18T00:00:00.000Z",
"dateReserved": "2022-12-01T00:00:00.000Z",
"dateUpdated": "2025-03-05T19:33:27.684Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-44348
Vulnerability from cvelistv5
Published
2023-11-16 09:52
Modified
2024-08-02 20:07
Severity ?
EPSS score ?
Summary
ZDI-CAN-21925: (bypass of VULN-24891) Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:07:32.555Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.006.20360",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-11-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T15:51:26.674Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21925: (bypass of VULN-24891) Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-44348",
"datePublished": "2023-11-16T09:52:58.486Z",
"dateReserved": "2023-09-28T16:25:40.451Z",
"dateUpdated": "2024-08-02T20:07:32.555Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20731
Vulnerability from cvelistv5
Published
2024-02-15 12:18
Modified
2025-02-13 17:32
Severity ?
EPSS score ?
Summary
TALOS-2023-1901 - Adobe Acrobat Reader FileAttachment PDAnnot destroy use-after-free vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:-:*:*:*:pro:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:2020:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThan": "20.005.30539",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:2020:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30539",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:-:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20731",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-15T14:11:00.431310Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:40:51.662Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:59:42.890Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1901"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-02-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-15T12:20:13.801Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1901"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "TALOS-2023-1901 - Adobe Acrobat Reader FileAttachment PDAnnot destroy use-after-free vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-20731",
"datePublished": "2024-02-15T12:18:43.091Z",
"dateReserved": "2023-12-04T16:52:22.970Z",
"dateUpdated": "2025-02-13T17:32:37.052Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-21042
Vulnerability from cvelistv5
Published
2021-02-11 19:42
Modified
2024-09-16 18:44
Severity ?
EPSS score ?
Summary
Acrobat Reader DC Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-09.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:01:13.291Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.013.20074",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30018",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30188",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Read vulnerability that could lead to arbitrary disclosure of information in the memory stack. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-28T12:41:41",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader DC Out-Of-Bounds Read Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21042",
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC Out-Of-Bounds Read Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.013.20074"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30018"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30188"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Read vulnerability that could lead to arbitrary disclosure of information in the memory stack. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-21042",
"datePublished": "2021-02-11T19:42:20.114076Z",
"dateReserved": "2020-12-18T00:00:00",
"dateUpdated": "2024-09-16T18:44:13.612Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-24426
Vulnerability from cvelistv5
Published
2020-11-05 19:31
Modified
2024-09-17 00:42
Severity ?
EPSS score ?
Summary
Acrobat Reader DC Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb20-67.html | x_refsource_MISC | |
| https://www.zerodayinitiative.com/advisories/ZDI-20-1354/ | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:12:08.760Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1354/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2017.011.30175",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.012.20048",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30005",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-10T16:06:20",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1354/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader DC Out-Of-Bounds Read Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2020-11-03T23:00:00.000Z",
"ID": "CVE-2020-24426",
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC Out-Of-Bounds Read Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2017.011.30175"
},
{
"version_affected": "\u003c=",
"version_value": "2020.012.20048"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30005"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 3.3,
"baseSeverity": "Low",
"confidentialityImpact": "Low",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb20-67.html"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1354/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1354/"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2020-24426",
"datePublished": "2020-11-05T19:31:01.324266Z",
"dateReserved": "2020-08-19T00:00:00",
"dateUpdated": "2024-09-17T00:42:40.121Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-39426
Vulnerability from cvelistv5
Published
2024-08-14 15:07
Modified
2024-08-15 03:55
Severity ?
EPSS score ?
Summary
ZDI-CAN-24312: Adobe Acrobat Reader DC Annotation Memory Corruption Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-57.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20991",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20964",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "20.005.30636",
"status": "affected",
"version": "20.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "20.005.30635",
"status": "affected",
"version": "20.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30636",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30635",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20964",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20991",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39426",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-14T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-15T03:55:58.149Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-08-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T15:07:32.157Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-24312: Adobe Acrobat Reader DC Annotation Memory Corruption Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-39426",
"datePublished": "2024-08-14T15:07:32.157Z",
"dateReserved": "2024-06-24T20:32:06.596Z",
"dateUpdated": "2024-08-15T03:55:58.149Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-38247
Vulnerability from cvelistv5
Published
2023-08-10 13:17
Modified
2025-02-27 21:04
Severity ?
EPSS score ?
Summary
ZDI-CAN-21449: Adobe Acrobat Reader DC PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-30.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:39:11.990Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38247",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T21:50:25.170499Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-27T21:04:23.338Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.003.20244",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-08-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-10T13:17:31.362Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21449: Adobe Acrobat Reader DC PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-38247",
"datePublished": "2023-08-10T13:17:31.362Z",
"dateReserved": "2023-07-13T16:21:52.617Z",
"dateUpdated": "2025-02-27T21:04:23.338Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-35670
Vulnerability from cvelistv5
Published
2022-08-11 14:43
Modified
2025-04-23 17:52
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader Use-After-Free Memory leak
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-39.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:36:44.419Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-39.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-35670",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:05:33.249666Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T17:52:35.099Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20169",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30362",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30249",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-08-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.001.20169 (and earlier), 20.005.30362 (and earlier) and 17.012.30249 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-11T14:43:46.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-39.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader Use-After-Free Memory leak",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-08-09T23:00:00.000Z",
"ID": "CVE-2022-35670",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader Use-After-Free Memory leak"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20169"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.30362"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30249"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 22.001.20169 (and earlier), 20.005.30362 (and earlier) and 17.012.30249 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-39.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-39.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-35670",
"datePublished": "2022-08-11T14:43:46.054Z",
"dateReserved": "2022-07-12T00:00:00.000Z",
"dateUpdated": "2025-04-23T17:52:35.099Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28258
Vulnerability from cvelistv5
Published
2022-05-11 17:51
Modified
2024-09-16 21:02
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.885Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:51:03",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28258",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28258",
"datePublished": "2022-05-11T17:51:03.301841Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-16T21:02:33.566Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-44740
Vulnerability from cvelistv5
Published
2022-01-14 19:05
Modified
2024-09-16 17:03
Severity ?
EPSS score ?
Summary
Adobe Acrobat Pro DC NULL Pointer Dereference could lead to Application-denial-of-service
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-01.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:32:12.279Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "21.007.20099",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.004.30017",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.011.30204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "NULL Pointer Dereference (CWE-476)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-14T19:05:07",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Pro DC NULL Pointer Dereference could lead to Application-denial-of-service",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-01-11T23:00:00.000Z",
"ID": "CVE-2021-44740",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Pro DC NULL Pointer Dereference could lead to Application-denial-of-service"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "21.007.20099"
},
{
"version_affected": "\u003c=",
"version_value": "20.004.30017"
},
{
"version_affected": "\u003c=",
"version_value": "17.011.30204"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "Low",
"baseScore": 3.3,
"baseSeverity": "Low",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NULL Pointer Dereference (CWE-476)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-44740",
"datePublished": "2022-01-14T19:05:07.378348Z",
"dateReserved": "2021-12-08T00:00:00",
"dateUpdated": "2024-09-16T17:03:35.259Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-45061
Vulnerability from cvelistv5
Published
2022-01-14 19:05
Modified
2024-09-17 00:06
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-01.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:32:13.636Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "21.007.20099",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.004.30017",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.011.30204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-14T19:05:22",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-01-11T23:00:00.000Z",
"ID": "CVE-2021-45061",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "21.007.20099"
},
{
"version_affected": "\u003c=",
"version_value": "20.004.30017"
},
{
"version_affected": "\u003c=",
"version_value": "17.011.30204"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-45061",
"datePublished": "2022-01-14T19:05:22.191251Z",
"dateReserved": "2021-12-14T00:00:00",
"dateUpdated": "2024-09-17T00:06:14.395Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20748
Vulnerability from cvelistv5
Published
2024-02-15 12:18
Modified
2025-02-13 17:32
Severity ?
EPSS score ?
Summary
TALOS-2023-1909 - Adobe Acrobat Reader Font avar SegmentMaps out-of-bounds read vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:-:*:*:*:pro:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:-:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:2020:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30539",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:2020:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30539",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20748",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-15T17:04:11.673967Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T17:05:09.769Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:59:42.951Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1909"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-02-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-15T12:20:20.249Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1909"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "TALOS-2023-1909 - Adobe Acrobat Reader Font avar SegmentMaps out-of-bounds read vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-20748",
"datePublished": "2024-02-15T12:18:39.912Z",
"dateReserved": "2023-12-04T16:52:22.975Z",
"dateUpdated": "2025-02-13T17:32:39.136Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20747
Vulnerability from cvelistv5
Published
2024-02-15 12:18
Modified
2025-02-13 17:32
Severity ?
EPSS score ?
Summary
TALOS-2023-1908 - Adobe Acrobat Reader Font CharStrings INDEX out-of-bounds read vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:-:*:*:*:pro:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:-:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:2020:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30539",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:2020:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30539",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20747",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-15T16:48:19.910032Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T17:06:52.204Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:59:42.914Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1908"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-02-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-15T12:20:19.223Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1908"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "TALOS-2023-1908 - Adobe Acrobat Reader Font CharStrings INDEX out-of-bounds read vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-20747",
"datePublished": "2024-02-15T12:18:41.494Z",
"dateReserved": "2023-12-04T16:52:22.975Z",
"dateUpdated": "2025-02-13T17:32:38.494Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-44372
Vulnerability from cvelistv5
Published
2023-11-16 09:52
Modified
2025-02-13 17:13
Severity ?
EPSS score ?
Summary
TALOS-2023-1842 - Adobe Acrobat Reader U3D page event use-after-free vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:07:33.063Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1842"
},
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-44372",
"options": [
{
"Exploitation": "None"
},
{
"Automatable": "No"
},
{
"Technical Impact": "Total"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-11-16T13:58:44.812291Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-07T18:43:17.871Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.006.20360",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-11-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-23T19:06:12.471Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1842"
},
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "TALOS-2023-1842 - Adobe Acrobat Reader U3D page event use-after-free vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-44372",
"datePublished": "2023-11-16T09:52:42.757Z",
"dateReserved": "2023-09-28T16:25:40.455Z",
"dateUpdated": "2025-02-13T17:13:39.789Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-38244
Vulnerability from cvelistv5
Published
2023-08-10 13:17
Modified
2025-02-27 21:04
Severity ?
EPSS score ?
Summary
ZDI-CAN-21371: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-30.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:14.189Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38244",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T21:50:23.980797Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-27T21:04:18.065Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.003.20244",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-08-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-10T13:17:32.153Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21371: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-38244",
"datePublished": "2023-08-10T13:17:32.153Z",
"dateReserved": "2023-07-13T16:21:52.617Z",
"dateUpdated": "2025-02-27T21:04:18.065Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-21028
Vulnerability from cvelistv5
Published
2021-02-11 19:42
Modified
2024-09-17 03:58
Severity ?
EPSS score ?
Summary
Acrobat Reader DC Use-After-Free Vulnerability Could Lead To Arbitrary Code Execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-09.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:01:12.620Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.013.20074",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30018",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30188",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-11T19:42:20",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader DC Use-After-Free Vulnerability Could Lead To Arbitrary Code Execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21028",
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC Use-After-Free Vulnerability Could Lead To Arbitrary Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.013.20074"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30018"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30188"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-21028",
"datePublished": "2021-02-11T19:42:20.960110Z",
"dateReserved": "2020-12-18T00:00:00",
"dateUpdated": "2024-09-17T03:58:50.050Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-26423
Vulnerability from cvelistv5
Published
2023-04-12 00:00
Modified
2025-03-05 19:05
Severity ?
EPSS score ?
Summary
ZDI-CAN-20160: Adobe Acrobat Reader DC AcroForm insertItemAt Use-After-Free Remote Code Execution Vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:46:24.592Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-24.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26423",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:39:22.566791Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:05:13.653Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.001.20093",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30441",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-04-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-12T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-24.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-20160: Adobe Acrobat Reader DC AcroForm insertItemAt Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-26423",
"datePublished": "2023-04-12T00:00:00.000Z",
"dateReserved": "2023-02-22T00:00:00.000Z",
"dateUpdated": "2025-03-05T19:05:13.653Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-39843
Vulnerability from cvelistv5
Published
2021-09-29 15:38
Modified
2024-09-17 01:51
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader XObject Out-of-Bound Write Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-55.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:20:33.302Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "DC 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.0-Classic 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.0-Classic 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-29T15:38:10",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader XObject Out-of-Bound Write Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-09-14T23:00:00.000Z",
"ID": "CVE-2021-39843",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader XObject Out-of-Bound Write Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "DC 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "20.0-Classic 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "17.0-Classic 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-39843",
"datePublished": "2021-09-29T15:38:10.810718Z",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-09-17T01:51:52.957Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-35985
Vulnerability from cvelistv5
Published
2021-08-20 18:10
Modified
2024-09-16 16:12
Severity ?
EPSS score ?
Summary
Adobe Acrobat Pro DC PDFLibTool Null Pointer Dereference Bug
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-51.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:47:42.583Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.004.30005",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30197",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.005.20054",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-07-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "NULL Pointer Dereference (CWE-476)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-20T18:10:06",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Pro DC PDFLibTool Null Pointer Dereference Bug",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-07-13T23:00:00.000Z",
"ID": "CVE-2021-35985",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Pro DC PDFLibTool Null Pointer Dereference Bug"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.004.30005"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30197"
},
{
"version_affected": "\u003c=",
"version_value": "2021.005.20054"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NULL Pointer Dereference (CWE-476)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-35985",
"datePublished": "2021-08-20T18:10:06.536155Z",
"dateReserved": "2021-06-30T00:00:00",
"dateUpdated": "2024-09-16T16:12:43.766Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-39840
Vulnerability from cvelistv5
Published
2021-09-29 15:37
Modified
2024-09-16 20:12
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC AcroForm Field Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-55.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:20:33.379Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "DC 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.0-Classic 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.0-Classic 2021 July",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability when processing AcroForms that could result in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-29T15:37:54",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC AcroForm Field Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-09-14T23:00:00.000Z",
"ID": "CVE-2021-39840",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC AcroForm Field Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "DC 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "20.0-Classic 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "17.0-Classic 2021 July"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability when processing AcroForms that could result in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-39840",
"datePublished": "2021-09-29T15:37:54.224782Z",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-09-16T20:12:05.250Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28265
Vulnerability from cvelistv5
Published
2022-05-11 17:56
Modified
2024-09-16 16:38
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.884Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:56:23",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28265",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28265",
"datePublished": "2022-05-11T17:56:23.876551Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-16T16:38:29.086Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30306
Vulnerability from cvelistv5
Published
2024-05-02 21:04
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
ZDI-CAN-23106: Adobe Acrobat Reader DC AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-07.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:-:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30306",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-03T19:43:23.250477Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:39:28.619Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.119Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-02-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-02T21:04:43.601Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-23106: Adobe Acrobat Reader DC AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-30306",
"datePublished": "2024-05-02T21:04:43.601Z",
"dateReserved": "2024-03-26T16:04:09.507Z",
"dateUpdated": "2024-08-02T01:32:07.119Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-44358
Vulnerability from cvelistv5
Published
2023-11-16 09:52
Modified
2024-08-02 20:07
Severity ?
EPSS score ?
Summary
ZDI-CAN-21971: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:07:32.684Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.006.20360",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-11-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T15:56:36.116Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21971: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-44358",
"datePublished": "2023-11-16T09:52:49.043Z",
"dateReserved": "2023-09-28T16:25:40.453Z",
"dateUpdated": "2024-08-02T20:07:32.684Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20733
Vulnerability from cvelistv5
Published
2024-02-15 12:18
Modified
2025-04-24 15:14
Severity ?
EPSS score ?
Summary
[ZS-VR-23-360] Adobe Acrobat Reader Parsing OTF font Denial-of-Service Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-07.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:-:*:*:*:pro:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:-:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:2020:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30539",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:2020:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30539",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20733",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-15T16:58:53.265566Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-24T15:14:51.762Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:59:42.875Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-02-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an Improper Input Validation vulnerability that could lead to an application denial-of-service. An attacker could leverage this vulnerability to cause the application to crash, resulting in a denial of service. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "NONE",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "Improper Input Validation (CWE-20)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-15T12:18:40.707Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "[ZS-VR-23-360] Adobe Acrobat Reader Parsing OTF font Denial-of-Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-20733",
"datePublished": "2024-02-15T12:18:40.707Z",
"dateReserved": "2023-12-04T16:52:22.970Z",
"dateUpdated": "2025-04-24T15:14:51.762Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28837
Vulnerability from cvelistv5
Published
2022-05-11 17:59
Modified
2024-09-16 18:08
Severity ?
EPSS score ?
Summary
Adobe Acrobat Pro DC Doc buttonSetIcon Use-After-Free Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:03:53.093Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Acrobat Pro DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:59:57",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Pro DC Doc buttonSetIcon Use-After-Free Information Disclosure Vulnerability",
"x_ConverterErrors": {
"DATE_PUBLIC": {
"error": "v4 DATE_PUBLIC is invalid",
"message": "(\u0027Unknown string format:\u0027, \u0027NoneT23:00:00.000Z\u0027)"
}
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "NoneT23:00:00.000Z",
"ID": "CVE-2022-28837",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Pro DC Doc buttonSetIcon Use-After-Free Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Pro DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28837",
"datePublished": "2022-05-11T17:59:57.468192Z",
"dateReserved": "2022-04-08T00:00:00",
"dateUpdated": "2024-09-16T18:08:20.458Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-21038
Vulnerability from cvelistv5
Published
2021-02-11 19:42
Modified
2024-09-17 01:56
Severity ?
EPSS score ?
Summary
Acrobat Reader DC Out-Of-Bounds Write Vulnerability Could Lead To Arbitrary Code Execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-09.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:01:12.623Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.013.20074",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2020.001.30018",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30188",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Write vulnerability when parsing a crafted jpeg file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-11T19:42:21",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader DC Out-Of-Bounds Write Vulnerability Could Lead To Arbitrary Code Execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-02-09T23:00:00.000Z",
"ID": "CVE-2021-21038",
"STATE": "PUBLIC",
"TITLE": "Acrobat Reader DC Out-Of-Bounds Write Vulnerability Could Lead To Arbitrary Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.013.20074"
},
{
"version_affected": "\u003c=",
"version_value": "2020.001.30018"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30188"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Write vulnerability when parsing a crafted jpeg file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "None",
"attackVector": "None",
"availabilityImpact": "None",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "None",
"userInteraction": "None",
"vectorString": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-09.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-21038",
"datePublished": "2021-02-11T19:42:21.154321Z",
"dateReserved": "2020-12-18T00:00:00",
"dateUpdated": "2024-09-17T01:56:36.211Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-39856
Vulnerability from cvelistv5
Published
2021-09-29 15:39
Modified
2024-09-16 19:56
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC NTLMv2 SSO Information Disclosure via LoadFile
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-55.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:20:33.366Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.004.30006",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30199",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.005.20060",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC ActiveX Control versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issue requires user interaction in that a victim must visit an attacker controlled web page."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Information Exposure (CWE-200)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-29T15:39:35",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC NTLMv2 SSO Information Disclosure via LoadFile",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-09-14T23:00:00.000Z",
"ID": "CVE-2021-39856",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC NTLMv2 SSO Information Disclosure via LoadFile"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.004.30006"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30199"
},
{
"version_affected": "\u003c=",
"version_value": "2021.005.20060"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC ActiveX Control versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issue requires user interaction in that a victim must visit an attacker controlled web page."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Exposure (CWE-200)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-39856",
"datePublished": "2021-09-29T15:39:35.480555Z",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-09-16T19:56:39.808Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-21604
Vulnerability from cvelistv5
Published
2023-01-18 00:00
Modified
2025-03-05 19:33
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader Stack-based Buffer Overflow Arbitrary code execution
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:44:01.465Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-21604",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:44:51.787382Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:33:33.158Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30418",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.003.20282",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "22.003.20281",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-01-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow (CWE-121)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-18T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader Stack-based Buffer Overflow Arbitrary code execution"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-21604",
"datePublished": "2023-01-18T00:00:00.000Z",
"dateReserved": "2022-12-01T00:00:00.000Z",
"dateUpdated": "2025-03-05T19:33:33.158Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-38243
Vulnerability from cvelistv5
Published
2023-08-10 13:17
Modified
2025-02-27 21:05
Severity ?
EPSS score ?
Summary
ZDI-CAN-21252: Adobe Acrobat Reader DC JBIG2 File Parsing Use-After-Free Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-30.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:14.304Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38243",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T21:50:34.606981Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-27T21:05:17.993Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.003.20244",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-08-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by a Use-After-Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-10T13:17:23.685Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21252: Adobe Acrobat Reader DC JBIG2 File Parsing Use-After-Free Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-38243",
"datePublished": "2023-08-10T13:17:23.685Z",
"dateReserved": "2023-07-13T16:21:52.616Z",
"dateUpdated": "2025-02-27T21:05:17.993Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-34222
Vulnerability from cvelistv5
Published
2022-07-15 15:34
Modified
2025-04-23 18:01
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC query Out-Of-Bounds Read Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-32.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T08:16:17.335Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-34222",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:07:32.785760Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T18:01:18.262Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20142",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30334",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30229",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-07-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-15T15:34:11.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC query Out-Of-Bounds Read Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-07-12T23:00:00.000Z",
"ID": "CVE-2022-34222",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC query Out-Of-Bounds Read Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20142"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.30334"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30229"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-34222",
"datePublished": "2022-07-15T15:34:11.327Z",
"dateReserved": "2022-06-21T00:00:00.000Z",
"dateUpdated": "2025-04-23T18:01:18.262Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-40731
Vulnerability from cvelistv5
Published
2021-10-15 14:22
Modified
2025-04-23 19:24
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-104.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:51:07.073Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-104.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-40731",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:16:12.364307Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T19:24:53.617Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "21.007.20095",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "21.007.20096",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.004.30015",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.011.30202",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-10-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 21.007.20096 (and earlier), 20.004.30015 (and earlier), and 17.011.30202 (and earlier) is affected by an out-of-bounds write vulnerability when parsing a crafted JPEG2000 file, which could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-15T14:22:22.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-104.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-10-12T23:00:00.000Z",
"ID": "CVE-2021-40731",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "21.007.20095"
},
{
"version_affected": "\u003c=",
"version_value": "21.007.20096"
},
{
"version_affected": "\u003c=",
"version_value": "20.004.30015"
},
{
"version_affected": "\u003c=",
"version_value": "17.011.30202"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 21.007.20096 (and earlier), 20.004.30015 (and earlier), and 17.011.30202 (and earlier) is affected by an out-of-bounds write vulnerability when parsing a crafted JPEG2000 file, which could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write (CWE-787)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-104.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-104.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-40731",
"datePublished": "2021-10-15T14:22:22.034Z",
"dateReserved": "2021-09-08T00:00:00.000Z",
"dateUpdated": "2025-04-23T19:24:53.617Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-28550
Vulnerability from cvelistv5
Published
2021-09-02 16:07
Modified
2025-02-04 18:24
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader use after free vulnerability could lead to arbitrary code execution
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:47:32.615Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-28550",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T18:17:32.968582Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2021-11-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2021-28550"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T18:24:24.112Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.001.30020",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.001.20150",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30194",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-05-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-28T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader use after free vulnerability could lead to arbitrary code execution"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-28550",
"datePublished": "2021-09-02T16:07:20.687Z",
"dateReserved": "2021-03-16T00:00:00.000Z",
"dateUpdated": "2025-02-04T18:24:24.112Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-38230
Vulnerability from cvelistv5
Published
2023-08-10 13:17
Modified
2025-02-27 21:04
Severity ?
EPSS score ?
Summary
ZDI-CAN-21318: Adobe Acrobat Reader DC Font Parsing Use-After-Free Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-30.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:14.127Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38230",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T21:50:31.959619Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-27T21:04:52.655Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.003.20244",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-08-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by a Use-After-Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-10T13:17:27.345Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-30.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21318: Adobe Acrobat Reader DC Font Parsing Use-After-Free Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-38230",
"datePublished": "2023-08-10T13:17:27.345Z",
"dateReserved": "2023-07-13T16:21:52.615Z",
"dateUpdated": "2025-02-27T21:04:52.655Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-44520
Vulnerability from cvelistv5
Published
2024-12-18 23:27
Modified
2024-12-20 17:41
Severity ?
EPSS score ?
Summary
Acrobat Reader | Use After Free (CWE-416)
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-44520",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-20T16:59:41.854279Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-20T17:41:59.530Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2022-04-12T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-18T23:27:47.809Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader | Use After Free (CWE-416)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-44520",
"datePublished": "2024-12-18T23:27:47.809Z",
"dateReserved": "2022-10-31T16:22:11.211Z",
"dateUpdated": "2024-12-20T17:41:59.530Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-35668
Vulnerability from cvelistv5
Published
2022-08-11 14:44
Modified
2025-04-23 17:52
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader Improper Input Validation Memory leak
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-39.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:36:44.424Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-39.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-35668",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:05:27.811496Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T17:52:09.987Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20169",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30362",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30249",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-08-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 22.001.20169 (and earlier), 20.005.30362 (and earlier) and 17.012.30249 (and earlier) are affected by an Improper Input Validation vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "Improper Input Validation (CWE-20)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-11T14:44:40.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-39.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader Improper Input Validation Memory leak",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-08-09T23:00:00.000Z",
"ID": "CVE-2022-35668",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader Improper Input Validation Memory leak"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20169"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.30362"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30249"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 22.001.20169 (and earlier), 20.005.30362 (and earlier) and 17.012.30249 (and earlier) are affected by an Improper Input Validation vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Input Validation (CWE-20)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-39.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-39.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-35668",
"datePublished": "2022-08-11T14:44:40.972Z",
"dateReserved": "2022-07-12T00:00:00.000Z",
"dateUpdated": "2025-04-23T17:52:09.987Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-44336
Vulnerability from cvelistv5
Published
2023-11-16 09:52
Modified
2024-08-02 20:07
Severity ?
EPSS score ?
Summary
TALOS-2023-1794 - Adobe Acrobat Reader Thermometer use-after-free vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:07:32.154Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.006.20360",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-11-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-16T09:52:46.907Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "TALOS-2023-1794 - Adobe Acrobat Reader Thermometer use-after-free vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-44336",
"datePublished": "2023-11-16T09:52:46.907Z",
"dateReserved": "2023-09-28T16:25:40.449Z",
"dateUpdated": "2024-08-02T20:07:32.154Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-44741
Vulnerability from cvelistv5
Published
2022-01-14 19:05
Modified
2024-09-16 17:59
Severity ?
EPSS score ?
Summary
Adobe Acrobat Pro DC NULL Pointer Dereference could lead to Application-denial-of-service
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-01.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:32:12.247Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "21.007.20099",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.004.30017",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.011.30204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "NULL Pointer Dereference (CWE-476)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-14T19:05:13",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Pro DC NULL Pointer Dereference could lead to Application-denial-of-service",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-01-11T23:00:00.000Z",
"ID": "CVE-2021-44741",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Pro DC NULL Pointer Dereference could lead to Application-denial-of-service"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "21.007.20099"
},
{
"version_affected": "\u003c=",
"version_value": "20.004.30017"
},
{
"version_affected": "\u003c=",
"version_value": "17.011.30204"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "Low",
"baseScore": 3.3,
"baseSeverity": "Low",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NULL Pointer Dereference (CWE-476)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-44741",
"datePublished": "2022-01-14T19:05:13.480639Z",
"dateReserved": "2021-12-08T00:00:00",
"dateUpdated": "2024-09-16T17:59:06.884Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-26417
Vulnerability from cvelistv5
Published
2023-04-12 00:00
Modified
2025-03-05 19:05
Severity ?
EPSS score ?
Summary
ZDI-CAN-20583: Adobe Acrobat Reader DC Popup Use-After-Free Remote Code Execution Vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:46:24.546Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-24.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26417",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:39:40.629228Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:05:59.115Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.001.20093",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30441",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-04-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-12T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-24.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-20583: Adobe Acrobat Reader DC Popup Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-26417",
"datePublished": "2023-04-12T00:00:00.000Z",
"dateReserved": "2023-02-22T00:00:00.000Z",
"dateUpdated": "2025-03-05T19:05:59.115Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20749
Vulnerability from cvelistv5
Published
2024-02-15 12:18
Modified
2025-02-13 17:32
Severity ?
EPSS score ?
Summary
TALOS-2023-1910 - Adobe Acrobat Reader Font CharStrings CharStringsOffset out-of-bounds read vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20749",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-15T19:45:05.392106Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:21:29.786Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:59:42.911Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1910"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-02-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-15T12:20:21.237Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1910"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "TALOS-2023-1910 - Adobe Acrobat Reader Font CharStrings CharStringsOffset out-of-bounds read vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-20749",
"datePublished": "2024-02-15T12:18:36.759Z",
"dateReserved": "2023-12-04T16:52:22.975Z",
"dateUpdated": "2025-02-13T17:32:39.672Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-35982
Vulnerability from cvelistv5
Published
2021-09-29 15:36
Modified
2024-09-16 19:30
Severity ?
EPSS score ?
Summary
Adobe Reader DC Windows Installer Uncontrolled Search Path element could lead to Arbitrary Code Execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-55.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:47:43.212Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.004.30006",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30199",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.005.20060",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an Uncontrolled Search Path Element vulnerability. A local attacker with non-administrative privileges can plant a malicious DLL to achieve arbitrary code execution in the context of the current user via DLL hijacking. Exploitation of this issue requires user interaction."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "Uncontrolled Search Path Element (CWE-427)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-28T21:51:46",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Reader DC Windows Installer Uncontrolled Search Path element could lead to Arbitrary Code Execution",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-09-14T23:00:00.000Z",
"ID": "CVE-2021-35982",
"STATE": "PUBLIC",
"TITLE": "Adobe Reader DC Windows Installer Uncontrolled Search Path element could lead to Arbitrary Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.004.30006"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30199"
},
{
"version_affected": "\u003c=",
"version_value": "2021.005.20060"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an Uncontrolled Search Path Element vulnerability. A local attacker with non-administrative privileges can plant a malicious DLL to achieve arbitrary code execution in the context of the current user via DLL hijacking. Exploitation of this issue requires user interaction."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.3,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Uncontrolled Search Path Element (CWE-427)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-35982",
"datePublished": "2021-09-29T15:36:38.931877Z",
"dateReserved": "2021-06-30T00:00:00",
"dateUpdated": "2024-09-16T19:30:38.219Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28233
Vulnerability from cvelistv5
Published
2022-05-11 17:28
Modified
2024-09-17 01:21
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.656Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "22.001.20085",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.3031x",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.012.30205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T17:28:57",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-04-12T23:00:00.000Z",
"ID": "CVE-2022-28233",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "22.001.20085"
},
{
"version_affected": "\u003c=",
"version_value": "20.005.3031x"
},
{
"version_affected": "\u003c=",
"version_value": "17.012.30205"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-16.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2022-28233",
"datePublished": "2022-05-11T17:28:57.938788Z",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-09-17T01:21:16.592Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-41869
Vulnerability from cvelistv5
Published
2024-09-13 08:58
Modified
2024-09-13 13:43
Severity ?
EPSS score ?
Summary
Acrobat Reader | Use After Free (CWE-416)
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-70.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.003.20054",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.21005",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30159",
"status": "affected",
"version": "24.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30159",
"status": "affected",
"version": "24.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "20.005.30655",
"status": "affected",
"version": "20.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30636",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30635",
"status": "affected",
"version": "20.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20991",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30635",
"status": "affected",
"version": "20.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:macos:*:*",
"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.21005",
"status": "affected",
"version": "20.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "24.003.20054",
"status": "affected",
"version": "20.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-41869",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-13T13:33:36.953019Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T13:43:45.222Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "24.003.20054",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-09-10T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 24.002.21005, 24.001.30159, 20.005.30655, 24.003.20054 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T08:58:58.898Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-70.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader | Use After Free (CWE-416)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-41869",
"datePublished": "2024-09-13T08:58:58.898Z",
"dateReserved": "2024-07-22T17:16:40.942Z",
"dateUpdated": "2024-09-13T13:43:45.222Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30304
Vulnerability from cvelistv5
Published
2024-05-02 21:04
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
ZDI-CAN-23040: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-07.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:-:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30304",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-03T19:24:22.982674Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:38:57.590Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.288Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.008.20470",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-02-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-02T21:04:42.880Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-23040: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-30304",
"datePublished": "2024-05-02T21:04:42.880Z",
"dateReserved": "2024-03-26T16:04:09.507Z",
"dateUpdated": "2024-08-02T01:32:07.288Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-39846
Vulnerability from cvelistv5
Published
2021-09-29 15:38
Modified
2024-09-16 16:43
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader /Parent Property Recursive Stack Overflow
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-55.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:20:33.675Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.004.30006",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30199",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.005.20060",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a stack overflow vulnerability due to insecure handling of a crafted PDF file, potentially resulting in memory corruption in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted PDF file in Acrobat Reader."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow (CWE-121)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-29T15:38:41",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader /Parent Property Recursive Stack Overflow",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-09-14T23:00:00.000Z",
"ID": "CVE-2021-39846",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader /Parent Property Recursive Stack Overflow"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.004.30006"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30199"
},
{
"version_affected": "\u003c=",
"version_value": "2021.005.20060"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a stack overflow vulnerability due to insecure handling of a crafted PDF file, potentially resulting in memory corruption in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted PDF file in Acrobat Reader."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stack-based Buffer Overflow (CWE-121)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-55.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-39846",
"datePublished": "2021-09-29T15:38:41.508610Z",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-09-16T16:43:42.729Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-39423
Vulnerability from cvelistv5
Published
2024-08-14 15:07
Modified
2024-08-15 03:55
Severity ?
EPSS score ?
Summary
ZDI-CAN-24182: New Vulnerability Report - Adobe Acrobat Reader DC AcroForm Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-57.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20991",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20964",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "20.005.30636",
"status": "affected",
"version": "20.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "20.005.30635",
"status": "affected",
"version": "20.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30636",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30635",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20964",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20991",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39423",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-14T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-15T03:55:54.569Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-08-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T15:07:29.540Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-24182: New Vulnerability Report - Adobe Acrobat Reader DC AcroForm Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-39423",
"datePublished": "2024-08-14T15:07:29.540Z",
"dateReserved": "2024-06-24T20:32:06.595Z",
"dateUpdated": "2024-08-15T03:55:54.569Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-35984
Vulnerability from cvelistv5
Published
2021-08-20 18:10
Modified
2024-09-16 17:18
Severity ?
EPSS score ?
Summary
Adobe Acrobat Pro DC PDFLibTool Null Pointer Dereference Bug
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-51.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:47:43.397Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.004.30005",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30197",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.005.20054",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-07-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by a Null pointer dereference vulnerability. An authenticated attacker could leverage this vulnerability achieve an application denial-of-service in the context of the current user. Exploitation of this issue does not requires user interaction."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "NULL Pointer Dereference (CWE-476)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-20T18:10:10",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Pro DC PDFLibTool Null Pointer Dereference Bug",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-07-13T23:00:00.000Z",
"ID": "CVE-2021-35984",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Pro DC PDFLibTool Null Pointer Dereference Bug"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.004.30005"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30197"
},
{
"version_affected": "\u003c=",
"version_value": "2021.005.20054"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by a Null pointer dereference vulnerability. An authenticated attacker could leverage this vulnerability achieve an application denial-of-service in the context of the current user. Exploitation of this issue does not requires user interaction."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NULL Pointer Dereference (CWE-476)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-51.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-35984",
"datePublished": "2021-08-20T18:10:10.113685Z",
"dateReserved": "2021-06-30T00:00:00",
"dateUpdated": "2024-09-16T17:18:20.212Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30310
Vulnerability from cvelistv5
Published
2024-05-15 10:00
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
ZDI-CAN-23327: Adobe Acrobat Reader DC PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-29.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:-:*:*:*:pro:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:-:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:2020:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30574",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:2020:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30574",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30310",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-15T13:03:24.833301Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:39:26.263Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.070Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-05-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-15T10:00:06.290Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-23327: Adobe Acrobat Reader DC PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-30310",
"datePublished": "2024-05-15T10:00:06.290Z",
"dateReserved": "2024-03-26T16:04:09.507Z",
"dateUpdated": "2024-08-02T01:32:07.070Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-34096
Vulnerability from cvelistv5
Published
2024-05-15 10:00
Modified
2024-08-02 02:42
Severity ?
EPSS score ?
Summary
ZDI-CAN-23472: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-29.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:-:*:*:*:pro:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:-:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:2020:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30574",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:2020:*:*:*:classic:*:*:*"
],
"defaultStatus": "unknown",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30574",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34096",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-15T12:52:31.228166Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:41:26.902Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:42:59.884Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20736",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-05-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-15T10:00:10.936Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-29.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-23472: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-34096",
"datePublished": "2024-05-15T10:00:10.936Z",
"dateReserved": "2024-04-30T19:50:50.898Z",
"dateUpdated": "2024-08-02T02:42:59.884Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-49530
Vulnerability from cvelistv5
Published
2024-12-10 19:54
Modified
2025-01-16 17:34
Severity ?
EPSS score ?
Summary
Acrobat Reader | Use After Free (CWE-416)
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-92.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-49530",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-16T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-17T04:55:19.994Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30710",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-12-10T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 24.005.20307, 24.001.30213, 24.001.30193, 20.005.30730, 20.005.30710 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-16T17:34:53.959Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-92.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Acrobat Reader | Use After Free (CWE-416)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-49530",
"datePublished": "2024-12-10T19:54:07.437Z",
"dateReserved": "2024-10-15T15:35:47.030Z",
"dateUpdated": "2025-01-16T17:34:53.959Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-45064
Vulnerability from cvelistv5
Published
2022-01-14 19:05
Modified
2024-09-16 22:31
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb22-01.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:32:13.642Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "21.007.20099",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.004.30017",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.011.30204",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free (CWE-416)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-14T19:05:23",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2022-01-11T23:00:00.000Z",
"ID": "CVE-2021-45064",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "21.007.20099"
},
{
"version_affected": "\u003c=",
"version_value": "20.004.30017"
},
{
"version_affected": "\u003c=",
"version_value": "17.011.30204"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free (CWE-416)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-01.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-45064",
"datePublished": "2022-01-14T19:05:23.583002Z",
"dateReserved": "2021-12-14T00:00:00",
"dateUpdated": "2024-09-16T22:31:00.956Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-28565
Vulnerability from cvelistv5
Published
2021-09-02 16:08
Modified
2024-09-17 02:27
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader out-of-bounds read could lead to information exposure
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-29.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:47:32.878Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2020.001.30020",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2021.001.20150",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "2017.011.30194",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-05-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by an Out-of-bounds Read vulnerability in the PDFLibTool component. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-02T16:08:18",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader out-of-bounds read could lead to information exposure",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-05-11T23:00:00.000Z",
"ID": "CVE-2021-28565",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader out-of-bounds read could lead to information exposure"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020.001.30020"
},
{
"version_affected": "\u003c=",
"version_value": "2021.001.20150"
},
{
"version_affected": "\u003c=",
"version_value": "2017.011.30194"
},
{
"version_affected": "\u003c=",
"version_value": "None"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by an Out-of-bounds Read vulnerability in the PDFLibTool component. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "None",
"baseScore": 4.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-29.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-28565",
"datePublished": "2021-09-02T16:08:18.813398Z",
"dateReserved": "2021-03-16T00:00:00",
"dateUpdated": "2024-09-17T02:27:57.076Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-40729
Vulnerability from cvelistv5
Published
2021-10-15 14:21
Modified
2025-04-23 19:25
Severity ?
EPSS score ?
Summary
Adobe Acrobat Reader DC PDF Out-of-Bound Read Vulnerability Information Disclosure
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb21-104.html | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:51:07.374Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-104.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-40729",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:10:28.806301Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T19:25:12.137Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "21.007.20095",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "21.007.20096",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.004.30015",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.011.30202",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-10-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 21.007.20096 (and earlier), 20.004.30015 (and earlier), and 17.011.30202 (and earlier) is affected by a out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious PDF file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-15T14:21:49.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-104.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Acrobat Reader DC PDF Out-of-Bound Read Vulnerability Information Disclosure",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2021-10-12T23:00:00.000Z",
"ID": "CVE-2021-40729",
"STATE": "PUBLIC",
"TITLE": "Adobe Acrobat Reader DC PDF Out-of-Bound Read Vulnerability Information Disclosure"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "21.007.20095"
},
{
"version_affected": "\u003c=",
"version_value": "21.007.20096"
},
{
"version_affected": "\u003c=",
"version_value": "20.004.30015"
},
{
"version_affected": "\u003c=",
"version_value": "17.011.30202"
}
]
}
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 21.007.20096 (and earlier), 20.004.30015 (and earlier), and 17.011.30202 (and earlier) is affected by a out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious PDF file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "None",
"baseScore": 3.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read (CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb21-104.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb21-104.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2021-40729",
"datePublished": "2021-10-15T14:21:49.516Z",
"dateReserved": "2021-09-08T00:00:00.000Z",
"dateUpdated": "2025-04-23T19:25:12.137Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-41833
Vulnerability from cvelistv5
Published
2024-08-14 15:07
Modified
2024-08-14 15:57
Severity ?
EPSS score ?
Summary
ZDI-CAN-24310: Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb24-57.html | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20991",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20964",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "20.005.30636",
"status": "affected",
"version": "20.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "20.005.30635",
"status": "affected",
"version": "20.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30636",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "20.005.30635",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:macos:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20964",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:windows:*:*"
],
"defaultStatus": "affected",
"product": "acrobat_reader_dc",
"vendor": "adobe",
"versions": [
{
"lessThanOrEqual": "24.002.20991",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-41833",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-14T15:54:11.549497Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T15:57:17.085Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "24.001.30123",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-08-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T15:07:22.880Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-24310: Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-41833",
"datePublished": "2024-08-14T15:07:22.880Z",
"dateReserved": "2024-07-22T17:16:40.933Z",
"dateUpdated": "2024-08-14T15:57:17.085Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-26405
Vulnerability from cvelistv5
Published
2023-04-12 00:00
Modified
2025-03-05 19:06
Severity ?
EPSS score ?
Summary
ZDI-CAN-20712: Object Prototype pollution which leads to API Restrictions Bypass
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:46:24.684Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-24.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26405",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:39:56.481675Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:06:25.155Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.001.20093",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.005.30441",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-04-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "Improper Input Validation (CWE-20)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-12T00:00:00.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-24.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-20712: Object Prototype pollution which leads to API Restrictions Bypass"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-26405",
"datePublished": "2023-04-12T00:00:00.000Z",
"dateReserved": "2023-02-22T00:00:00.000Z",
"dateUpdated": "2025-03-05T19:06:25.155Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-44365
Vulnerability from cvelistv5
Published
2023-11-16 09:52
Modified
2024-12-18 18:12
Severity ?
EPSS score ?
Summary
ZDI-CAN-21931: Adobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe | Acrobat Reader |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:07:33.418Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-44365",
"options": [
{
"Exploitation": "None"
},
{
"Automatable": "No"
},
{
"Technical Impact": "Total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-18T18:11:54.307695Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-18T18:12:08.294Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Acrobat Reader",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.006.20360",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-11-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "NOT_DEFINED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-824",
"description": "Access of Uninitialized Pointer (CWE-824)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-16T09:52:46.150Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ZDI-CAN-21931: Adobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2023-44365",
"datePublished": "2023-11-16T09:52:46.150Z",
"dateReserved": "2023-09-28T16:25:40.454Z",
"dateUpdated": "2024-12-18T18:12:08.294Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}